sockets::SSLContext Class Reference

SSL context class. More...

#include <ssl.h>

List of all members.

Public Types

enum  { ctServer = 1, ctClient = 2, ctMin = ctServer, ctMax = ctClient }
 Connection types handled by a context. More...
enum  { cmSSLv2 = 0x1, cmSSLv3 = 0x2, cmTLSv1 = 0x4, cmAny = (cmSSLv2 | cmSSLv2 | cmTLSv1) }
 Connection methods handled by a context. More...
enum  { vmVerify = 0x0001, vmFailIfNoPeerCert = 0x0004, vmClientOnce = 0x0008 }
 Verify modes. More...

Public Member Functions

 ~SSLContext ()
 Destructor.
SSLInfocreate (TCPClient &client) const
 Creates a new SSLInfo object from this context.
void reject_methods (uint16_t methods)
 Rejects some connection methods.
void verify (uint16_t mode)
 Configures verification.
bool verify_certificate_file (char const *file)
 Loads a list of CA certificates from a file.
Eventsevents () const
 Returns the events handler.
void events (Events *events)
 Sets the events handler.
bool is_session_caching () const
 Returns whether session caching is enabled.
void set_session_caching (bool value)
 Sets whether session caching is enabled.
bool certificate_chain (char const *file)
 Sets the certificate chain file.
bool private_key_file (char const *file)
 Sets the private key.
bool private_key_check () const
 Ensures the consistency of the private key with the certificate.
uint8_t type () const
 Returns the type of connection handled by this context.
uint16_t methods () const
 Returns an or'ed set of connection methods accepted in this context.
char const * error () const
 Returns the last error of the thread.

Static Public Member Functions

static void init ()
 Initializes the SSL library.
static SSLContextfactory (uint8_t type, uint16_t methods)
 Instantiates a SSL context if OpenSSL support is available.

Friends

class SSLInfo
 Add SSLInfo as a friend.

Classes

class  Events
 Events callback class. More...


Detailed Description

This class encapsulates a SSL_CTX structure as created by OpenSSL.

Like all SSL classes, it is designed to be instantiatable even if there is OpenSSL libraries and header files have not been found on the system. The factory() function in particular allows to build a SSLContext if and only if such support is provided.


Member Enumeration Documentation

anonymous enum

Enumerator:
ctServer  Server connection.
ctClient  Client connection.
ctMin  Minimum type allowed.
ctMax  Maximum type allowed.

anonymous enum

Enumerator:
cmSSLv2  SSLv2.
cmSSLv3  SSLv3.
cmTLSv1  TLSv1.
cmAny  Any method.

anonymous enum

Enumerator:
vmVerify  Do a verification.
vmFailIfNoPeerCert  Fail immediately if the client did not return a certificate (server only).
vmClientOnce  Only request client certificate at initial handshake (server only).


Member Function Documentation

static SSLContext* sockets::SSLContext::factory ( uint8_t  type,
uint16_t  methods 
) [static]

Instantiates a SSL context if OpenSSL support is available. This is the only way of creating a SSLContext object.

Parameters:
[in] type The connection type for sockets using this context, that might be either ctServer or ctClient.
[in] methods The connection method(s) allowed for sockets using this context, that might be either cmAny, cmSSLv2, cmSSLv3 or cmTLSv1.
Returns:
A new SSL context object.

SSLInfo* sockets::SSLContext::create ( TCPClient client  )  const

Creates a new SSLInfo object from this context.

void sockets::SSLContext::reject_methods ( uint16_t  methods  ) 

Rejects some connection methods. This is supported when the SSL context was created with cmAny as the chosen method.

Note that attempts to disable all remaining methods are ignored.

void sockets::SSLContext::verify ( uint16_t  mode  ) 

Configures verification.

Note that the Events::verify() method is called once verification is done, if you set the events handler.

Parameters:
[in] mode An or'ed set of vmVerify, vmFailIfNoPeerCert and vmClientOnce.

bool sockets::SSLContext::verify_certificate_file ( char const *  file  ) 

Loads a list of CA certificates for the certificate verification process from a file.

Parameters:
[in] file The file to load the certificates from, in PEM format.
Returns:
true if successful, false otherwise.

void sockets::SSLContext::events ( Events events  )  [inline]

Sets the events handler. The methods of this object are called when the corresponding event happens on the context and the connections initiated by the context.

bool sockets::SSLContext::is_session_caching (  )  const

Returns whether session caching is enabled. By default, it is enabled for servers but not for clients.

Returns:
true if session caching is enabled, false otherwise.

bool sockets::SSLContext::certificate_chain ( char const *  file  ) 

Sets the certificate chain file.

Parameters:
[in] file The certificate chain file, in PEM format
Returns:
true if successful, false otherwise.

bool sockets::SSLContext::private_key_file ( char const *  file  ) 

Sets the private key.

Parameters:
[in] file The certificate key file, in PEM format.
Returns:
true if successful, false otherwise.


The documentation for this class was generated from the following file:
Generated on Fri Apr 18 22:03:29 2008 for Epona API by  doxygen 1.5.3