MySQL  8.0.27
Source Code Documentation
ssl_init_callback.cc File Reference
#include <mysql/components/services/log_builtins.h>
#include <mysqld_error.h>
#include <sql/auth/auth_common.h>
#include <sql/mysqld.h>
#include <sql/options_mysqld.h>
#include <sql/sql_initialize.h>
#include <sql/ssl_init_callback.h>
#include <sql/sys_vars.h>
#include <sql/sys_vars_shared.h>

Functions

std::atomic_bool g_admin_ssl_configured (false)
 
std::string mysql_main_channel ("mysql_main")
 
std::string mysql_admin_channel ("mysql_admin")
 
static bool warn_self_signed_ca_certs (const char *ssl_ca, const char *ssl_capath)
 

Variables

static const char * opt_ssl_ca = nullptr
 SSL context options. More...
 
static const char * opt_ssl_key = nullptr
 
static const char * opt_ssl_cert = nullptr
 
static char * opt_ssl_capath = nullptr
 
static char * opt_ssl_cipher = nullptr
 
static char * opt_tls_ciphersuites = nullptr
 
static char * opt_ssl_crl = nullptr
 
static char * opt_ssl_crlpath = nullptr
 
static char * opt_tls_version = nullptr
 
static PolyLock_mutex lock_ssl_ctx & LOCK_tls_ctx_options
 
static const char * opt_admin_ssl_ca = nullptr
 
static const char * opt_admin_ssl_key = nullptr
 
static const char * opt_admin_ssl_cert = nullptr
 
static const char * opt_admin_ssl_capath = nullptr
 
static const char * opt_admin_ssl_cipher = nullptr
 
static const char * opt_admin_tls_ciphersuites = nullptr
 
static const char * opt_admin_ssl_crl = nullptr
 
static const char * opt_admin_ssl_crlpath = nullptr
 
static const char * opt_admin_tls_version = nullptr
 
static PolyLock_mutex lock_admin_ssl_ctx & LOCK_admin_tls_ctx_options
 
static Sys_var_charptr Sys_ssl_ca ("ssl_ca", "CA file in PEM format (check OpenSSL docs, implies --ssl)", PERSIST_AS_READONLY GLOBAL_VAR(opt_ssl_ca), CMD_LINE(REQUIRED_ARG, OPT_SSL_CA), IN_FS_CHARSET, DEFAULT(nullptr), &lock_ssl_ctx)
 
static Sys_var_charptr Sys_ssl_capath ("ssl_capath", "CA directory (check OpenSSL docs, implies --ssl)", PERSIST_AS_READONLY GLOBAL_VAR(opt_ssl_capath), CMD_LINE(REQUIRED_ARG, OPT_SSL_CAPATH), IN_FS_CHARSET, DEFAULT(nullptr), &lock_ssl_ctx)
 
static Sys_var_charptr Sys_tls_version ("tls_version", "TLS version, permitted values are TLSv1, TLSv1.1, TLSv1.2, TLSv1.3", PERSIST_AS_READONLY GLOBAL_VAR(opt_tls_version), CMD_LINE(REQUIRED_ARG, OPT_TLS_VERSION), IN_FS_CHARSET, "TLSv1,TLSv1.1,TLSv1.2", &lock_ssl_ctx)
 
static Sys_var_charptr Sys_ssl_cert ("ssl_cert", "X509 cert in PEM format (implies --ssl)", PERSIST_AS_READONLY GLOBAL_VAR(opt_ssl_cert), CMD_LINE(REQUIRED_ARG, OPT_SSL_CERT), IN_FS_CHARSET, DEFAULT(nullptr), &lock_ssl_ctx)
 
static Sys_var_charptr Sys_ssl_cipher ("ssl_cipher", "SSL cipher to use (implies --ssl)", PERSIST_AS_READONLY GLOBAL_VAR(opt_ssl_cipher), CMD_LINE(REQUIRED_ARG, OPT_SSL_CIPHER), IN_FS_CHARSET, DEFAULT(nullptr), &lock_ssl_ctx)
 
