+@import "../lib-lua/base.cpkg"
+
+@package mod_ssl {
+ bool force_tls = 0;
+ /*
+ ** .pp
+ ** If this variable is \fIset\fP, Madmutt will require that all connections
+ ** to remote servers be encrypted. Furthermore it will attempt to
+ ** negotiate TLS even if the server does not advertise the capability,
+ ** since it would otherwise have to abort the connection anyway. This
+ ** option supersedes ``$$ssl_starttls''.
+ */
+ bool starttls = 1;
+ /*
+ ** .pp
+ ** If \fIset\fP (the default), Madmutt will attempt to use STARTTLS on servers
+ ** advertising the capability. When \fIunset\fP, Madmutt will not attempt to
+ ** use STARTTLS regardless of the server's capabilities.
+ */
+ bool use_sslv3 = 1;
+ /*
+ ** .pp
+ ** This variables specifies whether to attempt to use SSLv3 in the
+ ** SSL authentication process.
+ */
+ bool use_tlsv1 = 1;
+ /*
+ ** .pp
+ ** This variables specifies whether to attempt to use TLSv1 in the
+ ** SSL authentication process.
+ */
+
+ int min_dh_prime_bits = 0;
+ /*
+ ** .pp
+ ** This variable specifies the minimum acceptable prime size (in bits)
+ ** for use in any Diffie-Hellman key exchange. A value of 0 will use
+ ** the default from the GNUTLS library.
+ */
+
+ path_t cert_file = luaM_pathnew("~/.cache/madmutt/certificates");
+ /*
+ ** .pp
+ ** This variable specifies the file where the certificates you trust
+ ** are saved. When an unknown certificate is encountered, you are asked
+ ** if you accept it or not. If you accept it, the certificate can also
+ ** be saved in this file and further connections are automatically
+ ** accepted.
+ ** .pp
+ ** You can also manually add CA certificates in this file. Any server
+ ** certificate that is signed with one of these CA certificates are
+ ** also automatically accepted.
+ ** .pp
+ ** Example: \fTset certificate_file=~/.madmutt/certificates\fP
+ */
+
+ path_t ca_certificates_file = NULL;
+ /*
+ ** .pp
+ ** This variable specifies a file containing trusted CA certificates.
+ ** Any server certificate that is signed with one of these CA
+ ** certificates are also automatically accepted.
+ ** .pp
+ ** Example: \fTset ssl_ca_certificates_file=/etc/ssl/certs/ca-certificates.crt\fP
+ */
+};
+