src/*,tests/*: Update copyright year.

[tlsproxy/tlsproxy.git] / src / tlsproxy.h

diff --git a/src/tlsproxy.h b/src/tlsproxy.h
index 9c908084945857c49275b4fa90ae0135d87e8530..970b08d615966fecc178e569d430817f85eff39b 100644 (file)
--- a/src/tlsproxy.h
+++ b/src/tlsproxy.h
@@ -1,7 +1,7 @@
 /*
  * Global variables/defines.
  *
- * Copyright (C) 2011  Simon Ruderich
+ * Copyright (C) 2011-2012  Simon Ruderich
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -35,10 +35,17 @@
 /* Paths to necessary TLS files: the CA and the server key. */
 #define PROXY_CA_FILE  "proxy-ca.pem"
 #define PROXY_KEY_FILE "proxy-key.pem"
+/* Path to special "invalid" certificate send to the client when an error
+ * occurs. */
+#define PROXY_INVALID_CERT_FILE "proxy-invalid.pem"
 /* The server certificate for the given hostname is stored in
  * "./certificate-hostname-proxy.pem" - we use this for the connection to the
  * client. */
 #define PROXY_SERVER_CERT_FORMAT "./certificate-%s-proxy.pem"
+/* The remote server certificate for the given hostname is stored in
+ * "./certificate-hostname-proxy.pem" - we make sure the server sends this
+ * certificate. */
+#define STORED_SERVER_CERT_FORMAT "./certificate-%s-server.pem"
 
 
 /* Proxy hostname and port if specified on the command line. */
@@ -48,8 +55,12 @@ char *global_proxy_port;
 /* Log level, command line option. */
 int global_log_level;
 
+/* Passthrough connections if no certificate is stored for this hostname?
+ * Specified on the command line. */
+int global_passthrough_unknown;
+
 /* "Global" GnuTLS data used by all threads, read only. */
-gnutls_priority_t tls_priority_cache;
-gnutls_dh_params_t tls_dh_params;
+gnutls_priority_t global_tls_priority_cache;
+gnutls_dh_params_t global_tls_dh_params;
 
 #endif