static Sys_var_charptr Sys_tls_ciphersuites ("tls_ciphersuites", "TLS v1.3 ciphersuite to use (implies --ssl)", PERSIST_AS_READONLY GLOBAL_VAR(opt_tls_ciphersuites), CMD_LINE(REQUIRED_ARG, OPT_TLS_CIPHERSUITES), IN_FS_CHARSET, DEFAULT(nullptr), &lock_ssl_ctx)
 
static Sys_var_charptr Sys_ssl_key ("ssl_key", "X509 key in PEM format (implies --ssl)", PERSIST_AS_READONLY GLOBAL_VAR(opt_ssl_key), CMD_LINE(REQUIRED_ARG, OPT_SSL_KEY), IN_FS_CHARSET, DEFAULT(nullptr), &lock_ssl_ctx)
 
static Sys_var_charptr Sys_ssl_crl ("ssl_crl", "CRL file in PEM format (check OpenSSL docs, implies --ssl)", PERSIST_AS_READONLY GLOBAL_VAR(opt_ssl_crl), CMD_LINE(REQUIRED_ARG, OPT_SSL_CRL), IN_FS_CHARSET, DEFAULT(nullptr), &lock_ssl_ctx)
 
static Sys_var_charptr Sys_ssl_crlpath ("ssl_crlpath", "CRL directory (check OpenSSL docs, implies --ssl)", PERSIST_AS_READONLY GLOBAL_VAR(opt_ssl_crlpath), CMD_LINE(REQUIRED_ARG, OPT_SSL_CRLPATH), IN_FS_CHARSET, DEFAULT(nullptr), &lock_ssl_ctx)
 
static Sys_var_charptr Sys_admin_ssl_ca ("admin_ssl_ca", "CA file in PEM format (check OpenSSL docs, implies --ssl) for " "--admin-port", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_ssl_ca), CMD_LINE(REQUIRED_ARG, OPT_SSL_CA), IN_FS_CHARSET, DEFAULT(nullptr), &lock_admin_ssl_ctx)
 
static Sys_var_charptr Sys_admin_ssl_capath ("admin_ssl_capath", "CA directory (check OpenSSL docs, implies --ssl) for --admin-port", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_ssl_capath), CMD_LINE(REQUIRED_ARG, OPT_SSL_CAPATH), IN_FS_CHARSET, DEFAULT(nullptr), &lock_admin_ssl_ctx)
 
static Sys_var_charptr Sys_admin_tls_version ("admin_tls_version", "TLS version for --admin-port, permitted values are TLSv1, TLSv1.1, " "TLSv1.2, TLSv1.3", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_tls_version), CMD_LINE(REQUIRED_ARG, OPT_TLS_VERSION), IN_FS_CHARSET, "TLSv1,TLSv1.1,TLSv1.2", &lock_admin_ssl_ctx)
 
static Sys_var_charptr Sys_admin_ssl_cert ("admin_ssl_cert", "X509 cert in PEM format (implies --ssl) for --admin-port", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_ssl_cert), CMD_LINE(REQUIRED_ARG, OPT_SSL_CERT), IN_FS_CHARSET, DEFAULT(nullptr), &lock_admin_ssl_ctx)
 
static Sys_var_charptr Sys_admin_ssl_cipher ("admin_ssl_cipher", "SSL cipher to use (implies --ssl) for --admin-port", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_ssl_cipher), CMD_LINE(REQUIRED_ARG, OPT_SSL_CIPHER), IN_FS_CHARSET, DEFAULT(nullptr), &lock_admin_ssl_ctx)
 
