BLOCXX_NAMESPACE::SSLCtxMgr Class Reference

#include <SSLCtxMgr.hpp>

List of all members.

Static Public Member Functions

static int pem_passwd_cb (char *buf, int size, int rwflag, void *userData)

The callback for getting a passphrase on a certificate.

static bool checkClientCert (SSL *ssl, const String &hostName)

Check a certificate based on the callback function for client cert verification.

static bool checkServerCert (SSL *ssl, const String &hostName)

Check a certificate based on the callback function for server cert verification.

static void initClient (const String &certFile=String(), const String &keyFile=String())

Initialize for a client.

static void initServer (const String &certFile, const String &keyFile=String())

Initialize for a server.

static SSL_CTX * getSSLCtxServer ()

get the Server SSL Context

static SSL_CTX * getSSLCtxClient ()

get the Client SSL Context

static int sslRead (SSL *ssl, char *buf, int len)

Read from a SSL connection.

static int sslWrite (SSL *ssl, const char *buf, int len)

Write to a SSL connection.

static bool isClient ()

Have we been initialized as a client?

static bool isServer ()

Have we been initialized as a server?

static void setClientCertVerifyCallback (certVerifyFuncPtr_t cbfunc)

Assign a callback function to be used to verify SSL certificates.

static void setServerCertVerifyCallback (certVerifyFuncPtr_t cbfunc)

Assign a callback function to be used to verify SSL certificates.

static void uninit ()

static void generateEphRSAKey (SSL_CTX *ctx)

static String getOpenSSLErrorDescription ()

static void disableSSLInit ()

Calling this function before using any SSLCtxMgr instance will prevent blocxx from initializing the SSL library.

static void disableLocks ()

Calling this function before using any SSLCtxMgr instance will prevent blocxx from providing a dynamic locks implementation for the SSL library.

static Bool getSSLInitDisabled ()

static Bool getSSLLocksDisabled ()

Private Member Functions

SSLCtxMgr ()

SSLCtxMgr (const SSLCtxMgr &)

SSLCtxMgr & operator= (const SSLCtxMgr &)

Static Private Member Functions

static SSL_CTX * initCtx (const String &certfile, const String &keyfile, EVP_PKEY *pkey=0)

static void loadDHParams (SSL_CTX *ctx, const String &file)

static void uninitServer ()

static void uninitClient ()

static bool checkCert (SSL *ssl, const String &hostName, certVerifyFuncPtr_t cbFunc)

This probably needs to say something useful.

Static Private Attributes

static SSL_CTX * m_ctxClient = 0

static SSL_CTX * m_ctxServer = 0

static certVerifyFuncPtr_t m_clientCertVerifyCB = 0

static certVerifyFuncPtr_t m_serverCertVerifyCB = 0

Friends

class SSLCtxBase

Detailed Description

Definition at line 65 of file SSLCtxMgr.hpp.

Constructor & Destructor Documentation

BLOCXX_NAMESPACE::SSLCtxMgr::SSLCtxMgr ( ) [private]

BLOCXX_NAMESPACE::SSLCtxMgr::SSLCtxMgr ( const SSLCtxMgr & ) [private]

Member Function Documentation

int BLOCXX_NAMESPACE::SSLCtxMgr::pem_passwd_cb	(	char *	buf,
		int	size,
		int	rwflag,
		void *	userData
	)			`[static]`

The callback for getting a passphrase on a certificate.

Definition at line 441 of file SSLCtxMgr.cpp.

References BLOCXX_NAMESPACE::String::c_str(), BLOCXX_NAMESPACE::GetPass::getPass(), and BLOCXX_NAMESPACE::String::length().

Referenced by initCtx().

bool BLOCXX_NAMESPACE::SSLCtxMgr::checkClientCert	(	SSL *	ssl,
		const String &	hostName
	)			`[static]`

Check a certificate based on the callback function for client cert verification.

Parameters:

	ssl	A pointer to the SSL context
	hostname	the hostname of the client machine

Returns:: True if the certificate is good, false otherwise

Definition at line 454 of file SSLCtxMgr.cpp.

References checkCert(), and m_clientCertVerifyCB.

Referenced by BLOCXX_NAMESPACE::SSLSocketImpl::SSLSocketImpl().

bool BLOCXX_NAMESPACE::SSLCtxMgr::checkServerCert	(	SSL *	ssl,
		const String &	hostName
	)			`[static]`

Check a certificate based on the callback function for server cert verification.

Parameters:

	ssl	A pointer to the SSL context
	hostname	the hostname of the server machine

Returns:: True if the certificate is good, false otherwise

Definition at line 461 of file SSLCtxMgr.cpp.

References checkCert(), and m_serverCertVerifyCB.

