NeoMutt  2024-11-14-34-g5aaf0d
Teaching an old dog new tricks
DOXYGEN
Loading...
Searching...
No Matches
config.c
Go to the documentation of this file.
1
31#include "config.h"
32#include <stdbool.h>
33#include <stddef.h>
34#include "config/lib.h"
35
39static struct ConfigDef ConnVars[] = {
40 // clang-format off
41 { "account_command", DT_STRING|D_STRING_COMMAND, 0, 0, NULL,
42 "Shell command to retrieve account credentials"
43 },
44 { "preconnect", DT_STRING, 0, 0, NULL,
45 "(socket) External command to run prior to opening a socket"
46 },
47 { "socket_timeout", DT_NUMBER, 30, 0, NULL,
48 "Timeout for socket connect/read/write operations (-1 to wait indefinitely)"
49 },
50 { "tunnel", DT_STRING|D_STRING_COMMAND, 0, 0, NULL,
51 "Shell command to establish a tunnel"
52 },
53 { "tunnel_is_secure", DT_BOOL, true, 0, NULL,
54 "Assume a tunneled connection is secure"
55 },
56
57 { "connect_timeout", DT_SYNONYM, IP "socket_timeout", IP "2023-02-15" },
58 { NULL },
59 // clang-format on
60};
61
62#if defined(USE_SSL)
66static struct ConfigDef ConnVarsSsl[] = {
67 // clang-format off
68 { "certificate_file", DT_PATH|D_PATH_FILE, IP "~/.mutt_certificates", 0, NULL,
69 "File containing trusted certificates"
70 },
71 { "ssl_ciphers", DT_STRING, 0, 0, NULL,
72 "Ciphers to use when using SSL"
73 },
74 { "ssl_client_cert", DT_PATH|D_PATH_FILE, 0, 0, NULL,
75 "File containing client certificates"
76 },
77 { "ssl_force_tls", DT_BOOL, true, 0, NULL,
78 "(ssl) Require TLS encryption for all connections"
79 },
80 { "ssl_starttls", DT_QUAD, MUTT_YES, 0, NULL,
81 "(ssl) Use STARTTLS on servers advertising the capability"
82 },
83 { "ssl_use_sslv3", DT_BOOL, false, 0, NULL,
84 "(ssl) INSECURE: Use SSLv3 for authentication"
85 },
86 { "ssl_use_tlsv1", DT_BOOL, false, 0, NULL,
87 "(ssl) Use TLSv1 for authentication"
88 },
89 { "ssl_use_tlsv1_1", DT_BOOL, false, 0, NULL,
90 "(ssl) Use TLSv1.1 for authentication"
91 },
92 { "ssl_use_tlsv1_2", DT_BOOL, true, 0, NULL,
93 "(ssl) Use TLSv1.2 for authentication"
94 },
95 { "ssl_use_tlsv1_3", DT_BOOL, true, 0, NULL,
96 "(ssl) Use TLSv1.3 for authentication"
97 },
98 { "ssl_verify_dates", DT_BOOL, true, 0, NULL,
99 "(ssl) Verify the dates on the server certificate"
100 },
101 { "ssl_verify_host", DT_BOOL, true, 0, NULL,
102 "(ssl) Verify the server's hostname against the certificate"
103 },
104 { NULL },
105 // clang-format on
106};
107#endif
108
109#if defined(USE_SSL_GNUTLS)
113static struct ConfigDef ConnVarsGnutls[] = {
114 // clang-format off
115 { "ssl_ca_certificates_file", DT_PATH|D_PATH_FILE, 0, 0, NULL,
116 "File containing trusted CA certificates"
117 },
118 { "ssl_min_dh_prime_bits", DT_NUMBER|D_INTEGER_NOT_NEGATIVE, 0, 0, NULL,
119 "Minimum keysize for Diffie-Hellman key exchange"
120 },
121 { NULL },
122 // clang-format on
123};
124#endif
125
126#if defined(USE_SSL_OPENSSL)
130static struct ConfigDef ConnVarsOpenssl[] = {
131 // clang-format off
132 { "entropy_file", DT_PATH|D_PATH_FILE, 0, 0, NULL,
133 "(ssl) File/device containing random data to initialise SSL"
