![]() ![]() |
![]() |
File: [Pegasus] / pegasus / src / Pegasus / Common / SSLContext.h
(download)
Revision: 1.12, Thu Mar 13 18:41:47 2003 UTC (21 years, 3 months ago) by kumpf Branch: MAIN CVS Tags: mday-merge-start, mday-merge-pegasus/src/Pegasus/Server, mday-merge-pegasus/src/Pegasus/Common, RELEASE_2_2_1-snapshot, RELEASE_2_2_0_0-release, RELEASE_2_2_0-root, RELEASE_2_2_0-branch, RELEASE_2_2-root, PEGASUS_FC_VERSION_2_2 Changes since 1.11: +40 -17 lines HP-Nag: Modified SSLContext to use /dev/random and /dev/urandom (PEP:35). Added private constructor in SSLContext that take certPath and certKeyPath as parameters and modified CIMServer.cpp to pass certKeyPath instead of certPath (Fix for Bug:209). |
//%///////////////////////////////////////////////////////////////////////////// // // Copyright (c) 2000, 2001, 2002 BMC Software, Hewlett-Packard Company, IBM, // The Open Group, Tivoli Systems // // Permission is hereby granted, free of charge, to any person obtaining a copy // of this software and associated documentation files (the "Software"), to // deal in the Software without restriction, including without limitation the // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or // sell copies of the Software, and to permit persons to whom the Software is // furnished to do so, subject to the following conditions: // // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. // //============================================================================== // // Author: Markus Mueller (sedgewick_de@yahoo.de) // // Modified By: Nag Boranna, Hewlett-Packard Company (nagaraja_boranna@hp.com) // Roger Kumpf, Hewlett-Packard Company (roger_kumpf@hp.com) // //%///////////////////////////////////////////////////////////////////////////// #ifndef Pegasus_SSLContext_h #define Pegasus_SSLContext_h #include <Pegasus/Common/Config.h> #include <Pegasus/Common/String.h> #include <Pegasus/Common/Exception.h> #include <Pegasus/Common/Linkage.h> PEGASUS_NAMESPACE_BEGIN class SSLCertificateInfoRep; class SSLContextRep; class SSLSocket; /** This class provides the interface that a client gets as argument to certificate verification call back function. */ class PEGASUS_COMMON_LINKAGE SSLCertificateInfo { public: /** Constructor for a SSLCertificateInfo object. @param subjectName subject name of the certificate @param issuerName issuer name of the certificate @param errorDepth depth of the certificate chain @param errorCode error code from the default verification of the certificates by the Open SSL library. */ SSLCertificateInfo( const String subjectName, const String issuerName, const int errorDepth, const int errorCode, const int respCode); /** Copy constructor for a SSLCertificateInfo object. @param certificateInfo SSLCertificateInfo object to copy */ SSLCertificateInfo(const SSLCertificateInfo& certificateInfo); ~SSLCertificateInfo(); /** Gets the subject name of the certificate @return a string containing the subject name. */ String getSubjectName() const; /** Gets the issuer name of the certificate @return a string containing the issuer name. */ String getIssuerName() const; /** Gets the depth of the certificate chain @return an int containing the depth of the certificate chain */ int getErrorDepth() const; /** Gets the preverify error code @return an int containing the preverification error code */ int getErrorCode() const; /** Gets the preverify response code @return an int containing the preverify response code */ int getResponseCode() const; /** Sets the response code @param respCode response code to be set. */ void setResponseCode(const int respCode); private: SSLCertificateInfo(); SSLCertificateInfoRep* _rep; }; typedef Boolean (SSLCertificateVerifyFunction) (SSLCertificateInfo &certInfo); /** This class provides the interface that a client uses to create SSL context. For the OSs that don't have /dev/random device file, must enable PEGASUS_SSL_RANDOMFILE flag and pass random file name to constructor. */ class PEGASUS_COMMON_LINKAGE SSLContext { public: /** Constructor for a SSLContext object. @param certPath certificate file path @param verifyCert function pointer to a certificate verification call back function. A null pointer indicates that no callback is requested for certificate verification. @param randomFile file path of a random file that is used as a seed for random number generation by OpenSSL. @exception SSLException indicates failure to create an SSL context. */ SSLContext( const String& certPath, SSLCertificateVerifyFunction* verifyCert, const String& randomFile = String::EMPTY); #ifndef PEGASUS_REMOVE_DEPRECATED SSLContext( const String& certPath, SSLCertificateVerifyFunction* verifyCert, const String& randomFile, Boolean isCIMClient); #endif SSLContext(const SSLContext& sslContext); ~SSLContext(); private: /** Constructor for a SSLContext object. This constructor is intended to be used by the CIMServer only. @param certPath certificate file path @param certKeyPath certificate key file path @param verifyCert function pointer to a certificate verification call back function. A null pointer indicates that no callback is requested for certificate verification. @param randomFile file path of a random file that is used as a seed for random number generation by OpenSSL. @exception SSLException indicates failure to create an SSL context. */ SSLContext( const String& certPath, const String& certKeyPath, SSLCertificateVerifyFunction* verifyCert, const String& randomFile); SSLContext(); SSLContextRep* _rep; friend class SSLSocket; friend class CIMServer; }; PEGASUS_NAMESPACE_END #endif /* Pegasus_SSLContext_h */
No CVS admin address has been configured |
Powered by ViewCVS 0.9.2 |