Referenced by BLOCXX_NAMESPACE::SSLSocketImpl::connectSSL().

void BLOCXX_NAMESPACE::SSLCtxMgr::initClient	(	const String &	certFile = `String()`,
		const String &	keyFile = `String()`
	)			`[static]`

Initialize for a client.

Parameters:

	certFile	the path to the file containing the certificate.
	keyFile	the path to the file containing the key. If a certificate is specified but a key is not, the certificate file will also be searched for a key.

Exceptions:

SSLException

Definition at line 403 of file SSLCtxMgr.cpp.

References initCtx(), m_ctxClient, and uninitClient().

void BLOCXX_NAMESPACE::SSLCtxMgr::initServer	(	const String &	certFile,
		const String &	keyFile = `String()`
	)			`[static]`

Initialize for a server.

Parameters:

	certFile	the path to the file containing the certificate.
	keyFile	the path to the file containing the key. If a certificate is specified but a key is not, the certificate file will also be searched for a key.

Exceptions:

SSLException

Definition at line 413 of file SSLCtxMgr.cpp.

References BLOCXX_THROW, BLOCXX_NAMESPACE::String::c_str(), BLOCXX_NAMESPACE::String::empty(), generateEphRSAKey(), getOpenSSLErrorDescription(), initCtx(), BLOCXX_NAMESPACE::String::length(), m_ctxServer, and uninitServer().

static SSL_CTX* BLOCXX_NAMESPACE::SSLCtxMgr::getSSLCtxServer ( ) [inline, static]

get the Server SSL Context

Returns:: the server SSL_CTX

Definition at line 108 of file SSLCtxMgr.hpp.

Referenced by BLOCXX_NAMESPACE::SSLSocketImpl::SSLSocketImpl().

static SSL_CTX* BLOCXX_NAMESPACE::SSLCtxMgr::getSSLCtxClient ( ) [inline, static]

get the Client SSL Context

Returns:: the client SSL_CTX

Definition at line 116 of file SSLCtxMgr.hpp.

int BLOCXX_NAMESPACE::SSLCtxMgr::sslRead	(	SSL *	ssl,
		char *	buf,
		int	len
	)			`[static]`

Read from a SSL connection.

Parameters:

	ssl	a pointer to the SSL Context for the connection
	buf	a pointer to a buffer where data should be copied.
	len	the number of bytes to read.

Returns:: the number of bytes read.

Exceptions:

SSLException

Definition at line 506 of file SSLCtxMgr.cpp.

References BLOCXX_SSL_RETRY_LIMIT.

Referenced by BLOCXX_NAMESPACE::SSLSocketImpl::readAux().

int BLOCXX_NAMESPACE::SSLCtxMgr::sslWrite	(	SSL *	ssl,
		const char *	buf,
		int	len
	)			`[static]`

Write to a SSL connection.

Parameters:

	ssl	a pointer to a SSL Context for the connection
	buf	the buffer containing the data to write.
	len	the number of bytes to write.

Returns:: the number of bytes written.

Exceptions:

SSLException

Definition at line 531 of file SSLCtxMgr.cpp.

References BLOCXX_SSL_RETRY_LIMIT.

Referenced by BLOCXX_NAMESPACE::SSLSocketImpl::writeAux().

static bool BLOCXX_NAMESPACE::SSLCtxMgr::isClient ( ) [inline, static]

Have we been initialized as a client?

Returns:: true if initialized as a client

Definition at line 142 of file SSLCtxMgr.hpp.

static bool BLOCXX_NAMESPACE::SSLCtxMgr::isServer ( ) [inline, static]

Have we been initialized as a server?

Returns:: true if initialized as a server

Definition at line 147 of file SSLCtxMgr.hpp.

static void BLOCXX_NAMESPACE::SSLCtxMgr::setClientCertVerifyCallback ( certVerifyFuncPtr_t cbfunc ) [inline, static]

Assign a callback function to be used to verify SSL certificates.

Parameters:

cbfunc

the callback function. Signature: typedef void (*certVerifyFuncPtr_t)(X509* cert);

Definition at line 153 of file SSLCtxMgr.hpp.

static void BLOCXX_NAMESPACE::SSLCtxMgr::setServerCertVerifyCallback ( certVerifyFuncPtr_t cbfunc ) [inline, static]

Assign a callback function to be used to verify SSL certificates.

Parameters:

cbfunc

the callback function. Signature: typedef void (*certVerifyFuncPtr_t)(X509* cert);

Definition at line 160 of file SSLCtxMgr.hpp.

void BLOCXX_NAMESPACE::SSLCtxMgr::uninit ( ) [static]

Definition at line 567 of file SSLCtxMgr.cpp.

