MySQL  8.0.17
Source Code Documentation
sslopt-longopts.h
Go to the documentation of this file.
1 /* Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
2 
3  This program is free software; you can redistribute it and/or modify
4  it under the terms of the GNU General Public License, version 2.0,
5  as published by the Free Software Foundation.
6 
7  This program is also distributed with certain software (including
8  but not limited to OpenSSL) that is licensed under separate terms,
9  as designated in a particular file or component or in included license
10  documentation. The authors of MySQL hereby grant you an additional
11  permission to link the program and your derivative works with the
12  separately licensed software that they have included with MySQL.
13 
14  This program is distributed in the hope that it will be useful,
15  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  GNU General Public License, version 2.0, for more details.
18 
19  You should have received a copy of the GNU General Public License
20  along with this program; if not, write to the Free Software
21  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
22 
23 /**
24  @file include/sslopt-longopts.h
25 */
26 
27 #if defined(HAVE_OPENSSL)
28 #ifndef MYSQL_SERVER
29 {"ssl-mode",
31  "SSL connection mode.",
32  0,
33  0,
34  0,
35  GET_STR,
37  0,
38  0,
39  0,
40  0,
41  0,
42  0},
43 #else
44 {"ssl",
46  "If set to ON, this option enforces that SSL is established before client "
47  "attempts to authenticate to the server. To disable client SSL capabilities "
48  "use --ssl=OFF.",
49  &opt_use_ssl,
50  &opt_use_ssl,
51  0,
52  GET_BOOL,
53  OPT_ARG,
54  1,
55  0,
56  0,
57  0,
58  0,
59  0},
60 #endif
61  {"ssl-ca",
62  OPT_SSL_CA,
63  "CA file in PEM format.",
64  &opt_ssl_ca,
65  &opt_ssl_ca,
66  0,
67  GET_STR,
69  0,
70  0,
71  0,
72  0,
73  0,
74  0},
75  {"ssl-capath",
77  "CA directory.",
80  0,
81  GET_STR,
83  0,
84  0,
85  0,
86  0,
87  0,
88  0},
89  {"ssl-cert",
91  "X509 cert in PEM format.",
92  &opt_ssl_cert,
93  &opt_ssl_cert,
94  0,
95  GET_STR,
97  0,
98  0,
99  0,
100  0,
101  0,
102  0},
103  {"ssl-cipher",
105  "SSL cipher to use.",
108  0,
109  GET_STR,
110  REQUIRED_ARG,
111  0,
112  0,
113  0,
114  0,
115  0,
116  0},
117  {"ssl-key",
118  OPT_SSL_KEY,
119  "X509 key in PEM format.",
120  &opt_ssl_key,
121  &opt_ssl_key,
122  0,
123  GET_STR,
124  REQUIRED_ARG,
125  0,
126  0,
127  0,
128  0,
129  0,
130  0},
131  {"ssl-crl",
132  OPT_SSL_CRL,
133  "Certificate revocation list.",
134  &opt_ssl_crl,
135  &opt_ssl_crl,
136  0,
137  GET_STR,
138  REQUIRED_ARG,
139  0,
140  0,
141  0,
142  0,
143  0,
144  0},
145  {"ssl-crlpath",
147  "Certificate revocation list path.",
150  0,
151  GET_STR,
152  REQUIRED_ARG,
153  0,
154  0,
155  0,
156  0,
157  0,
158  0},
159  {"tls-version",
161  "TLS version to use, "
162  "permitted values are: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3",
165  0,
166  GET_STR,
167  REQUIRED_ARG,
168  0,
169  0,
170  0,
171  0,
172  0,
173  0},
174  {"ssl-fips-mode",
176  "SSL FIPS mode (applies only for OpenSSL); "
177 #ifndef HAVE_WOLFSSL
178  "permitted values are: OFF, ON, STRICT",
179 #else
180  "permitted values are: OFF",
181 #endif
182  0,
183  0,
184  0,
185  GET_STR,
186  REQUIRED_ARG,
187  0,
188  0,
189  0,
190  0,
191  0,
192  0},
193  {"tls-ciphersuites",
195  "TLS v1.3 cipher to use.",
198  0,
199  GET_STR,
200  REQUIRED_ARG,
201  0,
202  0,
203  0,
204  0,
205  0,
206  0},
207 #endif /* HAVE_OPENSSL */
static char * opt_ssl_cipher
Definition: ssl_acceptor_context.cc:49
Definition: client_priv.h:159
static char * opt_ssl_crl
Definition: ssl_acceptor_context.cc:50
static char * opt_ssl_crlpath
Definition: ssl_acceptor_context.cc:51
Definition: client_priv.h:173
#define GET_STR
Definition: my_getopt.h:49
Definition: client_priv.h:74
static char * opt_tls_version
Definition: ssl_acceptor_context.cc:51
Definition: client_priv.h:73
Definition: client_priv.h:78
bool opt_use_ssl
Definition: mysqld.cc:1685
Definition: client_priv.h:77
Definition: client_priv.h:160
Definition: client_priv.h:174
static const char * opt_ssl_key
Definition: ssl_acceptor_context.cc:47
Definition: client_priv.h:75
static const char * opt_ssl_cert
Definition: ssl_acceptor_context.cc:48
Definition: my_getopt.h:78
Definition: client_priv.h:76
Definition: client_priv.h:170
static const char * opt_ssl_ca
SSL context options.
Definition: ssl_acceptor_context.cc:46
Definition: my_getopt.h:78
Definition: client_priv.h:171
static char * opt_ssl_capath
Definition: ssl_acceptor_context.cc:49
static char * opt_tls_ciphersuites
Definition: ssl_acceptor_context.cc:50
#define GET_BOOL
Definition: my_getopt.h:42