Home C-Bits Package Documentation Project Page

Main Page   Namespace List   Compound List   File List   Compound Members   File Members  

SSLContext.h

Go to the documentation of this file.
00001 /* ====================================================================
00002  *              The CBITS Software License, Version 1.0
00003  *
00004  *               Copyright (c) 2002-2003 Bruce Lowery
00005  *                       All rights reserved
00006  *
00007  * Redistribution and use of this software, in source and binary forms, 
00008  * with or without modification, are permitted provided that the above 
00009  * copyright notice, this paragraph, and the following paragraph are 
00010  * retained in each source code file.
00011  *
00012  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
00013  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
00014  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
00015  * DISCLAIMED.  IN NO EVENT SHALL BRUCE LOWERY OR OTHER CONTRIBUTORS 
00016  * TO THE CBITS LIBRARY BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
00017  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
00018  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
00019  * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
00020  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
00021  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
00022  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
00023  * SUCH DAMAGE.
00024  * ====================================================================
00025  */
00026 #ifndef __SSLCONTEXT_H__
00027 #define __SSLCONTEXT_H__
00028 
00029 // STD C++
00030 #include <vector>
00031 
00032 // CBITS
00033 #include <cbits/SSLContextException.h>
00034 #include <cbits/CriticalSection.h>
00035 #include <cbits/portable_mutex.h>
00036 
00037 // OpenSSL
00038 #include <openssl/bio.h>
00039 #include <openssl/err.h>
00040 #include <openssl/rand.h>
00041 #include <openssl/ssl.h>
00042 #include <openssl/x509.h>
00043 
00044 #ifdef BUILD_DLL
00045 #define EXPORT __declspec(dllexport)
00046 #else
00047 #define EXPORT
00048 #endif
00049 
00050 
00051 namespace cbits {
00052 
00057 class EXPORT SSLContext
00058 {
00059 
00060 public:
00061 
00067     typedef enum 
00068     { 
00069         NONE=1, 
00072         PRESENT,
00076         REQUIRED
00080     } PEER_AUTH_LEVEL;
00081 
00082 
00091     SSLContext
00092     ( 
00093         const char* cert_chain_path, 
00097         const char* private_key_path,
00100         const char* trusted_path,    
00104         PEER_AUTH_LEVEL level,       
00105         const char* pk_passwd=0,     
00106         const bool export_only=false,
00108         const void* random=0,        
00110         const int ran_len=0          
00111     )
00112         throw( SSLContextException );
00113 
00114 
00119     virtual ~SSLContext();
00120 
00121 
00127     typedef int (*VERIFY_CALLBACK)(int ok, X509_STORE_CTX* store);
00128 
00143     static void* setVerifyCallback
00144     (
00145         VERIFY_CALLBACK cback 
00146     ) 
00147         throw( SSLContextException );
00148 
00149 
00154     typedef DH*(*DHPARM_CALLBACK)(SSL* ssl, int is_export, int keylen);
00155 
00156 
00166     void setDHParmCallback
00167     (
00168         DHPARM_CALLBACK cb  
00169     )
00170         throw( SSLContextException );
00171 
00172 
00178     typedef SSL_CTX* SSL_CTX_PTR;
00179 
00180 
00186     inline operator SSL_CTX_PTR() { return _ssl_ctx; }
00187 
00188 
00189 protected:
00190 
00194     static const bool init_lib
00195     ( 
00196         const void* buffer=0, 
00197         const int buflen=0 
00198     );
00199 
00200 
00207     static int verify_callback( int ok, X509_STORE_CTX *store );
00208 
00209 
00210 private:
00211 
00212 
00217     static void mt_setup( void );
00218 
00219 
00225     static void mt_cleanup( void );
00226 
00227 
00232     static void mt_lock_n
00233     (
00234         int mode,          
00235         int n,             
00236         const char* file,  
00237         int line           
00238     );
00239 
00240 
00246     static unsigned long mt_get_tid( void );
00247 
00248 
00253     static int passwd_cb( char* buf, int sz, int flg, void* userdata );
00254 
00255 
00256 private:
00257 
00262     std::string _cert_path;
00263 
00264 
00269     std::string _pkey_path;
00270 
00271 
00277     std::string _trusted_path;
00278 
00279 
00284     SSL_CTX* _ssl_ctx;
00285 
00286 
00291     int _verify_level;
00292 
00293 
00299     bool _export_only;
00300 
00301 
00306     std::string _passphrase;
00307 
00308 
00314     static bool _is_lib_inited;
00315 
00316 
00321     static std::vector<MUTEX_TYPE>  _mutex;
00322 
00323 
00328     static CriticalSection _csect;
00329 
00330 
00334     static VERIFY_CALLBACK _client_verify_cb;
00335 
00336 
00340     static long int _num_contexts;
00341 };
00342 
00343 // TO DO:
00344 // 1.  Allow verify callback to be specified.
00345 // 2.  x
00346 };
00347 
00348 
00349 #endif
00350 
00351 /*
00352  * $Id: SSLContext.h,v 1.4 2002/10/16 22:32:44 brulow Exp $
00353  * 
00354  * History: (Add nothing manually below)
00355  * -----------------------------------------------------------------------
00356  *
00357  * $Log: SSLContext.h,v $
00358  * Revision 1.4  2002/10/16 22:32:44  brulow
00359  * Improve doc, misc
00360  *
00361  * Revision 1.3  2002/10/10 01:16:22  brulow
00362  * Improve documentation
00363  *
00364  * Revision 1.2  2002/09/27 22:04:16  brulow
00365  * Add history footer to all .h .cpp files
00366  *
00367  *
00368  */

Generated by
doxygen
Hosted by
SourceForge