static Sys_var_charptr Sys_admin_tls_ciphersuites ("admin_tls_ciphersuites", "TLS v1.3 ciphersuite to use (implies --ssl) for --admin-port", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_tls_ciphersuites), CMD_LINE(REQUIRED_ARG, OPT_TLS_CIPHERSUITES), IN_FS_CHARSET, DEFAULT(nullptr), &lock_admin_ssl_ctx)
 
static Sys_var_charptr Sys_admin_ssl_key ("admin_ssl_key", "X509 key in PEM format (implies --ssl) for --admin-port", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_ssl_key), CMD_LINE(REQUIRED_ARG, OPT_SSL_KEY), IN_FS_CHARSET, DEFAULT(nullptr), &lock_admin_ssl_ctx)
 
static Sys_var_charptr Sys_admin_ssl_crl ("admin_ssl_crl", "CRL file in PEM format (check OpenSSL docs, implies --ssl) for " "--admin-port", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_ssl_crl), CMD_LINE(REQUIRED_ARG, OPT_SSL_CRL), IN_FS_CHARSET, DEFAULT(nullptr), &lock_admin_ssl_ctx)
 
static Sys_var_charptr Sys_admin_ssl_crlpath ("admin_ssl_crlpath", "CRL directory (check OpenSSL docs, implies --ssl) for --admin-port", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_ssl_crlpath), CMD_LINE(REQUIRED_ARG, OPT_SSL_CRLPATH), IN_FS_CHARSET, DEFAULT(nullptr), &lock_admin_ssl_ctx)
 
Ssl_init_callback_server_main server_main_callback
 
Ssl_init_callback_server_admin server_admin_callback
 

Function Documentation

◆ g_admin_ssl_configured()

std::atomic_bool g_admin_ssl_configured ( false  )

◆ mysql_admin_channel()

std::string mysql_admin_channel ( "mysql_admin"  )

◆ mysql_main_channel()

std::string mysql_main_channel ( "mysql_main"  )

◆ warn_self_signed_ca_certs()

static bool warn_self_signed_ca_certs ( const char *  ssl_ca,
const char *  ssl_capath 
)
static

Variable Documentation

◆ LOCK_admin_tls_ctx_options

PolyLock_mutex lock_admin_ssl_ctx& LOCK_admin_tls_ctx_options
static

◆ LOCK_tls_ctx_options

PolyLock_mutex lock_ssl_ctx& LOCK_tls_ctx_options
static

◆ opt_admin_ssl_ca

const char* opt_admin_ssl_ca = nullptr
static

◆ opt_admin_ssl_capath

const char* opt_admin_ssl_capath = nullptr
static

◆ opt_admin_ssl_cert

const char* opt_admin_ssl_cert = nullptr
static

◆ opt_admin_ssl_cipher

const char* opt_admin_ssl_cipher = nullptr
static

◆ opt_admin_ssl_crl

const char* opt_admin_ssl_crl = nullptr
static

◆ opt_admin_ssl_crlpath

const char* opt_admin_ssl_crlpath = nullptr
static

◆ opt_admin_ssl_key

const char* opt_admin_ssl_key = nullptr
static

◆ opt_admin_tls_ciphersuites

const char* opt_admin_tls_ciphersuites = nullptr
static

◆ opt_admin_tls_version

const char* opt_admin_tls_version = nullptr
static

◆ opt_ssl_ca

const char* opt_ssl_ca = nullptr
static

SSL context options.

