Lines Matching defs:tls
184 LOG(ERROR) << "tls-ticket-key-file: could not stat file " << file
190 LOG(ERROR) << "tls-ticket-key-file: the expected file size is "
197 LOG(ERROR) << "tls-ticket-key-file: could not open file " << file;
203 LOG(ERROR) << "tls-ticket-key-file: want to read " << expectedlen
837 auto v = tls::proto_version_from_string(optarg);
850 bool tls;
865 if (util::strieq_l("tls", param)) {
866 out.tls = true;
867 } else if (util::strieq_l("no-tls", param)) {
868 out.tls = false;
887 bool tls;
903 if (util::strieq_l("tls", param)) {
904 out.tls = true;
907 } else if (util::strieq_l("no-tls", param)) {
908 out.tls = false;
960 bool tls;
1038 } else if (util::strieq_l("tls", param)) {
1039 out.tls = true;
1040 } else if (util::strieq_l("no-tls", param)) {
1041 out.tls = false;
1096 } else if (util::strieq_l("redirect-if-not-tls", param)) {
1214 addr.tls = params.tls;
1658 // directly stored into config->tls.psk_secrets. This function
1661 auto &tlsconf = config->tls;
1724 // directly stored into config->tls.client.psk. This function returns
1727 auto &tlsconf = config->tls;
1888 if (util::strieq_l("tls-ktl", name, 7)) {
1949 if (util::strieq_l("tls-sct-di", name, 10)) {
2096 if (util::strieq_l("tls-proto-lis", name, 13)) {
2185 if (util::strieq_l("tls-max-early-dat", name, 17)) {
2218 if (util::strieq_l("tls-ticket-key-fil", name, 18)) {
2289 if (util::strieq_l("backend-tls-sni-fiel", name, 20)) {
2304 if (util::strieq_l("tls-max-proto-versio", name, 20)) {
2307 if (util::strieq_l("tls-min-proto-versio", name, 20)) {
2312 if (util::strieq_l("tls-ticket-key-ciphe", name, 20)) {
2401 if (util::strieq_l("tls-ticket-key-memcache", name, 23)) {
2419 if (util::strieq_l("tls-dyn-rec-idle-timeou", name, 23)) {
2458 if (util::strieq_l("tls-no-postpone-early-dat", name, 25)) {
2497 if (util::strieq_l("tls-session-cache-memcache", name, 26)) {
2537 if (util::strieq_l("tls-dyn-rec-warmup-threshol", name, 27)) {
2550 if (util::strieq_l("tls-ticket-key-memcached-tl", name, 27)) {
2591 if (util::strieq_l("tls-session-cache-memcached-tl", name, 30)) {
2614 if (util::strieq_l("tls-ticket-key-memcached-interva", name, 32)) {
2617 if (util::strieq_l("tls-ticket-key-memcached-max-fai", name, 32)) {
2634 if (util::strieq_l("tls-ticket-key-memcached-cert-fil", name, 33)) {
2649 if (util::strieq_l("tls-ticket-key-memcached-max-retr", name, 33)) {
2713 if (util::strieq_l("tls-session-cache-memcached-cert-fil", name, 36)) {
2742 if (util::strieq_l("tls-ticket-key-memcached-address-famil", name, 38)) {
2779 if (util::strieq_l("tls-ticket-key-memcached-private-key-fil", name,
2789 if (util::strieq_l("tls-session-cache-memcached-address-famil", name,
2799 if (util::strieq_l("tls-session-cache-memcached-private-key-fil", name,
2867 params.tls = true;
2873 if (params.sni_fwd && !params.tls) {
2874 LOG(ERROR) << "frontend: sni_fwd requires tls";
2884 if (!params.tls) {
2892 addr.tls = params.tls;
2998 << ": deprecated. Use backend=<addr>,<port>;;proto=h2;tls";
3003 << ": deprecated. Use http2-proxy, frontend=<addr>,<port>;no-tls "
3004 "and backend=<addr>,<port>;;proto=h2;tls";
3128 LOG(WARN) << opt << ": deprecated. Use no-tls keyword in "
3143 config->tls.backend_sni_name = make_string_ref(config->balloc, optarg);
3164 config->tls.private_key_file = make_string_ref(config->balloc, optarg);
3173 config->tls.private_key_passwd =
3179 config->tls.cert_file = make_string_ref(config->balloc, optarg);
3183 config->tls.dh_param_file = make_string_ref(config->balloc, optarg);
3229 config->tls.subcerts.emplace_back(
