tyler.durden/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2025-09-29 20:48:55 +02:00
Code Issues Packages Projects Releases Wiki Activity
icinga2/lib/remote/apilistener.ti
Uwe Ebel b2ac05ad7d Make the minimum TLS protocol version configurable 
The ApiListener accepts all TLS versions that the underlying
OpenSSL library supports. This patch give the ability to restrict
the connection to a minimum TLS version.

fixes #11292

Signed-off-by: Gunnar Beutner <gunnar.beutner@netways.de>
2016-08-03 07:46:50 +02:00

58 lines
2.2 KiB
Plaintext
Raw Blame History

/******************************************************************************
* Icinga 2 *
* Copyright (C) 2012-2016 Icinga Development Team (https://www.icinga.org/) *
* *
* This program is free software; you can redistribute it and/or *
* modify it under the terms of the GNU General Public License *
* as published by the Free Software Foundation; either version 2 *
* of the License, or (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* *
* You should have received a copy of the GNU General Public License *
* along with this program; if not, write to the Free Software Foundation *
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. *
******************************************************************************/
#include "remote/i2-remote.hpp"
#include "base/configobject.hpp"
#include "base/application.hpp"
library remote;
namespace icinga
{
class ApiListener : ConfigObject
{
[config, required] String cert_path;
[config, required] String key_path;
[config, required] String ca_path;
[config] String crl_path;
[config] String cipher_list {
default {{{ return "ALL:!LOW:!WEAK:!MEDIUM:!EXP:!NULL"; }}}
};
[config] String tls_protocolmin {
default {{{ return "TLSv1"; }}}
};
[config] String bind_host;
[config] String bind_port {
default {{{ return "5665"; }}}
};
[config] bool accept_config;
[config] bool accept_commands;
[config] String ticket_salt;
[state, no_user_modify] Timestamp log_message_timestamp;
[no_user_modify] String identity;
};
}
Reference in New Issue View Git Blame Copy Permalink