◆ opt_ssl_capath

char* opt_ssl_capath = nullptr
static

◆ opt_ssl_cert

const char* opt_ssl_cert = nullptr
static

◆ opt_ssl_cipher

char* opt_ssl_cipher = nullptr
static

◆ opt_ssl_crl

char* opt_ssl_crl = nullptr
static

◆ opt_ssl_crlpath

char* opt_ssl_crlpath = nullptr
static

◆ opt_ssl_key

const char* opt_ssl_key = nullptr
static

◆ opt_tls_ciphersuites

char* opt_tls_ciphersuites = nullptr
static

◆ opt_tls_version

char* opt_tls_version = nullptr
static

◆ server_admin_callback

Ssl_init_callback_server_admin server_admin_callback

◆ server_main_callback

Ssl_init_callback_server_main server_main_callback

◆ Sys_admin_ssl_ca

Sys_var_charptr Sys_admin_ssl_ca("admin_ssl_ca", "CA file in PEM format (check OpenSSL docs, implies --ssl) for " "--admin-port", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_ssl_ca), CMD_LINE(REQUIRED_ARG, OPT_SSL_CA), IN_FS_CHARSET, DEFAULT(nullptr), &lock_admin_ssl_ctx) ( "admin_ssl_ca"  ,
"CA file in PEM format (check OpenSSL docs, implies --ssl) for " "--admin-port ,
PERSIST_AS_READONLY   GLOBAL_VARopt_admin_ssl_ca,
CMD_LINE(REQUIRED_ARG, OPT_SSL_CA ,
IN_FS_CHARSET  ,
DEFAULT(nullptr ,
lock_admin_ssl_ctx 
)
static

◆ Sys_admin_ssl_capath

Sys_var_charptr Sys_admin_ssl_capath("admin_ssl_capath", "CA directory (check OpenSSL docs, implies --ssl) for --admin-port", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_ssl_capath), CMD_LINE(REQUIRED_ARG, OPT_SSL_CAPATH), IN_FS_CHARSET, DEFAULT(nullptr), &lock_admin_ssl_ctx) ( "admin_ssl_capath"  ,
"CA directory (check OpenSSL docs, implies --ssl) for --admin-port ,
PERSIST_AS_READONLY   GLOBAL_VARopt_admin_ssl_capath,
CMD_LINE(REQUIRED_ARG, OPT_SSL_CAPATH ,
IN_FS_CHARSET  ,
DEFAULT(nullptr ,
lock_admin_ssl_ctx 
)
static

◆ Sys_admin_ssl_cert

Sys_var_charptr Sys_admin_ssl_cert("admin_ssl_cert", "X509 cert in PEM format (implies --ssl) for --admin-port", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_ssl_cert), CMD_LINE(REQUIRED_ARG, OPT_SSL_CERT), IN_FS_CHARSET, DEFAULT(nullptr), &lock_admin_ssl_ctx) ( "admin_ssl_cert"  ,
"X509 cert in PEM format (implies --ssl) for --admin-port ,
PERSIST_AS_READONLY   GLOBAL_VARopt_admin_ssl_cert,
CMD_LINE(REQUIRED_ARG, OPT_SSL_CERT ,
IN_FS_CHARSET  ,
DEFAULT(nullptr ,
lock_admin_ssl_ctx 
)
static

◆ Sys_admin_ssl_cipher

Sys_var_charptr Sys_admin_ssl_cipher("admin_ssl_cipher", "SSL cipher to use (implies --ssl) for --admin-port", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_ssl_cipher), CMD_LINE(REQUIRED_ARG, OPT_SSL_CIPHER), IN_FS_CHARSET, DEFAULT(nullptr), &lock_admin_ssl_ctx) ( "admin_ssl_cipher"  ,
"SSL cipher to use (implies --ssl) for --admin-port ,
PERSIST_AS_READONLY   GLOBAL_VARopt_admin_ssl_cipher,
CMD_LINE(REQUIRED_ARG, OPT_SSL_CIPHER ,
IN_FS_CHARSET  ,
DEFAULT(nullptr ,
lock_admin_ssl_ctx 
)
static

