MySQL  8.0.28
Source Code Documentation
sslopt-longopts.h
Go to the documentation of this file.
1 /* Copyright (c) 2000, 2021, Oracle and/or its affiliates.
2 
3  This program is free software; you can redistribute it and/or modify
4  it under the terms of the GNU General Public License, version 2.0,
5  as published by the Free Software Foundation.
6 
7  This program is also distributed with certain software (including
8  but not limited to OpenSSL) that is licensed under separate terms,
9  as designated in a particular file or component or in included license
10  documentation. The authors of MySQL hereby grant you an additional
11  permission to link the program and your derivative works with the
12  separately licensed software that they have included with MySQL.
13 
14  This program is distributed in the hope that it will be useful,
15  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  GNU General Public License, version 2.0, for more details.
18 
19  You should have received a copy of the GNU General Public License
20  along with this program; if not, write to the Free Software
21  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
22 
23 /**
24  @file include/sslopt-longopts.h
25 */
26 
27 #ifndef MYSQL_SERVER
28 {"ssl-mode",
29  OPT_SSL_MODE,
30  "SSL connection mode.",
31  nullptr,
32  nullptr,
33  nullptr,
34  GET_STR,
35  REQUIRED_ARG,
36  0,
37  0,
38  0,
39  nullptr,
40  0,
41  nullptr},
42 #else
43 {"ssl",
44  OPT_SSL_SSL,
45  "If set to ON, this option enforces that SSL is established before client "
46  "attempts to authenticate to the server. To disable client SSL capabilities "
47  "use --ssl=OFF.",
48  &opt_use_ssl,
49  &opt_use_ssl,
50  0,
51  GET_BOOL,
52  OPT_ARG,
53  1,
54  0,
55  0,
56  0,
57  0,
58  0},
59 #endif
60  {"ssl-ca",
61  OPT_SSL_CA,
62  "CA file in PEM format.",
63  &opt_ssl_ca,
64  &opt_ssl_ca,
65  nullptr,
66  GET_STR,
67  REQUIRED_ARG,
68  0,
69  0,
70  0,
71  nullptr,
72  0,
73  nullptr},
74  {"ssl-capath",
75  OPT_SSL_CAPATH,
76  "CA directory.",
77  &opt_ssl_capath,
78  &opt_ssl_capath,
79  nullptr,
80  GET_STR,
81  REQUIRED_ARG,
82  0,
83  0,
84  0,
85  nullptr,
86  0,
87  nullptr},
88  {"ssl-cert",
89  OPT_SSL_CERT,
90  "X509 cert in PEM format.",
91  &opt_ssl_cert,
92  &opt_ssl_cert,
93  nullptr,
94  GET_STR,
95  REQUIRED_ARG,
96  0,
97  0,
98  0,
99  nullptr,
100  0,
101  nullptr},
102  {"ssl-cipher",
103  OPT_SSL_CIPHER,
104  "SSL cipher to use.",
105  &opt_ssl_cipher,
106  &opt_ssl_cipher,
107  nullptr,
108  GET_STR,
109  REQUIRED_ARG,
110  0,
111  0,
112  0,
113  nullptr,
114  0,
115  nullptr},
116  {"ssl-key",
117  OPT_SSL_KEY,
118  "X509 key in PEM format.",
119  &opt_ssl_key,
120  &opt_ssl_key,
121  nullptr,
122  GET_STR,
123  REQUIRED_ARG,
124  0,
125  0,
126  0,
127  nullptr,
128  0,
129  nullptr},
130  {"ssl-crl",
131  OPT_SSL_CRL,
132  "Certificate revocation list.",
133  &opt_ssl_crl,
