version 1.13, 2003/10/22 14:26:04
|
version 1.15, 2004/05/21 20:57:00
|
|
|
// | // |
// Author: Nag Boranna, Hewlett-Packard Company ( nagaraja_boranna@hp.com ) | // Author: Nag Boranna, Hewlett-Packard Company ( nagaraja_boranna@hp.com ) |
// | // |
// Modified By: Sushma Fernandes, Hewlett-Packard Company |
// Modified By: Sushma Fernandes, Hewlett-Packard Company (sushma_fernandes@hp.com) |
// sushma_fernandes@hp.com |
// Heather Sterling, IBM (hsterl@us.ibm.com) |
// | // |
//%///////////////////////////////////////////////////////////////////////////// | //%///////////////////////////////////////////////////////////////////////////// |
| |
|
|
public: | public: |
| |
/** Constructor for a SSLContextRep object. | /** Constructor for a SSLContextRep object. |
@param trustPath trust store file path |
@param trustStore trust store file path |
@param certPath server certificate file path | @param certPath server certificate file path |
@param keyPath server key file path | @param keyPath server key file path |
@param verifyCert function pointer to a certificate verification | @param verifyCert function pointer to a certificate verification |
|
|
@exception SSLException exception indicating failure to create a context. | @exception SSLException exception indicating failure to create a context. |
*/ | */ |
SSLContextRep( | SSLContextRep( |
const String& trustPath, |
const String& trustStore, |
const String& certPath = String::EMPTY, | const String& certPath = String::EMPTY, |
const String& keyPath = String::EMPTY, | const String& keyPath = String::EMPTY, |
SSLCertificateVerifyFunction* verifyCert = NULL, | SSLCertificateVerifyFunction* verifyCert = NULL, |
const String& randomFile = String::EMPTY); | const String& randomFile = String::EMPTY); |
| |
|
#ifdef PEGASUS_USE_SSL_CLIENT_VERIFICATION |
|
//ATTN: We may need to make this more robust to cover the different variations of SSLContexts |
|
|
|
/** Constructor for a SSLContextRep object. |
|
@param trustStore trust store file path |
|
@param certPath server certificate file path |
|
@param keyPath server key file path |
|
@param verifyCert function pointer to a certificate verification |
|
call back function. |
|
@param randomFile file path of a random file that is used as a seed |
|
for random number generation by OpenSSL. |
|
|
|
@exception SSLException exception indicating failure to create a context. |
|
*/ |
|
SSLContextRep( |
|
const String& trustStore, |
|
const String& certPath = String::EMPTY, |
|
const String& keyPath = String::EMPTY, |
|
SSLCertificateVerifyFunction* verifyCert = NULL, |
|
Boolean trustStoreAutoUpdate = false, |
|
String trustStoreUserName = String::EMPTY, |
|
const String& randomFile = String::EMPTY); |
|
#endif |
|
|
SSLContextRep(const SSLContextRep& sslContextRep); | SSLContextRep(const SSLContextRep& sslContextRep); |
| |
~SSLContextRep(); | ~SSLContextRep(); |
| |
SSL_CTX * getContext() const; | SSL_CTX * getContext() const; |
| |
|
String getTrustStore() const; |
|
|
|
String getCertPath() const; |
|
|
|
String getKeyPath() const; |
|
|
|
Boolean isPeerVerificationEnabled() const; |
|
|
|
Boolean isTrustStoreAutoUpdateEnabled() const; |
|
|
|
String getTrustStoreUserName() const; |
|
|
/* | /* |
Initialize the SSL locking environment. | Initialize the SSL locking environment. |
| |
|
|
| |
SSL_CTX * _makeSSLContext(); | SSL_CTX * _makeSSLContext(); |
void _randomInit(const String& randomFile); | void _randomInit(const String& randomFile); |
Boolean _verifyPrivateKey(SSL_CTX *ctx, const char *keyFilePath); |
Boolean _verifyPrivateKey(SSL_CTX *ctx, const String& keyPath); |
| |
CString _trustPath; |
String _trustStore; |
CString _certPath; |
String _certPath; |
CString _keyPath; |
String _keyPath; |
String _randomFile; | String _randomFile; |
SSL_CTX * _sslContext; | SSL_CTX * _sslContext; |
| |
|
Boolean _verifyPeer; |
|
Boolean _trustStoreAutoUpdate; |
|
String _trustStoreUserName; |
|
|
/* | /* |
Mutex containing the SSL locks. | Mutex containing the SSL locks. |
*/ | */ |