◆ Sys_admin_ssl_crl

Sys_var_charptr Sys_admin_ssl_crl("admin_ssl_crl", "CRL file in PEM format (check OpenSSL docs, implies --ssl) for " "--admin-port", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_ssl_crl), CMD_LINE(REQUIRED_ARG, OPT_SSL_CRL), IN_FS_CHARSET, DEFAULT(nullptr), &lock_admin_ssl_ctx) ( "admin_ssl_crl"  ,
"CRL file in PEM format (check OpenSSL docs, implies --ssl) for " "--admin-port ,
PERSIST_AS_READONLY   GLOBAL_VARopt_admin_ssl_crl,
CMD_LINE(REQUIRED_ARG, OPT_SSL_CRL ,
IN_FS_CHARSET  ,
DEFAULT(nullptr ,
lock_admin_ssl_ctx 
)
static

◆ Sys_admin_ssl_crlpath

Sys_var_charptr Sys_admin_ssl_crlpath("admin_ssl_crlpath", "CRL directory (check OpenSSL docs, implies --ssl) for --admin-port", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_ssl_crlpath), CMD_LINE(REQUIRED_ARG, OPT_SSL_CRLPATH), IN_FS_CHARSET, DEFAULT(nullptr), &lock_admin_ssl_ctx) ( "admin_ssl_crlpath"  ,
"CRL directory (check OpenSSL docs, implies --ssl) for --admin-port ,
PERSIST_AS_READONLY   GLOBAL_VARopt_admin_ssl_crlpath,
CMD_LINE(REQUIRED_ARG, OPT_SSL_CRLPATH ,
IN_FS_CHARSET  ,
DEFAULT(nullptr ,
lock_admin_ssl_ctx 
)
static

◆ Sys_admin_ssl_key

Sys_var_charptr Sys_admin_ssl_key("admin_ssl_key", "X509 key in PEM format (implies --ssl) for --admin-port", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_ssl_key), CMD_LINE(REQUIRED_ARG, OPT_SSL_KEY), IN_FS_CHARSET, DEFAULT(nullptr), &lock_admin_ssl_ctx) ( "admin_ssl_key"  ,
"X509 key in PEM format (implies --ssl) for --admin-port ,
PERSIST_AS_READONLY   GLOBAL_VARopt_admin_ssl_key,
CMD_LINE(REQUIRED_ARG, OPT_SSL_KEY ,
IN_FS_CHARSET  ,
DEFAULT(nullptr ,
lock_admin_ssl_ctx 
)
static

◆ Sys_admin_tls_ciphersuites

Sys_var_charptr Sys_admin_tls_ciphersuites("admin_tls_ciphersuites", "TLS v1.3 ciphersuite to use (implies --ssl) for --admin-port", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_tls_ciphersuites), CMD_LINE(REQUIRED_ARG, OPT_TLS_CIPHERSUITES), IN_FS_CHARSET, DEFAULT(nullptr), &lock_admin_ssl_ctx) ( "admin_tls_ciphersuites"  ,
"TLS v1.3 ciphersuite to use (implies --ssl) for --admin-port ,
PERSIST_AS_READONLY   GLOBAL_VARopt_admin_tls_ciphersuites,
CMD_LINE(REQUIRED_ARG, OPT_TLS_CIPHERSUITES ,
IN_FS_CHARSET  ,
DEFAULT(nullptr ,
lock_admin_ssl_ctx 
)
static

◆ Sys_admin_tls_version

Sys_var_charptr Sys_admin_tls_version("admin_tls_version", "TLS version for --admin-port, permitted values are TLSv1, TLSv1.1, " "TLSv1.2, TLSv1.3", PERSIST_AS_READONLY GLOBAL_VAR(opt_admin_tls_version), CMD_LINE(REQUIRED_ARG, OPT_TLS_VERSION), IN_FS_CHARSET, "TLSv1,TLSv1.1,TLSv1.2", &lock_admin_ssl_ctx) ( "admin_tls_version"  ,
"TLS version for --admin-  port,
permitted values are  TLSv1,
TLSv1.  1,
" "TLSv1.  2,
TLSv1.3"  ,
PERSIST_AS_READONLY   GLOBAL_VARopt_admin_tls_version,
CMD_LINE(REQUIRED_ARG, OPT_TLS_VERSION ,
IN_FS_CHARSET  ,
TLSv1,
TLSv1.  1,
TLSv1.2"  ,
lock_admin_ssl_ctx 
)
static

