From aea7759f1240b1e97684273b9369472695173a66 Mon Sep 17 00:00:00 2001 From: Jeff Darcy Date: Tue, 17 Jul 2012 10:50:43 -0400 Subject: rpc-transport/socket: Add SSL support. Based on OpenSSL. Key/certificate management is still manual. Enabling SSL also enables multi-threading, though multi-threading can be forced on or off using a separate option. Change-Id: Icd9f256bb2fd8c6266a7abefdff16936b4f8922d BUG: 764731 Signed-off-by: Jeff Darcy Reviewed-on: http://review.gluster.com/362 Tested-by: Gluster Build System Reviewed-by: Anand Avati --- rpc/rpc-transport/socket/src/socket.h | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) (limited to 'rpc/rpc-transport/socket/src/socket.h') diff --git a/rpc/rpc-transport/socket/src/socket.h b/rpc/rpc-transport/socket/src/socket.h index 0304f1db1..0a407cc1a 100644 --- a/rpc/rpc-transport/socket/src/socket.h +++ b/rpc/rpc-transport/socket/src/socket.h @@ -11,6 +11,8 @@ #ifndef _SOCKET_H #define _SOCKET_H +#include +#include #ifndef _CONFIG_H #define _CONFIG_H @@ -144,7 +146,8 @@ typedef struct { typedef struct { int32_t sock; int32_t idx; - unsigned char connected; // -1 = not connected. 0 = in progress. 1 = connected + /* -1 = not connected. 0 = in progress. 1 = connected */ + char connected; char bio; char connect_finish_log; char submit_log; @@ -195,6 +198,20 @@ typedef struct { int keepaliveintvl; uint32_t backlog; gf_boolean_t read_fail_log; + gf_boolean_t ssl_enabled; + gf_boolean_t use_ssl; + SSL_METHOD *ssl_meth; + SSL_CTX *ssl_ctx; + int ssl_session_id; + BIO *ssl_sbio; + SSL *ssl_ssl; + char *ssl_own_cert; + char *ssl_private_key; + char *ssl_ca_list; + pthread_t thread; + int pipe[2]; + gf_boolean_t own_thread; + volatile int socket_gen; } socket_private_t; -- cgit