134  &opt_ssl_crl,
135  nullptr,
136  GET_STR,
137  REQUIRED_ARG,
138  0,
139  0,
140  0,
141  nullptr,
142  0,
143  nullptr},
144  {"ssl-crlpath",
145  OPT_SSL_CRLPATH,
146  "Certificate revocation list path.",
147  &opt_ssl_crlpath,
148  &opt_ssl_crlpath,
149  nullptr,
150  GET_STR,
151  REQUIRED_ARG,
152  0,
153  0,
154  0,
155  nullptr,
156  0,
157  nullptr},
158  {"tls-version",
159  OPT_TLS_VERSION,
160  "TLS version to use, "
161 #ifdef HAVE_TLSv13
162  "permitted values are: TLSv1.2, TLSv1.3",
163 #else
164  "permitted values are: TLSv1.2",
165 #endif
166  &opt_tls_version,
167  &opt_tls_version,
168  nullptr,
169  GET_STR,
170  REQUIRED_ARG,
171  0,
172  0,
173  0,
174  nullptr,
175  0,
176  nullptr},
177  {"ssl-fips-mode",
178  OPT_SSL_FIPS_MODE,
179  "SSL FIPS mode (applies only for OpenSSL); "
180  "permitted values are: OFF, ON, STRICT",
181  nullptr,
182  nullptr,
183  nullptr,
184  GET_STR,
185  REQUIRED_ARG,
186  0,
187  0,
188  0,
189  nullptr,
190  0,
191  nullptr},
192  {"tls-ciphersuites",
193  OPT_TLS_CIPHERSUITES,
194  "TLS v1.3 cipher to use.",
195  &opt_tls_ciphersuites,
196  &opt_tls_ciphersuites,
197  nullptr,
198  GET_STR,
199  REQUIRED_ARG,
200  0,
201  0,
202  0,
203  nullptr,
204  0,
205  nullptr},
OPT_SSL_CIPHER
@ OPT_SSL_CIPHER
Definition: client_priv.h:78
OPT_SSL_CRL
@ OPT_SSL_CRL
Definition: client_priv.h:159
OPT_SSL_CERT
@ OPT_SSL_CERT
Definition: client_priv.h:75
OPT_SSL_SSL
@ OPT_SSL_SSL
Definition: client_priv.h:73
OPT_TLS_CIPHERSUITES
@ OPT_TLS_CIPHERSUITES
Definition: client_priv.h:174
OPT_TLS_VERSION
@ OPT_TLS_VERSION
Definition: client_priv.h:170
OPT_SSL_CRLPATH
@ OPT_SSL_CRLPATH
Definition: client_priv.h:160
OPT_SSL_MODE
@ OPT_SSL_MODE
Definition: client_priv.h:171
OPT_SSL_CAPATH
@ OPT_SSL_CAPATH
Definition: client_priv.h:77
OPT_SSL_FIPS_MODE
@ OPT_SSL_FIPS_MODE
Definition: client_priv.h:173
OPT_SSL_KEY
@ OPT_SSL_KEY
Definition: client_priv.h:74
OPT_SSL_CA
@ OPT_SSL_CA
Definition: client_priv.h:76
OPT_ARG
@ OPT_ARG
Definition: my_getopt.h:78
REQUIRED_ARG
@ REQUIRED_ARG
Definition: my_getopt.h:78
GET_STR
#define GET_STR
Definition: my_getopt.h:49
GET_BOOL
#define GET_BOOL
Definition: my_getopt.h:42
opt_use_ssl
bool opt_use_ssl
Definition: mysqld.cc:1917
opt_ssl_cipher
static char * opt_ssl_cipher
Definition: sslopt-vars.h:65
opt_ssl_ca
static char * opt_ssl_ca
Definition: sslopt-vars.h:62
opt_tls_version
static char * opt_tls_version
Definition: sslopt-vars.h:70
opt_ssl_capath
static char * opt_ssl_capath
Definition: sslopt-vars.h:63
opt_ssl_crlpath
static char * opt_ssl_crlpath
Definition: sslopt-vars.h:69
opt_tls_ciphersuites
static char * opt_tls_ciphersuites
Definition: sslopt-vars.h:66
opt_ssl_cert
static char * opt_ssl_cert
Definition: sslopt-vars.h:64
opt_ssl_crl
static char * opt_ssl_crl
Definition: sslopt-vars.h:68
opt_ssl_key
static char * opt_ssl_key
Definition: sslopt-vars.h:67