◆ Sys_ssl_ca

Sys_var_charptr Sys_ssl_ca("ssl_ca", "CA file in PEM format (check OpenSSL docs, implies --ssl)", PERSIST_AS_READONLY GLOBAL_VAR(opt_ssl_ca), CMD_LINE(REQUIRED_ARG, OPT_SSL_CA), IN_FS_CHARSET, DEFAULT(nullptr), &lock_ssl_ctx) ( "ssl_ca"  ,
"CA file in PEM format (check OpenSSL docs, implies --ssl)"  ,
PERSIST_AS_READONLY   GLOBAL_VARopt_ssl_ca,
CMD_LINE(REQUIRED_ARG, OPT_SSL_CA ,
IN_FS_CHARSET  ,
DEFAULT(nullptr ,
lock_ssl_ctx 
)
static

◆ Sys_ssl_capath

Sys_var_charptr Sys_ssl_capath("ssl_capath", "CA directory (check OpenSSL docs, implies --ssl)", PERSIST_AS_READONLY GLOBAL_VAR(opt_ssl_capath), CMD_LINE(REQUIRED_ARG, OPT_SSL_CAPATH), IN_FS_CHARSET, DEFAULT(nullptr), &lock_ssl_ctx) ( "ssl_capath"  ,
"CA directory (check OpenSSL docs, implies --ssl)"  ,
PERSIST_AS_READONLY   GLOBAL_VARopt_ssl_capath,
CMD_LINE(REQUIRED_ARG, OPT_SSL_CAPATH ,
IN_FS_CHARSET  ,
DEFAULT(nullptr ,
lock_ssl_ctx 
)
static

◆ Sys_ssl_cert

Sys_var_charptr Sys_ssl_cert("ssl_cert", "X509 cert in PEM format (implies --ssl)", PERSIST_AS_READONLY GLOBAL_VAR(opt_ssl_cert), CMD_LINE(REQUIRED_ARG, OPT_SSL_CERT), IN_FS_CHARSET, DEFAULT(nullptr), &lock_ssl_ctx) ( "ssl_cert"  ,
"X509 cert in PEM format (implies --ssl)"  ,
PERSIST_AS_READONLY   GLOBAL_VARopt_ssl_cert,
CMD_LINE(REQUIRED_ARG, OPT_SSL_CERT ,
IN_FS_CHARSET  ,
DEFAULT(nullptr ,
lock_ssl_ctx 
)
static

◆ Sys_ssl_cipher

Sys_var_charptr Sys_ssl_cipher("ssl_cipher", "SSL cipher to use (implies --ssl)", PERSIST_AS_READONLY GLOBAL_VAR(opt_ssl_cipher), CMD_LINE(REQUIRED_ARG, OPT_SSL_CIPHER), IN_FS_CHARSET, DEFAULT(nullptr), &lock_ssl_ctx) ( "ssl_cipher"  ,
"SSL cipher to use (implies --ssl)"  ,
PERSIST_AS_READONLY   GLOBAL_VARopt_ssl_cipher,
CMD_LINE(REQUIRED_ARG, OPT_SSL_CIPHER ,
IN_FS_CHARSET  ,
DEFAULT(nullptr ,
lock_ssl_ctx 
)
static

