MySQL 9.0.0
Source Code Documentation
sslopt-longopts.h
Go to the documentation of this file.
1/* Copyright (c) 2000, 2024, Oracle and/or its affiliates.
2
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License, version 2.0,
5 as published by the Free Software Foundation.
6
7 This program is designed to work with certain software (including
8 but not limited to OpenSSL) that is licensed under separate terms,
9 as designated in a particular file or component or in included license
10 documentation. The authors of MySQL hereby grant you an additional
11 permission to link the program and your derivative works with the
12 separately licensed software that they have either included with
13 the program or referenced in the documentation.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License, version 2.0, for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
23
24/**
25 @file include/sslopt-longopts.h
26*/
27
28{"ssl-mode",
29 OPT_SSL_MODE,
30 "SSL connection mode.",
31 nullptr,
32 nullptr,
33 nullptr,
34 GET_STR,
35 REQUIRED_ARG,
36 0,
37 0,
38 0,
39 nullptr,
40 0,
41 nullptr},
42 {"ssl-ca",
43 OPT_SSL_CA,
44 "CA file in PEM format.",
45 &opt_ssl_ca,
46 &opt_ssl_ca,
47 nullptr,
48 GET_STR,
49 REQUIRED_ARG,
50 0,
51 0,
52 0,
53 nullptr,
54 0,
55 nullptr},
56 {"ssl-capath",
57 OPT_SSL_CAPATH,
58 "CA directory.",
59 &opt_ssl_capath,
60 &opt_ssl_capath,
61 nullptr,
62 GET_STR,
63 REQUIRED_ARG,
64 0,
65 0,
66 0,
67 nullptr,
68 0,
69 nullptr},
70 {"ssl-cert",
71 OPT_SSL_CERT,
72 "X509 cert in PEM format.",
73 &opt_ssl_cert,
74 &opt_ssl_cert,
75 nullptr,
76 GET_STR,
77 REQUIRED_ARG,
78 0,
79 0,
80 0,
81 nullptr,
82 0,
83 nullptr},
84 {"ssl-cipher",
85 OPT_SSL_CIPHER,
86 "SSL cipher to use.",
87 &opt_ssl_cipher,
88 &opt_ssl_cipher,
89 nullptr,
90 GET_STR,
91 REQUIRED_ARG,
92 0,
93 0,
94 0,
95 nullptr,
96 0,
97 nullptr},
98 {"ssl-key",
99 OPT_SSL_KEY,
100 "X509 key in PEM format.",
101 &opt_ssl_key,
102 &opt_ssl_key,
103 nullptr,
104 GET_STR,
105 REQUIRED_ARG,
106 0,
107 0,
108 0,
109 nullptr,
110 0,
111 nullptr},
112 {"ssl-crl",
113 OPT_SSL_CRL,
114 "Certificate revocation list.",
115 &opt_ssl_crl,
116 &opt_ssl_crl,
117 nullptr,
118 GET_STR,
119 REQUIRED_ARG,
120 0,
121 0,
122 0,
123 nullptr,
124 0,
125 nullptr},
126 {"ssl-crlpath",
127 OPT_SSL_CRLPATH,
128 "Certificate revocation list path.",
129 &opt_ssl_crlpath,
130 &opt_ssl_crlpath,
131 nullptr,
132 GET_STR,
133 REQUIRED_ARG,
134 0,
135 0,
136 0,
137 nullptr,
138 0,
139 nullptr},
140 {"tls-version",
141 OPT_TLS_VERSION,
142 "TLS version to use, "
143#ifdef HAVE_TLSv13
144 "permitted values are: TLSv1.2, TLSv1.3",
145#else
146 "permitted values are: TLSv1.2",
147#endif
148 &opt_tls_version,
149 &opt_tls_version,
150 nullptr,
151 GET_STR,
152 REQUIRED_ARG,
153 0,
154 0,
155 0,
156 nullptr,
157 0,
158 nullptr},
159 {"ssl-fips-mode",
160 OPT_SSL_FIPS_MODE,
161 "SSL FIPS mode (applies only for OpenSSL); "
162 "permitted values are: OFF, ON, STRICT",
163 nullptr,
164 nullptr,
165 nullptr,
166 GET_STR,
167 REQUIRED_ARG,
168 0,
169 0,
170 0,
171 nullptr,
172 0,
173 nullptr},
174 {"tls-ciphersuites",
175 OPT_TLS_CIPHERSUITES,
176 "TLS v1.3 cipher to use.",
177 &opt_tls_ciphersuites,