134 },
135 { "ssl_use_sslv2", DT_BOOL, false, 0, NULL,
136 "(ssl) INSECURE: Use SSLv2 for authentication"
137 },
138 { "ssl_use_system_certs", DT_BOOL, true, 0, NULL,
139 "(ssl) Use CA certificates in the system-wide store"
140 },
141 { "ssl_usesystemcerts", DT_SYNONYM, IP "ssl_use_system_certs", IP "2021-02-11" },
142 { NULL },
143 // clang-format on
144};
145#endif
146
147#if defined(HAVE_SSL_PARTIAL_CHAIN)
151static struct ConfigDef ConnVarsPartial[] = {
152 // clang-format off
153 { "ssl_verify_partial_chains", DT_BOOL, false, 0, NULL,
154 "(ssl) Allow verification using partial certificate chains"
155 },
156 { NULL },
157 // clang-format on
158};
159#endif
160
161#if defined(HAVE_GETADDRINFO)
165static struct ConfigDef ConnVarsGetaddr[] = {
166 // clang-format off
167 { "use_ipv6", DT_BOOL, true, 0, NULL,
168 "Lookup IPv6 addresses when making connections"
169 },
170 { NULL },
171 // clang-format on
172};
173#endif
174
179{
180 bool rc = cs_register_variables(cs, ConnVars);
181
182#if defined(USE_SSL)
184#endif
185
186#if defined(USE_SSL_GNUTLS)
188#endif
189
190#if defined(USE_SSL_OPENSSL)
192#endif
193
194#if defined(HAVE_SSL_PARTIAL_CHAIN)
196#endif
197
198#if defined(HAVE_GETADDRINFO)
200#endif
201
202 return rc;
203}
Convenience wrapper for the config headers.
bool cs_register_variables(const struct ConfigSet *cs, struct ConfigDef vars[])
Register a set of config items.
Definition: set.c:281
#define IP
Definition: set.h:54
static struct ConfigDef ConnVarsSsl[]
General SSL Config definitions for the conn library.
Definition: config.c:66
static struct ConfigDef ConnVars[]
Config definitions for the connection library.
Definition: config.c:39
static struct ConfigDef ConnVarsOpenssl[]
OpenSSL Config definitions for the connection library.
Definition: config.c:130
static struct ConfigDef ConnVarsPartial[]
SSL partial chains Config definitions for the connection library.
Definition: config.c:151
static struct ConfigDef ConnVarsGetaddr[]
GetAddrInfo Config definitions for the connection library.
Definition: config.c:165
static struct ConfigDef ConnVarsGnutls[]
GnuTLS Config definitions for the connection library.
Definition: config.c:113
bool config_init_conn(struct ConfigSet *cs)
Register conn config variables - Implements module_init_config_t -.
Definition: config.c:178
@ MUTT_YES
User answered 'Yes', or assume 'Yes'.
Definition: quad.h:39
Definition: set.h:64
Container for lots of config items.
Definition: set.h:252
#define D_STRING_COMMAND
A command.
Definition: types.h:99
#define D_PATH_FILE
Path is a file.
Definition: types.h:104
@ DT_NUMBER
a number
Definition: types.h:39
@ DT_BOOL
boolean option
Definition: types.h:32
@ DT_QUAD
quad-option (no/yes/ask-no/ask-yes)
Definition: types.h:41
@ DT_SYNONYM
synonym for another variable
Definition: types.h:46
@ DT_STRING
a string
Definition: types.h:45
@ DT_PATH
a path to a file/directory
Definition: types.h:40
#define D_INTEGER_NOT_NEGATIVE
Negative numbers are not allowed.
Definition: types.h:101