diff options
author | Spencer Jackson <spencer.jackson@mongodb.com> | 2015-04-13 17:36:00 -0400 |
---|---|---|
committer | Spencer Jackson <spencer.jackson@mongodb.com> | 2015-04-17 17:30:34 -0400 |
commit | 6e9d0671458f6b4b1d12bb5285c05a18d4e80464 (patch) | |
tree | ea412b06e4327af24e0e395cedb532b39b721a9b /src/mongo/util/net/ssl_options.h | |
parent | db11c954517008c033c39e18dddbcfcd91f4263f (diff) | |
download | mongo-6e9d0671458f6b4b1d12bb5285c05a18d4e80464.tar.gz |
SERVER-17591: Allow TLS protocols to be disabled
Diffstat (limited to 'src/mongo/util/net/ssl_options.h')
-rw-r--r-- | src/mongo/util/net/ssl_options.h | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/src/mongo/util/net/ssl_options.h b/src/mongo/util/net/ssl_options.h index d2f2a79bc9a..d348e004b4e 100644 --- a/src/mongo/util/net/ssl_options.h +++ b/src/mongo/util/net/ssl_options.h @@ -27,9 +27,12 @@ #pragma once -#include "mongo/base/status.h" #include "mongo/util/net/ssl_manager.h" +#include <vector> + +#include "mongo/base/status.h" + namespace mongo { namespace optionenvironment { @@ -40,6 +43,11 @@ namespace mongo { namespace moe = mongo::optionenvironment; struct SSLParams { + enum class Protocols { + TLS1_0, + TLS1_1, + TLS1_2 + }; AtomicInt32 sslMode; // --sslMode - the SSL operation mode, see enum SSLModes bool sslOnNormalPorts; // --sslOnNormalPorts (deprecated) std::string sslPEMKeyFile; // --sslPEMKeyFile @@ -49,6 +57,7 @@ namespace mongo { std::string sslCAFile; // --sslCAFile std::string sslCRLFile; // --sslCRLFile std::string sslCipherConfig; // --sslCipherConfig + std::vector<Protocols> sslDisabledProtocols; // --sslDisabledProtocols bool sslWeakCertificateValidation; // --sslWeakCertificateValidation bool sslFIPSMode; // --sslFIPSMode bool sslAllowInvalidCertificates; // --sslAllowInvalidCertificates |