(file) Return to SSLContext.h CVS log (file) (dir) Up to [Pegasus] / pegasus / src / Pegasus / Common
File: [Pegasus] / pegasus / src / Pegasus / Common / SSLContext.h (download)
Revision: 1.12, Thu Mar 13 18:41:47 2003 UTC (21 years, 3 months ago) by kumpf
Branch: MAIN
CVS Tags: mday-merge-start, mday-merge-pegasus/src/Pegasus/Server, mday-merge-pegasus/src/Pegasus/Common, RELEASE_2_2_1-snapshot, RELEASE_2_2_0_0-release, RELEASE_2_2_0-root, RELEASE_2_2_0-branch, RELEASE_2_2-root, PEGASUS_FC_VERSION_2_2
Changes since 1.11: +40 -17 lines 
HP-Nag: Modified SSLContext to use /dev/random and /dev/urandom (PEP:35). Added private constructor in SSLContext that take certPath and certKeyPath as parameters and modified CIMServer.cpp to pass certKeyPath instead of certPath (Fix for Bug:209).

//%/////////////////////////////////////////////////////////////////////////////
//
// Copyright (c) 2000, 2001, 2002 BMC Software, Hewlett-Packard Company, IBM,
// The Open Group, Tivoli Systems
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to
// deal in the Software without restriction, including without limitation the
// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
// sell copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
// 
// THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
// ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
// "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
// LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
// PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
// HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
// ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
//==============================================================================
//
// Author: Markus Mueller (sedgewick_de@yahoo.de)
//
// Modified By: Nag Boranna, Hewlett-Packard Company (nagaraja_boranna@hp.com)
//              Roger Kumpf, Hewlett-Packard Company (roger_kumpf@hp.com)
//
//%/////////////////////////////////////////////////////////////////////////////

#ifndef Pegasus_SSLContext_h
#define Pegasus_SSLContext_h

#include <Pegasus/Common/Config.h>
#include <Pegasus/Common/String.h>
#include <Pegasus/Common/Exception.h>
#include <Pegasus/Common/Linkage.h>


PEGASUS_NAMESPACE_BEGIN

class SSLCertificateInfoRep;
class SSLContextRep;
class SSLSocket;


/** This class provides the interface that a client gets as argument
    to certificate verification call back function.
*/
class PEGASUS_COMMON_LINKAGE SSLCertificateInfo
{
public:
    /** Constructor for a SSLCertificateInfo object.
    @param subjectName subject name of the certificate
    @param issuerName  issuer name of the certificate
    @param errorDepth  depth of the certificate chain
    @param errorCode   error code from the default verification of the
    certificates by the Open SSL library.
    */
    SSLCertificateInfo(
        const String subjectName,
        const String issuerName,
        const int errorDepth,
        const int errorCode,
        const int respCode);

    /** Copy constructor for a SSLCertificateInfo object.
    @param certificateInfo SSLCertificateInfo object to copy
    */
    SSLCertificateInfo(const SSLCertificateInfo& certificateInfo);

    ~SSLCertificateInfo();

    /** Gets the subject name of the certificate
    @return a string containing the subject name.
    */
    String getSubjectName() const;

    /** Gets the issuer name of the certificate
    @return a string containing the issuer name.
    */
    String getIssuerName() const;

    /** Gets the depth of the certificate chain
    @return an int containing the depth of the certificate chain
    */
    int getErrorDepth() const;

    /** Gets the preverify error code
    @return an int containing the preverification error code 
    */
    int getErrorCode() const;

    /** Gets the preverify response code
    @return an int containing the preverify response code 
    */
    int getResponseCode() const;

    /** Sets the response code
    @param respCode response code to be set.
    */
    void setResponseCode(const int respCode);

private:

    SSLCertificateInfo();

    SSLCertificateInfoRep* _rep;
};


typedef Boolean (SSLCertificateVerifyFunction) (SSLCertificateInfo &certInfo);

/** This class provides the interface that a client uses to create
    SSL context.

    For the OSs that don't have /dev/random device file,
    must enable PEGASUS_SSL_RANDOMFILE flag and pass
    random file name to constructor.
*/
class PEGASUS_COMMON_LINKAGE SSLContext
{
public:

    /** Constructor for a SSLContext object.
    @param certPath  certificate file path
    @param verifyCert  function pointer to a certificate verification
    call back function.  A null pointer indicates that no callback is
    requested for certificate verification.
    @param randomFile  file path of a random file that is used as a seed 
    for random number generation by OpenSSL.

    @exception SSLException indicates failure to create an SSL context.
    */
    SSLContext(
        const String& certPath,
        SSLCertificateVerifyFunction* verifyCert,
        const String& randomFile = String::EMPTY);

#ifndef PEGASUS_REMOVE_DEPRECATED
    SSLContext(
        const String& certPath,
        SSLCertificateVerifyFunction* verifyCert,
        const String& randomFile,
        Boolean isCIMClient);
#endif

    SSLContext(const SSLContext& sslContext);

    ~SSLContext();

private:

    /** Constructor for a SSLContext object. This constructor is intended
    to be used by the CIMServer only.
    @param certPath  certificate file path
    @param certKeyPath  certificate key file path
    @param verifyCert  function pointer to a certificate verification
    call back function.  A null pointer indicates that no callback is
    requested for certificate verification.
    @param randomFile  file path of a random file that is used as a seed
    for random number generation by OpenSSL.

    @exception SSLException indicates failure to create an SSL context.
    */
    SSLContext(
        const String& certPath,
        const String& certKeyPath,
        SSLCertificateVerifyFunction* verifyCert,
        const String& randomFile);

    SSLContext();

    SSLContextRep* _rep;

    friend class SSLSocket;

    friend class CIMServer;
};

PEGASUS_NAMESPACE_END

#endif /* Pegasus_SSLContext_h */
No CVS admin address has been configured
 Powered by
ViewCVS 0.9.2