178 &opt_tls_ciphersuites,
179 nullptr,
180 GET_STR,
181 REQUIRED_ARG,
182 0,
183 0,
184 0,
185 nullptr,
186 0,
187 nullptr},
188 {"ssl-session-data",
189 OPT_SSL_SESSION_DATA,
190 "Session data file to use to enable ssl session reuse",
191 &opt_ssl_session_data,
192 &opt_ssl_session_data,
193 nullptr,
194 GET_STR,
195 REQUIRED_ARG,
196 0,
197 0,
198 0,
199 nullptr,
200 0,
201 nullptr},
202 {"ssl-session-data-continue-on-failed-reuse",
203 OPT_SSL_SESSION_DATA_CONTINUE_ON_FAILED_REUSE,
204 "If set to ON, this option will allow connection to succeed even if "
205 "session data cannot be reused.",
206 &opt_ssl_session_data_continue_on_failed_reuse,
207 &opt_ssl_session_data_continue_on_failed_reuse,
208 nullptr,
209 GET_BOOL,
210 OPT_ARG,
211 0,
212 0,
213 0,
214 nullptr,
215 0,
216 nullptr},
217 {"tls-sni-servername",
218 OPT_TLS_SNI_SERVERNAME,
219 "The SNI server name to pass to server",
220 &opt_tls_sni_servername,
221 &opt_tls_sni_servername,
222 nullptr,
223 GET_STR,
224 REQUIRED_ARG,
225 0,
226 0,
227 0,
228 nullptr,
229 0,
230 nullptr},
OPT_TLS_SNI_SERVERNAME
@ OPT_TLS_SNI_SERVERNAME
Definition: client_priv.h:187
OPT_SSL_CIPHER
@ OPT_SSL_CIPHER
Definition: client_priv.h:78
OPT_SSL_CRL
@ OPT_SSL_CRL
Definition: client_priv.h:159
OPT_SSL_CERT
@ OPT_SSL_CERT
Definition: client_priv.h:75
OPT_TLS_CIPHERSUITES
@ OPT_TLS_CIPHERSUITES
Definition: client_priv.h:174
OPT_TLS_VERSION
@ OPT_TLS_VERSION
Definition: client_priv.h:170
OPT_SSL_SESSION_DATA
@ OPT_SSL_SESSION_DATA
Definition: client_priv.h:183
OPT_SSL_CRLPATH
@ OPT_SSL_CRLPATH
Definition: client_priv.h:160
OPT_SSL_MODE
@ OPT_SSL_MODE
Definition: client_priv.h:171
OPT_SSL_CAPATH
@ OPT_SSL_CAPATH
Definition: client_priv.h:77
OPT_SSL_FIPS_MODE
@ OPT_SSL_FIPS_MODE
Definition: client_priv.h:173
OPT_SSL_KEY
@ OPT_SSL_KEY
Definition: client_priv.h:74
OPT_SSL_CA
@ OPT_SSL_CA
Definition: client_priv.h:76
OPT_SSL_SESSION_DATA_CONTINUE_ON_FAILED_REUSE
@ OPT_SSL_SESSION_DATA_CONTINUE_ON_FAILED_REUSE
Definition: client_priv.h:184
OPT_ARG
@ OPT_ARG
Definition: my_getopt.h:81
REQUIRED_ARG
@ REQUIRED_ARG
Definition: my_getopt.h:81
GET_STR
#define GET_STR
Definition: my_getopt.h:52
GET_BOOL
#define GET_BOOL
Definition: my_getopt.h:45
opt_ssl_session_data
static char * opt_ssl_session_data
Definition: sslopt-vars.h:64
opt_ssl_session_data_continue_on_failed_reuse
static bool opt_ssl_session_data_continue_on_failed_reuse
Definition: sslopt-vars.h:65
opt_ssl_cipher
static char * opt_ssl_cipher
Definition: sslopt-vars.h:56
opt_ssl_ca
static char * opt_ssl_ca
Definition: sslopt-vars.h:53
opt_tls_version
static char * opt_tls_version
Definition: sslopt-vars.h:61
opt_ssl_capath
static char * opt_ssl_capath
Definition: sslopt-vars.h:54
opt_ssl_crlpath
static char * opt_ssl_crlpath
Definition: sslopt-vars.h:60
opt_tls_ciphersuites
static char * opt_tls_ciphersuites
Definition: sslopt-vars.h:57
opt_tls_sni_servername
static char * opt_tls_sni_servername
Definition: sslopt-vars.h:66
opt_ssl_cert
static char * opt_ssl_cert
Definition: sslopt-vars.h:55
opt_ssl_crl
static char * opt_ssl_crl
Definition: sslopt-vars.h:59
opt_ssl_key
static char * opt_ssl_key
Definition: sslopt-vars.h:58