NeoMutt  2023-05-17-16-g61469c
Teaching an old dog new tricks
DOXYGEN
config.c
Go to the documentation of this file.
1
29#include "config.h"
30#include <stddef.h>
31#include <config/lib.h>
32#include <stdbool.h>
33
37static struct ConfigDef ConnVars[] = {
38 // clang-format off
39 { "account_command", DT_STRING|DT_COMMAND, 0, 0, NULL,
40 "Shell command to retrieve account credentials"
41 },
42 { "preconnect", DT_STRING, 0, 0, NULL,
43 "(socket) External command to run prior to opening a socket"
44 },
45 { "socket_timeout", DT_NUMBER, 30, 0, NULL,
46 "Timeout for socket connect/read/write operations (-1 to wait indefinitely)"
47 },
48 { "tunnel", DT_STRING|DT_COMMAND, 0, 0, NULL,
49 "Shell command to establish a tunnel"
50 },
51 { "tunnel_is_secure", DT_BOOL, true, 0, NULL,
52 "Assume a tunneled connection is secure"
53 },
54
55 { "connect_timeout", DT_SYNONYM, IP "socket_timeout", IP "2023-02-15" },
56 { NULL },
57 // clang-format on
58};
59
60#if defined(USE_SSL)
64static struct ConfigDef ConnVarsSsl[] = {
65 // clang-format off
66 { "certificate_file", DT_PATH|DT_PATH_FILE, IP "~/.mutt_certificates", 0, NULL,
67 "File containing trusted certificates"
68 },
69 { "ssl_ciphers", DT_STRING, 0, 0, NULL,
70 "Ciphers to use when using SSL"
71 },
72 { "ssl_client_cert", DT_PATH|DT_PATH_FILE, 0, 0, NULL,
73 "File containing client certificates"
74 },
75 { "ssl_force_tls", DT_BOOL, true, 0, NULL,
76 "(ssl) Require TLS encryption for all connections"
77 },
78 { "ssl_starttls", DT_QUAD, MUTT_YES, 0, NULL,
79 "(ssl) Use STARTTLS on servers advertising the capability"
80 },
81 { "ssl_use_sslv3", DT_BOOL, false, 0, NULL,
82 "(ssl) INSECURE: Use SSLv3 for authentication"
83 },
84 { "ssl_use_tlsv1", DT_BOOL, false, 0, NULL,
85 "(ssl) Use TLSv1 for authentication"
86 },
87 { "ssl_use_tlsv1_1", DT_BOOL, false, 0, NULL,
88 "(ssl) Use TLSv1.1 for authentication"
89 },
90 { "ssl_use_tlsv1_2", DT_BOOL, true, 0, NULL,
91 "(ssl) Use TLSv1.2 for authentication"
92 },
93 { "ssl_use_tlsv1_3", DT_BOOL, true, 0, NULL,
94 "(ssl) Use TLSv1.3 for authentication"
95 },
96 { "ssl_verify_dates", DT_BOOL, true, 0, NULL,
97 "(ssl) Verify the dates on the server certificate"
98 },
99 { "ssl_verify_host", DT_BOOL, true, 0, NULL,
100 "(ssl) Verify the server's hostname against the certificate"
101 },
102 { NULL },
103 // clang-format on
104};
105#endif
106
107#if defined(USE_SSL_GNUTLS)
111static struct ConfigDef ConnVarsGnutls[] = {
112 // clang-format off
113 { "ssl_ca_certificates_file", DT_PATH|DT_PATH_FILE, 0, 0, NULL,
114 "File containing trusted CA certificates"
115 },
116 { "ssl_min_dh_prime_bits", DT_NUMBER|DT_NOT_NEGATIVE, 0, 0, NULL,
117 "Minimum keysize for Diffie-Hellman key exchange"
118 },
119 { NULL },
120 // clang-format on
121};
122#endif
123
124#if defined(USE_SSL_OPENSSL)
128static struct ConfigDef ConnVarsOpenssl[] = {
129 // clang-format off
130 { "entropy_file", DT_PATH|DT_PATH_FILE, 0, 0, NULL,
131 "(ssl) File/device containing random data to initialise SSL"
132 },