3248 config->tls.ciphers = make_string_ref(config->balloc, optarg);
3252 config->tls.tls13_ciphers = make_string_ref(config->balloc, optarg);
3257 << ": deprecated. Use frontend=<addr>,<port>;no-tls, "
3258 "backend=<addr>,<port>;;proto=h2;tls";
3261 config->tls.insecure = util::strieq_l("yes", optarg);
3265 config->tls.cacert = make_string_ref(config->balloc, optarg);
3345 config->tls.npn_list.resize(list.size());
3347 config->tls.npn_list[i] = make_string_ref(config->balloc, list[i]);
3354 << ": deprecated. Use tls-min-proto-version and "
3355 "tls-max-proto-version instead.";
3357 config->tls.tls_proto_list.resize(list.size());
3359 config->tls.tls_proto_list[i] = make_string_ref(config->balloc, list[i]);
3365 config->tls.client_verify.enabled = util::strieq_l("yes", optarg);
3369 config->tls.client_verify.cacert = make_string_ref(config->balloc, optarg);
3373 config->tls.client.private_key_file =
3378 config->tls.client.cert_file = make_string_ref(config->balloc, optarg);
3470 config->tls.ticket.files.emplace_back(
3520 config->tls.ocsp.fetch_ocsp_response_file =
3525 return parse_duration(&config->tls.ocsp.update_interval, opt, optarg);
3527 config->tls.ocsp.disabled = util::strieq_l("yes", optarg);
3566 config->tls.ticket.cipher = EVP_aes_128_cbc();
3568 config->tls.ticket.cipher = EVP_aes_256_cbc();
3574 config->tls.ticket.cipher_given = true;
3599 auto &memcachedconf = config->tls.session_cache.memcached;
3602 memcachedconf.tls = params.tls;
3606 auto &memcachedconf = config->tls.ticket.memcached;
3609 memcachedconf.tls = params.tls;
3617 return parse_duration(&config->tls.ticket.memcached.interval, opt, optarg);
3629 config->tls.ticket.memcached.max_retry = n;
3633 return parse_uint(&config->tls.ticket.memcached.max_fail, opt, optarg);
3640 config->tls.dyn_rec.warmup_threshold = n;
3646 return parse_duration(&config->tls.dyn_rec.idle_timeout, opt, optarg);
3728 config->tls.no_http2_cipher_block_list = util::strieq_l("yes", optarg);
3732 LOG(WARN) << opt << ": deprecated. Use tls keyword in "
3736 LOG(WARN) << opt << ": deprecated. Use tls keyword in "
3740 config->tls.session_cache.memcached.cert_file =
3745 config->tls.session_cache.memcached.private_key_file =
3750 LOG(WARN) << opt << ": deprecated. Use tls keyword in "
3754 config->tls.ticket.memcached.cert_file =
3759 config->tls.ticket.memcached.private_key_file =
3764 return parse_address_family(&config->tls.ticket.memcached.family, opt,
3767 return parse_address_family(&config->tls.session_cache.memcached.family,
3878 config->tls.ecdh_curves = make_string_ref(config->balloc, optarg);
3885 return read_tls_sct_from_dir(config->tls.sct_data, opt, optarg);
3934 config->tls.client.no_http2_cipher_block_list =
3939 config->tls.client.ciphers = make_string_ref(config->balloc, optarg);
3943 config->tls.client.tls13_ciphers = make_string_ref(config->balloc, optarg);
3951 return parse_tls_proto_version(config->tls.min_proto_version, opt, optarg);
3953 return parse_tls_proto_version(config->tls.max_proto_version, opt, optarg);
3984 config->tls.ocsp.startup = util::strieq_l("yes", optarg);
3988 config->tls.ocsp.no_verify = util::strieq_l("yes", optarg);
3992 config->tls.client_verify.tolerate_expired = util::strieq_l("yes", optarg);
4000 config->tls.no_postpone_early_data = util::strieq_l("yes", optarg);
4004 return parse_uint_with_unit(&config->tls.max_early_data, opt, optarg);
4176 config->tls.ktls = util::strieq_l("yes", optarg);
4442 // value --backend-tls-sni-field
4469 << (addr.tls ? ", tls" : "");