diff options
Diffstat (limited to 'cpp/src/IceSSL/Context.h')
| -rw-r--r-- | cpp/src/IceSSL/Context.h | 108 |
1 files changed, 42 insertions, 66 deletions
diff --git a/cpp/src/IceSSL/Context.h b/cpp/src/IceSSL/Context.h index d3f38050bf9..e002031f5e7 100644 --- a/cpp/src/IceSSL/Context.h +++ b/cpp/src/IceSSL/Context.h @@ -7,23 +7,12 @@ // // ********************************************************************** -#ifndef ICESSL_CONTEXT_H -#define ICESSL_CONTEXT_H - -#include <Ice/CommunicatorF.h> -#include <IceSSL/TraceLevelsF.h> -#include <IceSSL/SslTransceiverF.h> -#include <IceSSL/ContextF.h> - -#include <Ice/BuiltinSequences.h> -#include <IceSSL/OpenSSL.h> -#include <IceSSL/CertificateVerifierOpenSSL.h> -#include <IceSSL/GeneralConfig.h> -#include <IceSSL/CertificateAuthority.h> -#include <IceSSL/BaseCerts.h> -#include <IceSSL/TempCerts.h> -#include <IceSSL/RSAPublicKey.h> -#include <IceSSL/RSAKeyPairF.h> +#ifndef ICE_SSL_CONTEXT_H +#define ICE_SSL_CONTEXT_H + +#include <InstanceF.h> +#include <UtilF.h> +#include <Ice/LoggerF.h> namespace IceSSL { @@ -32,68 +21,55 @@ class Context : public IceUtil::Shared { public: - virtual ~Context(); - - bool isConfigured(); - - void cleanUp(); - - virtual void setCertificateVerifier(const CertificateVerifierPtr&); - virtual void addTrustedCertificateBase64(const std::string&); - virtual void addTrustedCertificate(const Ice::ByteSeq&); - virtual void setRSAKeysBase64(const std::string&, const std::string&); - virtual void setRSAKeys(const Ice::ByteSeq&, const Ice::ByteSeq&); - virtual void configure(const GeneralConfig&, const CertificateAuthority&, const BaseCertificates&); - virtual SslTransceiverPtr createTransceiver(int, const OpenSSLPluginIPtr&, int) = 0; - -protected: - - Context(const TraceLevelsPtr&, const Ice::CommunicatorPtr&, const ContextType&); - - SSL_METHOD* getSslMethod(SslProtocol); - void createContext(SslProtocol); - - virtual void loadCertificateAuthority(const CertificateAuthority&); - - void setKeyCert(const CertificateDesc&, const std::string&, const std::string&); - - void checkKeyCert(); + Context(const InstancePtr&, const std::string&, SSL_CTX*); + ~Context(); - void addTrustedCertificate(const RSAPublicKey&); + SSL_CTX* ctx() const; - void addKeyCert(const CertificateFile&, const CertificateFile&); + void validatePeer(SSL*, const std::string&, bool); - void addKeyCert(const RSAKeyPair&); + std::string password(bool); - void addKeyCert(const Ice::ByteSeq&, const Ice::ByteSeq&); - - void addKeyCert(const std::string&, const std::string&); +#ifndef OPENSSL_NO_DH + DH* dhParams(int); +#endif - SSL* createSSLConnection(int); + int verifyCallback(int, SSL*, X509_STORE_CTX*); - void setCipherList(const std::string&); + void traceConnection(SSL*, bool); - void setDHParams(const BaseCertificates&); +protected: - TraceLevelsPtr _traceLevels; - Ice::CommunicatorPtr _communicator; - ContextType _contextType; + bool checkPath(std::string&, bool); + void parseProtocols(const std::string&); + + InstancePtr _instance; + Ice::LoggerPtr _logger; + SSL_CTX* _ctx; + std::string _defaultDir; + bool _checkCertName; + std::string _password; +#ifndef OPENSSL_NO_DH + DHParamsPtr _dhParams; +#endif +}; +typedef IceUtil::Handle<Context> ContextPtr; - std::string _rsaPrivateKeyProperty; - std::string _rsaPublicKeyProperty; - std::string _dsaPrivateKeyProperty; - std::string _dsaPublicKeyProperty; - std::string _caCertificateProperty; - std::string _passphraseRetriesProperty; - std::string _maxPassphraseRetriesDefault; - std::string _connectionHandshakeRetries; +class ClientContext : public Context +{ +public: - CertificateVerifierPtr _certificateVerifier; + ClientContext(const InstancePtr&, SSL_CTX*); +}; +typedef IceUtil::Handle<ClientContext> ClientContextPtr; - SSL_CTX* _sslContext; +class ServerContext : public Context +{ +public: - int _maxPassphraseTries; + ServerContext(const InstancePtr&, SSL_CTX*); }; +typedef IceUtil::Handle<ServerContext> ServerContextPtr; } |