133 { "ssl_use_sslv2", DT_BOOL, false, 0, NULL,
134 "(ssl) INSECURE: Use SSLv2 for authentication"
135 },
136 { "ssl_use_system_certs", DT_BOOL, true, 0, NULL,
137 "(ssl) Use CA certificates in the system-wide store"
138 },
139 { "ssl_usesystemcerts", DT_SYNONYM, IP "ssl_use_system_certs", IP "2021-02-11" },
140 { NULL },
141 // clang-format on
142};
143#endif
144
145#if defined(HAVE_SSL_PARTIAL_CHAIN)
149static struct ConfigDef ConnVarsPartial[] = {
150 // clang-format off
151 { "ssl_verify_partial_chains", DT_BOOL, false, 0, NULL,
152 "(ssl) Allow verification using partial certificate chains"
153 },
154 { NULL },
155 // clang-format on
156};
157#endif
158
159#if defined(HAVE_GETADDRINFO)
163static struct ConfigDef ConnVarsGetaddr[] = {
164 // clang-format off
165 { "use_ipv6", DT_BOOL, true, 0, NULL,
166 "Lookup IPv6 addresses when making connections"
167 },
168 { NULL },
169 // clang-format on
170};
171#endif
172
177{
179
180#if defined(USE_SSL)
182#endif
183
184#if defined(USE_SSL_GNUTLS)
186#endif
187
188#if defined(USE_SSL_OPENSSL)
190#endif
191
192#if defined(HAVE_SSL_PARTIAL_CHAIN)
194#endif
195
196#if defined(HAVE_GETADDRINFO)
198#endif
199
200 return rc;
201}
Convenience wrapper for the config headers.
bool cs_register_variables(const struct ConfigSet *cs, struct ConfigDef vars[], uint32_t flags)
Register a set of config items.
Definition: set.c:279
#define IP
Definition: set.h:54
static struct ConfigDef ConnVarsSsl[]
General SSL Config definitions for the conn library.
Definition: config.c:64
static struct ConfigDef ConnVars[]
Config definitions for the connection library.
Definition: config.c:37
static struct ConfigDef ConnVarsOpenssl[]
OpenSSL Config definitions for the connection library.
Definition: config.c:128
static struct ConfigDef ConnVarsPartial[]
SSL partial chains Config definitions for the connection library.
Definition: config.c:149
static struct ConfigDef ConnVarsGetaddr[]
GetAddrInfo Config definitions for the connection library.
Definition: config.c:163
static struct ConfigDef ConnVarsGnutls[]
GnuTLS Config definitions for the connection library.
Definition: config.c:111
bool config_init_conn(struct ConfigSet *cs)
Register conn config variables - Implements module_init_config_t -.
Definition: config.c:176
@ MUTT_YES
User answered 'Yes', or assume 'Yes'.
Definition: quad.h:39
Definition: set.h:64
Container for lots of config items.
Definition: set.h:252
#define DT_QUAD
quad-option (no/yes/ask-no/ask-yes)
Definition: types.h:37
#define DT_BOOL
boolean option
Definition: types.h:30
#define DT_PATH_FILE
Path is a file.
Definition: types.h:57
#define DT_PATH
a path to a file/directory
Definition: types.h:36
#define DT_STRING
a string
Definition: types.h:41
#define DT_COMMAND
A command.
Definition: types.h:53
#define DT_SYNONYM
synonym for another variable
Definition: types.h:42
#define DT_NO_FLAGS
No flags are set.
Definition: types.h:47
#define DT_NOT_NEGATIVE
Negative numbers are not allowed.
Definition: types.h:50
#define DT_NUMBER
a number
Definition: types.h:35