MySQL  8.0.16
Source Code Documentation
sslopt-longopts.h
Go to the documentation of this file.
1 /* Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
2 
3  This program is free software; you can redistribute it and/or modify
4  it under the terms of the GNU General Public License, version 2.0,
5  as published by the Free Software Foundation.
6 
7  This program is also distributed with certain software (including
8  but not limited to OpenSSL) that is licensed under separate terms,
9  as designated in a particular file or component or in included license
10  documentation. The authors of MySQL hereby grant you an additional
11  permission to link the program and your derivative works with the
12  separately licensed software that they have included with MySQL.
13 
14  This program is distributed in the hope that it will be useful,
15  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  GNU General Public License, version 2.0, for more details.
18 
19  You should have received a copy of the GNU General Public License
20  along with this program; if not, write to the Free Software
21  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
22 
23 /**
24  @file include/sslopt-longopts.h
25 */
26 
27 #if defined(HAVE_OPENSSL)
28 #ifndef MYSQL_SERVER
29 {"ssl-mode",
30  OPT_SSL_MODE,
31  "SSL connection mode.",
32  0,
33  0,
34  0,
35  GET_STR,
36  REQUIRED_ARG,
37  0,
38  0,
39  0,
40  0,
41  0,
42  0},
43 #else
44 {"ssl",
45  OPT_SSL_SSL,
46  "If set to ON, this option enforces that SSL is established before client "
47  "attempts to authenticate to the server. To disable client SSL capabilities "
48  "use --ssl=OFF.",
49  &opt_use_ssl,
50  &opt_use_ssl,
51  0,
52  GET_BOOL,
53  OPT_ARG,
54  1,
55  0,
56  0,
57  0,
58  0,
59  0},
60 #endif
61  {"ssl-ca",
62  OPT_SSL_CA,
63  "CA file in PEM format.",
64  &opt_ssl_ca,
65  &opt_ssl_ca,
66  0,
67  GET_STR,
68  REQUIRED_ARG,
69  0,
70  0,
71  0,
72  0,
73  0,
74  0},
75  {"ssl-capath",
76  OPT_SSL_CAPATH,
77  "CA directory.",
78  &opt_ssl_capath,
79  &opt_ssl_capath,
80  0,
81  GET_STR,
82  REQUIRED_ARG,
83  0,
84  0,
85  0,
86  0,
87  0,
88  0},
89  {"ssl-cert",
90  OPT_SSL_CERT,
91  "X509 cert in PEM format.",
92  &opt_ssl_cert,
93  &opt_ssl_cert,
94  0,
95  GET_STR,
96  REQUIRED_ARG,
97  0,
98  0,
99  0,
100  0,
101  0,
102  0},
103  {"ssl-cipher",
104  OPT_SSL_CIPHER,
105  "SSL cipher to use.",
106  &opt_ssl_cipher,
107  &opt_ssl_cipher,
108  0,
109  GET_STR,
110  REQUIRED_ARG,
111  0,
112  0,
113  0,
114  0,
115  0,
116  0},
117  {"ssl-key",
118  OPT_SSL_KEY,
119  "X509 key in PEM format.",
120  &opt_ssl_key,
121  &opt_ssl_key,
122  0,
123  GET_STR,
124  REQUIRED_ARG,
125  0,
126  0,
127  0,
128  0,
129  0,
130  0},
131  {"ssl-crl",
132  OPT_SSL_CRL,
133  "Certificate revocation list.",
134  &opt_ssl_crl,
135  &opt_ssl_crl,
136  0,
137  GET_STR,
138  REQUIRED_ARG,
139  0,
140  0,
141  0,
142  0,
143  0,
144  0},
145  {"ssl-crlpath",
146  OPT_SSL_CRLPATH,
147  "Certificate revocation list path.",
148  &opt_ssl_crlpath,
149  &opt_ssl_crlpath,
150  0,
151  GET_STR,
152  REQUIRED_ARG,
153  0,
154  0,
155  0,
156  0,
157  0,
158  0},
159  {"tls-version",
160  OPT_TLS_VERSION,
161  "TLS version to use, "
162  "permitted values are: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3",
163  &opt_tls_version,
164  &opt_tls_version,
165  0,
166  GET_STR,
167  REQUIRED_ARG,
168  0,
169  0,
170  0,
171  0,
172  0,
173  0},
174  {"ssl-fips-mode",
175  OPT_SSL_FIPS_MODE,
176  "SSL FIPS mode (applies only for OpenSSL); "
177 #ifndef HAVE_WOLFSSL
178  "permitted values are: OFF, ON, STRICT",
179 #else
180  "permitted values are: OFF",
181 #endif
182  0,
183  0,
184  0,
185  GET_STR,
186  REQUIRED_ARG,
187  0,
188  0,
189  0,
190  0,
191  0,
192  0},
193  {"tls-ciphersuites",
194  OPT_TLS_CIPHERSUITES,
195  "TLS v1.3 cipher to use.",
196  &opt_tls_ciphersuites,
197  &opt_tls_ciphersuites,
198  0,
199  GET_STR,
200  REQUIRED_ARG,
201  0,
202  0,
203  0,
204  0,
205  0,
206  0},
207 #endif /* HAVE_OPENSSL */
opt_ssl_cipher
static char * opt_ssl_cipher
Definition: ssl_acceptor_context.cc:47
OPT_SSL_CRL
Definition: client_priv.h:159
opt_ssl_crl
static char * opt_ssl_crl
Definition: ssl_acceptor_context.cc:48
opt_ssl_crlpath
static char * opt_ssl_crlpath
Definition: ssl_acceptor_context.cc:48
OPT_SSL_FIPS_MODE
Definition: client_priv.h:173
GET_STR
#define GET_STR
Definition: my_getopt.h:49
OPT_SSL_KEY
Definition: client_priv.h:74
opt_tls_version
static char * opt_tls_version
Definition: ssl_acceptor_context.cc:49
OPT_SSL_SSL
Definition: client_priv.h:73
OPT_SSL_CIPHER
Definition: client_priv.h:78
opt_use_ssl
bool opt_use_ssl
Definition: mysqld.cc:1595
OPT_SSL_CAPATH
Definition: client_priv.h:77
opt_ssl_capath
static char * opt_ssl_capath
Definition: ssl_acceptor_context.cc:46
OPT_SSL_CRLPATH
Definition: client_priv.h:160
OPT_TLS_CIPHERSUITES
Definition: client_priv.h:174
opt_ssl_ca
static char * opt_ssl_ca
SSL context options.
Definition: ssl_acceptor_context.cc:46
OPT_SSL_CERT
Definition: client_priv.h:75
opt_ssl_cert
static char * opt_ssl_cert
Definition: ssl_acceptor_context.cc:46
REQUIRED_ARG
Definition: my_getopt.h:78
OPT_SSL_CA
Definition: client_priv.h:76
OPT_TLS_VERSION
Definition: client_priv.h:170
opt_ssl_key
static char * opt_ssl_key
Definition: ssl_acceptor_context.cc:48
OPT_ARG
Definition: my_getopt.h:78
OPT_SSL_MODE
Definition: client_priv.h:171
opt_tls_ciphersuites
static char * opt_tls_ciphersuites
Definition: ssl_acceptor_context.cc:47
GET_BOOL
#define GET_BOOL
Definition: my_getopt.h:42