diff options
Diffstat (limited to 'usr.sbin/nsd/nsd.h')
-rw-r--r-- | usr.sbin/nsd/nsd.h | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/usr.sbin/nsd/nsd.h b/usr.sbin/nsd/nsd.h index c900ca6cbaa..de3ae8e1d43 100644 --- a/usr.sbin/nsd/nsd.h +++ b/usr.sbin/nsd/nsd.h @@ -11,6 +11,9 @@ #define _NSD_H_ #include <signal.h> +#ifdef HAVE_OPENSSL_SSL_H +#include <openssl/ssl.h> +#endif #include "dns.h" #include "edns.h" @@ -244,6 +247,7 @@ struct nsd stc_type qclass[4]; /* Class IN or Class CH or other */ stc_type qudp, qudp6; /* Number of queries udp and udp6 */ stc_type ctcp, ctcp6; /* Number of tcp and tcp6 connections */ + stc_type ctls, ctls6; /* Number of tls and tls6 connections */ stc_type rcode[17], opcode[6]; /* Rcodes & opcodes */ /* Dropped, truncated, queries for nonconfigured zone, tx errors */ stc_type dropped, truncated, wrongzone, txerr, rxerr; @@ -276,6 +280,11 @@ struct nsd unsigned int err_limit_count; struct nsd_options* options; + +#ifdef HAVE_SSL + /* TLS specific configuration */ + SSL_CTX *tls_ctx; +#endif }; extern struct nsd nsd; @@ -295,6 +304,7 @@ void server_child(struct nsd *nsd); void server_shutdown(struct nsd *nsd) ATTR_NORETURN; void server_close_all_sockets(struct nsd_socket sockets[], size_t n); struct event_base* nsd_child_event_base(void); +void service_remaining_tcp(struct nsd* nsd); /* extra domain numbers for temporary domains */ #define EXTRA_DOMAIN_NUMBERS 1024 #define SLOW_ACCEPT_TIMEOUT 2 /* in seconds */ @@ -311,6 +321,11 @@ void server_prepare_xfrd(struct nsd *nsd); void server_start_xfrd(struct nsd *nsd, int del_db, int reload_active); /* send SOA serial numbers to xfrd */ void server_send_soa_xfrd(struct nsd *nsd, int shortsoa); +#ifdef HAVE_SSL +SSL_CTX* server_tls_ctx_setup(char* key, char* pem, char* verifypem); +SSL_CTX* server_tls_ctx_create(struct nsd *nsd, char* verifypem, char* ocspfile); +void perform_openssl_init(void); +#endif ssize_t block_read(struct nsd* nsd, int s, void* p, ssize_t sz, int timeout); #endif /* _NSD_H_ */ |