#include <ssl.h>
Public Types | |
| typedef ConexusPointer< SSL > | pointer |
Public Member Functions | |
| ~SSL () | |
| ssize_t | ssl_write (const Data data) |
| ssize_t | ssl_write (const char *data, size_t datalen) |
| Data | ssl_read (size_t s=0) |
| size_t | ssl_input_available () |
| void | ssl_connect () |
| void | ssl_accept () |
| void | set_client_mode () |
| Sets the SSL engine into a client(connect) mode when performing new handshakes. | |
| void | set_server_mode () |
| Sets the SSL engine into a server(accept) mode when performing new handshakes. | |
| Context::pointer | context () |
| returns the SSL context associated with this SSL object | |
| void | set_context (Context::pointer context) |
| sets the SSL context | |
| bool | clear () |
| reset SSL object to allow another connection | |
| bool | ssl_shutdown (bool bidirectional=false) |
| shuts down an active TLS/SSL connection | |
| bool | use_certificate (X509 *x) |
| loads the certificate x | |
| bool | use_certificate_asn1 (unsigned char *d, int len) |
| loads the ASN1 encoded certificate from the memory location d (with length len) | |
| bool | use_certificate_file (const std::string &file, FileType type) |
| loads the first certificate stored in file | |
| bool | use_private_key (EVP_PKEY *pkey) |
| adds pkey as private key to this context. | |
| bool | use_private_key_asn1 (int pk, unsigned char *d, long len) |
| adds the private key of type pk stored at memory location d (length len) | |
| bool | use_private_key_file (const std::string &file, FileType type) |
| adds the first private key found in file | |
| bool | use_rsa_private_key (RSA *rsa) |
| adds pkey as private key to this context. | |
| bool | use_rsa_private_key_asn1 (unsigned char *d, long len) |
| adds the private key of type pk stored at memory location d (length len) | |
| bool | use_rsa_private_key_file (const std::string &file, FileType type) |
| adds the first private key found in file | |
| bool | check_private_key () const |
| checks the consistency of a private key with the corresponding certificate loaded | |
| void | set_verify_depth (int depth) |
| sets the maximum depth for the certificate chain verification that shall be allowed | |
| long | verify_result () |
| get result of peer certificate verification | |
| X509 * | peer_certificate () |
| returns the X509 certificate of the peer | |
| bool | set_bio (BIO *read_bio=NULL, BIO *write_bio=NULL) |
| connect the SSL object with a BIO | |
| void | set_read_ahead (bool set=true) |
| sets the read ahead parameter of the SSL object | |
| BIO * | read_bio () |
| returns a pointer to the read channel bio | |
| BIO * | write_bio () |
| returns a pointer to the write channel bio | |
| ::SSL * | cobj () |
Static Public Member Functions | |
| static pointer | create (Context::pointer context=Context::pointer()) |
Protected Member Functions | |
| SSL (Context::pointer context) | |
Protected Attributes | |
| ::SSL * | m_cobj |
| Context::pointer | m_context |
| typedef ConexusPointer<SSL> Conexus::SSL::SSL::pointer |
Reimplemented in Conexus::SSL::IPv4::TCP, Conexus::SSL::IPv4::UDP, and Conexus::SSL::IPv6::TCP.
| Conexus::SSL::SSL::SSL | ( | Context::pointer | context | ) | [protected] |
| Conexus::SSL::SSL::~SSL | ( | ) |
References m_cobj.
| bool Conexus::SSL::SSL::check_private_key | ( | ) | const |
checks the consistency of a private key with the corresponding certificate loaded
If more than one key/certificate pair (RSA/DSA) is installed, the last item installed will be checked. If e.g. the last item was a RSA certificate or key, the RSA key/certificate pair will be checked.
If no key/certificate was explicitly added for this ssl, the last item added into ctx will be checked.
References m_cobj.
| bool Conexus::SSL::SSL::clear | ( | ) |
| Context::pointer Conexus::SSL::SSL::context | ( | ) |
| SSL::pointer Conexus::SSL::SSL::create | ( | Context::pointer | context = Context::pointer() |
) | [static] |
| X509 * Conexus::SSL::SSL::peer_certificate | ( | ) |
| BIO * Conexus::SSL::SSL::read_bio | ( | ) |
| bool Conexus::SSL::SSL::set_bio | ( | BIO * | read_bio = NULL, |
|
| BIO * | write_bio = NULL | |||
| ) |
connect the SSL object with a BIO
References m_cobj.
Referenced by Conexus::SSL::IPv6::TCP::open(), Conexus::SSL::IPv4::UDP::open(), Conexus::SSL::IPv4::TCP::open(), Conexus::SSL::IPv6::TCP::TCP(), and Conexus::SSL::IPv4::TCP::TCP().
| void Conexus::SSL::SSL::set_client_mode | ( | ) |
Sets the SSL engine into a client(connect) mode when performing new handshakes.
If ssl_connect() is not used in a client application, this method must be explicitly called before handshaking occurs.