◆ Sys_ssl_crl

Sys_var_charptr Sys_ssl_crl("ssl_crl", "CRL file in PEM format (check OpenSSL docs, implies --ssl)", PERSIST_AS_READONLY GLOBAL_VAR(opt_ssl_crl), CMD_LINE(REQUIRED_ARG, OPT_SSL_CRL), IN_FS_CHARSET, DEFAULT(nullptr), &lock_ssl_ctx) ( "ssl_crl"  ,
"CRL file in PEM format (check OpenSSL docs, implies --ssl)"  ,
PERSIST_AS_READONLY   GLOBAL_VARopt_ssl_crl,
CMD_LINE(REQUIRED_ARG, OPT_SSL_CRL ,
IN_FS_CHARSET  ,
DEFAULT(nullptr ,
lock_ssl_ctx 
)
static

◆ Sys_ssl_crlpath

Sys_var_charptr Sys_ssl_crlpath("ssl_crlpath", "CRL directory (check OpenSSL docs, implies --ssl)", PERSIST_AS_READONLY GLOBAL_VAR(opt_ssl_crlpath), CMD_LINE(REQUIRED_ARG, OPT_SSL_CRLPATH), IN_FS_CHARSET, DEFAULT(nullptr), &lock_ssl_ctx) ( "ssl_crlpath"  ,
"CRL directory (check OpenSSL docs, implies --ssl)"  ,
PERSIST_AS_READONLY   GLOBAL_VARopt_ssl_crlpath,
CMD_LINE(REQUIRED_ARG, OPT_SSL_CRLPATH ,
IN_FS_CHARSET  ,
DEFAULT(nullptr ,
lock_ssl_ctx 
)
static

◆ Sys_ssl_key

Sys_var_charptr Sys_ssl_key("ssl_key", "X509 key in PEM format (implies --ssl)", PERSIST_AS_READONLY GLOBAL_VAR(opt_ssl_key), CMD_LINE(REQUIRED_ARG, OPT_SSL_KEY), IN_FS_CHARSET, DEFAULT(nullptr), &lock_ssl_ctx) ( "ssl_key"  ,
"X509 key in PEM format (implies --ssl)"  ,
PERSIST_AS_READONLY   GLOBAL_VARopt_ssl_key,
CMD_LINE(REQUIRED_ARG, OPT_SSL_KEY ,
IN_FS_CHARSET  ,
DEFAULT(nullptr ,
lock_ssl_ctx 
)
static

◆ Sys_tls_ciphersuites

Sys_var_charptr Sys_tls_ciphersuites("tls_ciphersuites", "TLS v1.3 ciphersuite to use (implies --ssl)", PERSIST_AS_READONLY GLOBAL_VAR(opt_tls_ciphersuites), CMD_LINE(REQUIRED_ARG, OPT_TLS_CIPHERSUITES), IN_FS_CHARSET, DEFAULT(nullptr), &lock_ssl_ctx) ( "tls_ciphersuites"  ,
"TLS v1.3 ciphersuite to use (implies --ssl)"  ,
PERSIST_AS_READONLY   GLOBAL_VARopt_tls_ciphersuites,
CMD_LINE(REQUIRED_ARG, OPT_TLS_CIPHERSUITES ,
IN_FS_CHARSET  ,
DEFAULT(nullptr ,
lock_ssl_ctx 
)
static

◆ Sys_tls_version

Sys_var_charptr Sys_tls_version("tls_version", "TLS version, permitted values are TLSv1, TLSv1.1, TLSv1.2, TLSv1.3", PERSIST_AS_READONLY GLOBAL_VAR(opt_tls_version), CMD_LINE(REQUIRED_ARG, OPT_TLS_VERSION), IN_FS_CHARSET, "TLSv1,TLSv1.1,TLSv1.2", &lock_ssl_ctx) ( "tls_version"  ,
"TLS  version,
permitted values are  TLSv1,
TLSv1.  1,
TLSv1.  2,
TLSv1.3"  ,
PERSIST_AS_READONLY   GLOBAL_VARopt_tls_version,
CMD_LINE(REQUIRED_ARG, OPT_TLS_VERSION ,
IN_FS_CHARSET  ,
TLSv1,
TLSv1.  1,
TLSv1.2"  ,
lock_ssl_ctx 
)
static