Event_p.h
1// -*- C++ -*-
2
3// Copyright (c) 2005-2011, Isode Limited, London, England.
4// All rights reserved.
5//
6// Acquisition and use of this software and related materials for any
7// purpose requires a written licence agreement from Isode Limited,
8// or a written licence from an organisation licenced by Isode Limited
9// to grant such a licence.
10
11//
12//
13// Event_p.h
14//
15// Internal interfaces for library
16//
17// @VERSION@
18
19#include <isode/messages/ioevent.h>
20
21#ifdef __cplusplus
22
23#include "../include/timeutil.h"
24#include "../include/EventSvc.h"
25#include "../include/PollInterface.h"
26#include "../include/SSLconfig.h"
27#include "../include/StreamInterface.h"
28#include "../include/DatagramInterface.h"
29#include <openssl/ssl.h>
30#include <vector>
31
32struct X509_CERT_CTX;
33
34namespace Event {
35
37 extern Manager *CreateThreadManager ();
38
40 extern Manager *CreatePollManager ();
41}
42
43namespace Poll {
45 extern Provider *CreatePollpollProvider ();
46
48 extern Provider *CreatePollepollProvider ();
49
51 extern Provider *CreatePollselectProvider ();
52
54 extern Provider *CreatePollportProvider ();
55}
56
57namespace Stream {
59 extern Provider *CreateSocketPollProvider ();
60}
61
62namespace Datagram {
64 extern Provider *CreateSocketPollProvider ();
65}
66
67namespace SSLTLS {
68 static inline TLS_CipherSuite cipher_id(const SSL_CIPHER*c) {
69 return SSL_CIPHER_get_id(c) & 0xffffff;
70 }
71
73 class OpenSSLContext : public Context {
74 private:
75 ICrypto::Environment::ptr_t envptr;
76 SSL_CTX *ctx;
77 tls_verify_client_choice choice;
78 bool have_tls_id;
79 std::list<std::string> id_uris;
80 std::list<std::string> trust_anchor_uris;
81 bool dontTrustIdentities;
82
83 static pthread_mutex_t globalmutex;
84 static bool globalinit;
86
87 static cipher_suites_t available_suites;
88 static cipher_suites_t default_suites;
89
90 void loadCAsfromPEM (const char *name);
91
92 void loadCertsFromFiles (
93 Config *confobj, std::list<std::string>& DER_files, bool ista);
94
95 void convertLookupFlags (int lookup_flags);
96
97 std::list<X509*> PullCertificates (const std::list<std::string>& uris);
98
99 public:
101 OpenSSLContext () : ctx(0), have_tls_id(false) {}
102
104 virtual ~OpenSSLContext ();
105
107 virtual const cipher_suites_t & AvailableSuites () {
108 return available_suites;
109 }
110
112 virtual const cipher_suites_t & DefaultSuites () {
113 return default_suites;
114 }
115
117 virtual bool HaveTLSIdentity () {
118 return ctx && SSL_CTX_get0_certificate (ctx) &&
119 SSL_CTX_get0_privatekey (ctx);
120 }
121
123 int Configure (Config *confobj, MSGstruct *msp);
124
126 SSL *GetSSL (tls_verify_client_choice &verifychoice);
127
128 bool IsUsable ();
129
130 std::list<X509*> ServerCertificates (void);
131
133 static int Initialize (MSGstruct *msp);
134
135 std::list<X509*> GetTrustAnchors () const;
136
137 int GetTlsInfo (const ICryptoKeyType keyType,
138 EVP_PKEY** key,
139 std::vector<std::string>& san,
140 std::vector<std::vector<unsigned char>>& cert_chain) const;
141
142 size_t GetNbIdentities() const;
143 };
144
146 extern int CheckHostname (X509 *cert, const char *hostname, MSGstruct *msp);
147
149 extern int SSLError (MSGstruct *msp, int msgno, const char *ctx);
150
152 inline static void LogSSLError (int msgno, const char *ctx) {
153 if ( LOGGING_ID(msgno) ) {
154 MSGstruct lmsg;
155 SSLError (&lmsg, msgno, ctx);
156 LOGmessage (&lmsg);
157 }
158 }
159}
160
161#endif
SSLTLS::tls_verify_client_choice
tls_verify_client_choice
Values for choosing client verification.
Definition SSLconfig.h:51
SSLTLS::cipher_suites_t
std::set< TLS_CipherSuite > cipher_suites_t
Set of Cipher Suites (using the number)
Definition SSLconfig.h:44
Datagram
Interface between a user of a datagram service and its provider.
Definition DatagramInterface.h:27
Stream
Interface between a user of a stream and the provider of a stream.
Definition StreamInterface.h:40

All rights reserved © 2002 - 2024 Isode Ltd.