References m_cobj.
| void Conexus::SSL::SSL::set_context | ( | Context::pointer | context | ) |
| void Conexus::SSL::SSL::set_read_ahead | ( | bool | set = true |
) |
| void Conexus::SSL::SSL::set_server_mode | ( | ) |
Sets the SSL engine into a server(accept) mode when performing new handshakes.
If ssl_accept() is not used in a server application, this method must be explicitly called before handshaking occurs.
References m_cobj.
| void Conexus::SSL::SSL::set_verify_depth | ( | int | depth | ) |
sets the maximum depth for the certificate chain verification that shall be allowed
References m_cobj.
| void Conexus::SSL::SSL::ssl_accept | ( | ) |
References m_cobj, and Conexus::throw_ssl_exception().
| void Conexus::SSL::SSL::ssl_connect | ( | ) |
References m_cobj, and Conexus::throw_ssl_exception().
Referenced by Conexus::SSL::IPv6::TCP::connect(), Conexus::SSL::IPv4::UDP::connect(), and Conexus::SSL::IPv4::TCP::connect().
| size_t Conexus::SSL::SSL::ssl_input_available | ( | ) |
References m_cobj.
| Data Conexus::SSL::SSL::ssl_read | ( | size_t | s = 0 |
) |
References m_cobj, Conexus::Data::resize(), Conexus::Data::size(), and Conexus::throw_ssl_exception().
| bool Conexus::SSL::SSL::ssl_shutdown | ( | bool | bidirectional = false |
) |
shuts down an active TLS/SSL connection
It sends the "close notify" shutdown alert to the peer.
| bidirectional | if true, calls the underlying SSL_shutdown() twice to shut down the bidirectional shutdown |
References m_cobj, and Conexus::throw_ssl_exception().
| ssize_t Conexus::SSL::SSL::ssl_write | ( | const char * | data, | |
| size_t | datalen | |||
| ) |
References m_cobj, and Conexus::throw_ssl_exception().
| ssize_t Conexus::SSL::SSL::ssl_write | ( | const Data | data | ) |
References Conexus::Data::size().
| bool Conexus::SSL::SSL::use_certificate | ( | X509 * | x | ) |
loads the certificate x
The rest of the certificates needed to form the complete certificate chain can be specified using add_extra_chain_cert().
References m_cobj.
| bool Conexus::SSL::SSL::use_certificate_asn1 | ( | unsigned char * | d, | |
| int | len | |||
| ) |
| bool Conexus::SSL::SSL::use_certificate_file | ( | const std::string & | file, | |
| FileType | type | |||
| ) |
loads the first certificate stored in file
The formatting type of the certificate must be specified from the known types PEM or ASN1.
References m_cobj.
| bool Conexus::SSL::SSL::use_private_key | ( | EVP_PKEY * | pkey | ) |
adds pkey as private key to this context.
If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with use_certificate() before setting the private key with use_private_key()
References m_cobj.
| bool Conexus::SSL::SSL::use_private_key_asn1 | ( | int | pk, | |
| unsigned char * | d, | |||
| long | len | |||
| ) |
| bool Conexus::SSL::SSL::use_private_key_file | ( | const std::string & | file, | |
| FileType | type | |||
| ) |
adds the first private key found in file
The formatting type of the certificate must be specified from the known types PEM or ASN1.
References m_cobj.
| bool Conexus::SSL::SSL::use_rsa_private_key | ( | RSA * | rsa | ) |
adds pkey as private key to this context.
If a certificate has already been set and the private does not belong to the certificate an error is returned. To change a certificate, private key pair the new certificate needs to be set with use_certificate() before setting the private key with use_private_key()
References m_cobj.
| bool Conexus::SSL::SSL::use_rsa_private_key_asn1 | ( | unsigned char * | d, | |
| long | len | |||
| ) |
| bool Conexus::SSL::SSL::use_rsa_private_key_file | ( | const std::string & | file, | |
| FileType | type | |||
| ) |
adds the first private key found in file
The formatting type of the certificate must be specified from the known types PEM or ASN1.
References m_cobj.
| long Conexus::SSL::SSL::verify_result | ( | ) |
get result of peer certificate verification
returns X509_V_OK if the underlying C object does not yet exist, to follow the same logic with the case where no peer certificate was presented... namely that no error has occurred.
References m_cobj.
| BIO * Conexus::SSL::SSL::write_bio | ( | ) |
::SSL* Conexus::SSL::SSL::m_cobj [protected] |
Referenced by check_private_key(), clear(), cobj(), peer_certificate(), read_bio(), set_bio(), set_client_mode(), set_context(), set_read_ahead(), set_server_mode(), set_verify_depth(), SSL(), ssl_accept(), ssl_connect(), ssl_input_available(), ssl_read(), ssl_shutdown(), ssl_write(), use_certificate(), use_certificate_asn1(), use_certificate_file(), use_private_key(), use_private_key_asn1(), use_private_key_file(), use_rsa_private_key(), use_rsa_private_key_asn1(), use_rsa_private_key_file(), verify_result(), write_bio(), and ~SSL().
Context::pointer Conexus::SSL::SSL::m_context [protected] |
Referenced by context(), set_context(), and SSL().
1.5.8