/*
- * Copyright (c) 2008, 2009, 2010 Nicira Networks.
+ * Copyright (c) 2008, 2009, 2010, 2011 Nicira, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <stdbool.h>
-#ifdef HAVE_OPENSSL
bool stream_ssl_is_configured(void);
-
void stream_ssl_set_private_key_file(const char *file_name);
void stream_ssl_set_certificate_file(const char *file_name);
void stream_ssl_set_ca_cert_file(const char *file_name, bool bootstrap);
-
+void stream_ssl_set_peer_ca_cert_file(const char *file_name);
void stream_ssl_set_key_and_cert(const char *private_key_file,
const char *certificate_file);
+void stream_ssl_set_protocols(const char *arg);
+void stream_ssl_set_ciphers(const char *arg);
+#define SSL_OPTION_ENUMS \
+ OPT_SSL_PROTOCOLS, \
+ OPT_SSL_CIPHERS
-void stream_ssl_set_peer_ca_cert_file(const char *file_name);
-
-/* Define the long options for SSL support.
- *
- * Note that the definition includes a final comma, and therefore a comma
- * must not be supplied when using the definition. This is done so that
- * compilation succeeds whether or not HAVE_OPENSSL is defined. */
-#define STREAM_SSL_LONG_OPTIONS \
- {"private-key", required_argument, 0, 'p'}, \
- {"certificate", required_argument, 0, 'c'}, \
- {"ca-cert", required_argument, 0, 'C'},
+#define STREAM_SSL_LONG_OPTIONS \
+ {"private-key", required_argument, NULL, 'p'}, \
+ {"certificate", required_argument, NULL, 'c'}, \
+ {"ca-cert", required_argument, NULL, 'C'}, \
+ {"ssl-protocols", required_argument, NULL, OPT_SSL_PROTOCOLS}, \
+ {"ssl-ciphers", required_argument, NULL, OPT_SSL_CIPHERS}
#define STREAM_SSL_OPTION_HANDLERS \
case 'p': \
\
case 'C': \
stream_ssl_set_ca_cert_file(optarg, false); \
+ break; \
+ \
+ case OPT_SSL_PROTOCOLS: \
+ stream_ssl_set_protocols(optarg); \
+ break; \
+ \
+ case OPT_SSL_CIPHERS: \
+ stream_ssl_set_ciphers(optarg); \
break;
-#else /* !HAVE_OPENSSL */
-static inline bool stream_ssl_is_configured(void)
-{
- return false;
-}
-#define STREAM_SSL_LONG_OPTIONS
-#define STREAM_SSL_OPTION_HANDLERS
-#endif /* !HAVE_OPENSSL */
+
+#define STREAM_SSL_CASES \
+ case 'p': case 'c': case 'C': case OPT_SSL_PROTOCOLS: case OPT_SSL_CIPHERS:
#endif /* stream-ssl.h */