References BLOCXX_NAMESPACE::BLOCXX_SSL_LIBRARY_INITIALIZED, BLOCXX_NAMESPACE::BLOCXX_SSL_LIBRARY_NOT_INITIALIZED, uninitClient(), and uninitServer().

void BLOCXX_NAMESPACE::SSLCtxMgr::generateEphRSAKey ( SSL_CTX * ctx ) [static]

Exceptions:

SSLException

Definition at line 385 of file SSLCtxMgr.cpp.

References BLOCXX_ASSERT, BLOCXX_THROW, and getOpenSSLErrorDescription().

Referenced by initServer(), and BLOCXX_NAMESPACE::SSLCtxBase::SSLCtxBase().

String BLOCXX_NAMESPACE::SSLCtxMgr::getOpenSSLErrorDescription ( ) [static]

Definition at line 261 of file SSLCtxMgr.cpp.

References BLOCXX_ASSERT.

Referenced by BLOCXX_NAMESPACE::SSLTrustStore::addCertificate(), BLOCXX_NAMESPACE::SSLSocketImpl::connectSSL(), generateEphRSAKey(), initCtx(), initServer(), loadDHParams(), BLOCXX_NAMESPACE::Secure::rand(), BLOCXX_NAMESPACE::SSLCtxBase::SSLCtxBase(), and BLOCXX_NAMESPACE::SSLSocketImpl::SSLSocketImpl().

void BLOCXX_NAMESPACE::SSLCtxMgr::disableSSLInit ( ) [static]

Calling this function before using any SSLCtxMgr instance will prevent blocxx from initializing the SSL library.

This call should only be made if the SSL library has already been initialized, including cryptographic libraries, algorithms and error strings, if applicable. SSL library cleanup will also be skipped.

Exceptions:

SSLException

if an SSLCtxMgr instance has already been used.

Definition at line 279 of file SSLCtxMgr.cpp.

References BLOCXX_NAMESPACE::BLOCXX_SSL_LIBRARY_INITIALIZATION_DISABLED, BLOCXX_NAMESPACE::BLOCXX_SSL_LIBRARY_INITIALIZED, and BLOCXX_THROW.

void BLOCXX_NAMESPACE::SSLCtxMgr::disableLocks ( ) [static]

Calling this function before using any SSLCtxMgr instance will prevent blocxx from providing a dynamic locks implementation for the SSL library.

This call should only be made if an alternate locks implementation is being used.

Exceptions:

SSLException

if an SSLCtxMgr instance has already been used.

Definition at line 291 of file SSLCtxMgr.cpp.

References BLOCXX_NAMESPACE::BLOCXX_SSL_LOCKS_DISABLED, BLOCXX_NAMESPACE::BLOCXX_SSL_LOCKS_USED, and BLOCXX_THROW.

Bool BLOCXX_NAMESPACE::SSLCtxMgr::getSSLInitDisabled ( ) [static]

Definition at line 303 of file SSLCtxMgr.cpp.

References BLOCXX_NAMESPACE::BLOCXX_SSL_LIBRARY_INITIALIZATION_DISABLED.

Bool BLOCXX_NAMESPACE::SSLCtxMgr::getSSLLocksDisabled ( ) [static]

Definition at line 311 of file SSLCtxMgr.cpp.

References BLOCXX_NAMESPACE::BLOCXX_SSL_LOCKS_DISABLED.

SSL_CTX * BLOCXX_NAMESPACE::SSLCtxMgr::initCtx	(	const String &	certfile,
		const String &	keyfile,
		EVP_PKEY *	pkey = `0`
	)			`[static, private]`

Exceptions:

SSLException

Definition at line 319 of file SSLCtxMgr.cpp.

References BLOCXX_THROW, BLOCXX_NAMESPACE::String::c_str(), BLOCXX_NAMESPACE::String::empty(), BLOCXX_NAMESPACE::g_SSLGlobalWork, getOpenSSLErrorDescription(), pem_passwd_cb(), and BLOCXX_NAMESPACE::Secure::rand_init().

Referenced by initClient(), initServer(), and BLOCXX_NAMESPACE::SSLCtxBase::SSLCtxBase().

void BLOCXX_NAMESPACE::SSLCtxMgr::loadDHParams	(	SSL_CTX *	ctx,
		const String &	file
	)			`[static, private]`

Exceptions:

SSLException

Definition at line 363 of file SSLCtxMgr.cpp.

References BLOCXX_ASSERT, BLOCXX_THROW, BLOCXX_NAMESPACE::String::c_str(), and getOpenSSLErrorDescription().

void BLOCXX_NAMESPACE::SSLCtxMgr::uninitServer ( ) [static, private]

Definition at line 595 of file SSLCtxMgr.cpp.

References m_ctxServer.

