1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
|
//
// Copyright (c) ZeroC, Inc. All rights reserved.
//
#ifndef ICESSL_OPENSSL_H
#define ICESSL_OPENSSL_H
#include <IceSSL/Plugin.h>
#include <openssl/x509v3.h>
#include <openssl/pem.h>
//
// Automatically link IceSSLOpenSSL[D|++11|++11D].lib with Visual C++
//
#if defined(_MSC_VER)
# if !defined(ICE_BUILDING_ICESSL_OPENSSL) && defined(ICESSL_OPENSSL_API_EXPORTS)
# define ICE_BUILDING_ICESSL_OPENSSL
# endif
# if !defined(ICE_BUILDING_ICESSL_OPENSSL)
# pragma comment(lib, ICE_LIBNAME("IceSSLOpenSSL"))
# endif
#endif
#ifndef ICESSL_OPENSSL_API
# if defined(ICE_STATIC_LIBS)
# define ICESSL_OPENSSL_API /**/
# elif defined(ICESSL_OPENSSL_API_EXPORTS)
# define ICESSL_OPENSSL_API ICE_DECLSPEC_EXPORT
# else
# define ICESSL_OPENSSL_API ICE_DECLSPEC_IMPORT
# endif
#endif
#if defined(_WIN32) && !defined(ICESSL_OPENSSL_API_EXPORTS)
namespace Ice
{
/**
* When using static libraries, calling this function ensures the OpenSSL version of the IceSSL plug-in is
* linked with the application.
* @param loadOnInitialize If true, the plug-in is loaded (created) during communicator initialization.
* If false, the plug-in is only loaded during communicator initialization if its corresponding plug-in
* property is set to 1.
*/
ICE_PLUGIN_REGISTER_DECLSPEC_IMPORT void registerIceSSLOpenSSL(bool loadOnInitialize = true);
}
#endif
namespace IceSSL
{
namespace OpenSSL
{
class Certificate;
ICE_DEFINE_PTR(CertificatePtr, Certificate);
/**
* Encapsulates an OpenSSL X.509 certificate.
* \headerfile IceSSL/IceSSL.h
*/
class ICESSL_OPENSSL_API Certificate : public virtual IceSSL::Certificate
{
public:
/**
* Construct a certificate using a native certificate.
* The Certificate class assumes ownership of the given native
* certificate.
* @param cert The native certificate.
* @return A new certificate object.
*/
static CertificatePtr create(x509_st* cert);
/**
* Load the certificate from a file. The certificate must use the
* PEM encoding format.
* @param file The certificate file.
* @return A new certificate object.
* @throws CertificateReadException if the file cannot be read.
*/
static CertificatePtr load(const std::string& file);
/**
* Decode a certificate from a string that uses the PEM encoding format.
* @param cert A string containing the PEM-encoded certificate.
* @return A new certificate object.
* @throws CertificateEncodingException if an error occurs.
*/
static CertificatePtr decode(const std::string& cert);
/**
* Retrieve the native X509 certificate value wrapped by this object.
* @return The native certificate. The returned reference is only valid for the lifetime of this
* object. You can increment it with X509_dup.
*/
virtual x509_st* getCert() const = 0;
};
/**
* Represents the IceSSL plug-in object.
* \headerfile IceSSL/IceSSL.h
*/
class ICESSL_OPENSSL_API Plugin : public virtual IceSSL::Plugin
{
public:
/**
* Obtains the OpenSSL version number.
* @return The version.
*/
virtual Ice::Long getOpenSSLVersion() const = 0;
/**
* Establishes the OpenSSL context. This must be done before the
* plug-in is initialized, therefore the application must define
* the property Ice.InitPlugins=0, set the context, and finally
* invoke Ice::PluginManager::initializePlugins.
*
* When the application supplies its own OpenSSL context, the
* plug-in ignores configuration properties related to certificates,
* keys, and passwords.
*
* Note that the plug-in assumes ownership of the given context.
*
* @param ctx The OpenSSL context.
*/
virtual void setContext(SSL_CTX* ctx) = 0;
/**
* Obtains the SSL context. Use caution when modifying this value.
* Changes made to this value have no effect on existing connections.
* @return The OpenSSL context.
*/
virtual SSL_CTX* getContext() = 0;
};
ICE_DEFINE_PTR(PluginPtr, Plugin);
} // OpenSSL namespace end
} // IceSSL namespace end
#endif
|
