summaryrefslogtreecommitdiff
path: root/usr.sbin/nsd/dnstap/dnstap.h
diff options
context:
space:
mode:
Diffstat (limited to 'usr.sbin/nsd/dnstap/dnstap.h')
-rw-r--r--usr.sbin/nsd/dnstap/dnstap.h19
1 files changed, 17 insertions, 2 deletions
diff --git a/usr.sbin/nsd/dnstap/dnstap.h b/usr.sbin/nsd/dnstap/dnstap.h
index e5eaa2a1345..8c84928cbc5 100644
--- a/usr.sbin/nsd/dnstap/dnstap.h
+++ b/usr.sbin/nsd/dnstap/dnstap.h
@@ -42,6 +42,7 @@
struct nsd_options;
struct fstrm_io;
struct fstrm_queue;
+struct dt_tls_writer;
struct dt_env {
/** dnstap I/O thread */
@@ -66,6 +67,9 @@ struct dt_env {
unsigned log_auth_query_messages : 1;
/** whether to log Message/AUTH_RESPONSE */
unsigned log_auth_response_messages : 1;
+
+ /** tls writer object, or NULL */
+ struct dt_tls_writer* tls_writer;
};
/**
@@ -75,12 +79,23 @@ struct dt_env {
* of the structure) to ensure lock-free access to its own per-worker circular
* queue. Duplicate the environment object if more than one worker needs to
* share access to the dnstap I/O socket.
- * @param socket_path: path to dnstap logging socket, must be non-NULL.
+ * @param socket_path: path to dnstap logging socket, must be non-NULL if used.
+ * @param ip: if NULL or "" use socket path, otherwise IP or IP@port.
* @param num_workers: number of worker threads, must be > 0.
+ * @param tls: set to true to use TLS, otherwise, TCP. Used when ip is set.
+ * @param tls_server_name: name for authenticating the upstream server, or
+ * NULL or "".
+ * @param tls_cert_bundle: pem bundle to verify server with. Or NULL or "".
+ * @param tls_client_key_file: key file for client authentication. Or NULL
+ * or "".
+ * @param tls_client_cert_file: cert file for client authentication. Or NULL
+ * or "".
* @return dt_env object, NULL on failure.
*/
struct dt_env *
-dt_create(const char *socket_path, unsigned num_workers);
+dt_create(const char *socket_path, char* ip, unsigned num_workers,
+ int tls, char* tls_server_name, char* tls_cert_bundle,
+ char* tls_client_key_file, char* tls_client_cert_file);
/**
* Apply config settings.