Referenced by initServer(), and uninit().

void BLOCXX_NAMESPACE::SSLCtxMgr::uninitClient ( ) [static, private]

Definition at line 585 of file SSLCtxMgr.cpp.

References m_ctxClient.

Referenced by initClient(), and uninit().

SSLCtxMgr& BLOCXX_NAMESPACE::SSLCtxMgr::operator= ( const SSLCtxMgr & ) [private]

bool BLOCXX_NAMESPACE::SSLCtxMgr::checkCert	(	SSL *	ssl,
		const String &	hostName,
		certVerifyFuncPtr_t	cbFunc
	)			`[static, private]`

This probably needs to say something useful.

Definition at line 468 of file SSLCtxMgr.cpp.

References BLOCXX_ASSERT.

Referenced by checkClientCert(), and checkServerCert().

Friends And Related Function Documentation

friend class SSLCtxBase [friend]

Definition at line 196 of file SSLCtxMgr.hpp.

Member Data Documentation

SSL_CTX * BLOCXX_NAMESPACE::SSLCtxMgr::m_ctxClient = 0 [static, private]

Definition at line 198 of file SSLCtxMgr.hpp.

Referenced by initClient(), and uninitClient().

SSL_CTX * BLOCXX_NAMESPACE::SSLCtxMgr::m_ctxServer = 0 [static, private]

Definition at line 199 of file SSLCtxMgr.hpp.

Referenced by initServer(), and uninitServer().

certVerifyFuncPtr_t BLOCXX_NAMESPACE::SSLCtxMgr::m_clientCertVerifyCB = 0 [static, private]

Definition at line 200 of file SSLCtxMgr.hpp.

Referenced by checkClientCert().

certVerifyFuncPtr_t BLOCXX_NAMESPACE::SSLCtxMgr::m_serverCertVerifyCB = 0 [static, private]

Definition at line 201 of file SSLCtxMgr.hpp.

Referenced by checkServerCert().

The documentation for this class was generated from the following files:


Static Public Member Functions
static int	pem_passwd_cb (char buf, int size, int rwflag, void userData)
	The callback for getting a passphrase on a certificate.
static bool	checkClientCert (SSL *ssl, const String &hostName)
	Check a certificate based on the callback function for client cert verification.
static bool	checkServerCert (SSL *ssl, const String &hostName)
	Check a certificate based on the callback function for server cert verification.
static void	initClient (const String &certFile=String(), const String &keyFile=String())
	Initialize for a client.
static void	initServer (const String &certFile, const String &keyFile=String())
	Initialize for a server.
static SSL_CTX *	getSSLCtxServer ()
	get the Server SSL Context
static SSL_CTX *	getSSLCtxClient ()
	get the Client SSL Context
static int	sslRead (SSL ssl, char buf, int len)
	Read from a SSL connection.
static int	sslWrite (SSL ssl, const char buf, int len)
	Write to a SSL connection.
static bool	isClient ()
	Have we been initialized as a client?
static bool	isServer ()
	Have we been initialized as a server?
static void	setClientCertVerifyCallback (certVerifyFuncPtr_t cbfunc)
	Assign a callback function to be used to verify SSL certificates.
static void	setServerCertVerifyCallback (certVerifyFuncPtr_t cbfunc)
	Assign a callback function to be used to verify SSL certificates.
static void	uninit ()
static void	generateEphRSAKey (SSL_CTX *ctx)
static String	getOpenSSLErrorDescription ()
static void	disableSSLInit ()
	Calling this function before using any SSLCtxMgr instance will prevent blocxx from initializing the SSL library.
static void	disableLocks ()
	Calling this function before using any SSLCtxMgr instance will prevent blocxx from providing a dynamic locks implementation for the SSL library.
static Bool	getSSLInitDisabled ()
static Bool	getSSLLocksDisabled ()
Private Member Functions
	SSLCtxMgr ()
	SSLCtxMgr (const SSLCtxMgr &)
SSLCtxMgr &	operator= (const SSLCtxMgr &)
Static Private Member Functions
static SSL_CTX *	initCtx (const String &certfile, const String &keyfile, EVP_PKEY *pkey=0)
static void	loadDHParams (SSL_CTX *ctx, const String &file)
static void	uninitServer ()
static void	uninitClient ()
static bool	checkCert (SSL *ssl, const String &hostName, certVerifyFuncPtr_t cbFunc)
	This probably needs to say something useful.
Static Private Attributes
static SSL_CTX *	m_ctxClient = 0
static SSL_CTX *	m_ctxServer = 0
static certVerifyFuncPtr_t	m_clientCertVerifyCB = 0
static certVerifyFuncPtr_t	m_serverCertVerifyCB = 0
Friends
class	SSLCtxBase