pegasus/src/Pegasus/Common/SSLContextRep.h - diff

Return to SSLContextRep.h CVS log

Up to [Pegasus] / pegasus / src / Pegasus / Common

Diff for /pegasus/src/Pegasus/Common/SSLContextRep.h between version 1.15 and 1.23.2.1

version 1.15, 2004/05/21 20:57:00

version 1.23.2.1, 2006/02/10 16:09:38

Line 1

//%2003////////////////////////////////////////////////////////////////////////

//%2006////////////////////////////////////////////////////////////////////////

// Company, L. P., IBM Corp., The Open Group, Tivoli Systems.

// Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.

// IBM Corp.; EMC Corporation, The Open Group.

// IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.

// EMC Corporation; VERITAS Software Corporation; The Open Group.

// EMC Corporation; Symantec Corporation; The Open Group.

// Permission is hereby granted, free of charge, to any person obtaining a copy

// of this software and associated documentation files (the "Software"), to

Line 27

Line 33

// Modified By: Sushma Fernandes, Hewlett-Packard Company (sushma_fernandes@hp.com)

// Heather Sterling, IBM (hsterl@us.ibm.com)

// Aruran, IBM (ashanmug@in.ibm.com) for Bug#4422

//%/////////////////////////////////////////////////////////////////////////////

Line 48

Line 55

PEGASUS_NAMESPACE_BEGIN

class SSLCallbackInfoRep

{

public:

SSLCertificateVerifyFunction* verifyCertificateCallback;

Array<SSLCertificateInfo*> peerCertificate;

X509_STORE* crlStore;

};

class PEGASUS_COMMON_LINKAGE SSLContextRep

{

Line 86

Line 100

const String& trustStore,

const String& certPath = String::EMPTY,

const String& keyPath = String::EMPTY,

const String& crlPath = String::EMPTY,

SSLCertificateVerifyFunction* verifyCert = NULL,

const String& randomFile = String::EMPTY);

#ifdef PEGASUS_USE_SSL_CLIENT_VERIFICATION

//ATTN: We may need to make this more robust to cover the different variations of SSLContexts

/** Constructor for a SSLContextRep object.

@param trustStore trust store file path

@param certPath server certificate file path

@param keyPath server key file path

@param verifyCert function pointer to a certificate verification

call back function.

@param randomFile file path of a random file that is used as a seed

for random number generation by OpenSSL.

@exception SSLException exception indicating failure to create a context.

SSLContextRep(

const String& trustStore,

const String& certPath = String::EMPTY,

const String& keyPath = String::EMPTY,

SSLCertificateVerifyFunction* verifyCert = NULL,

Boolean trustStoreAutoUpdate = false,

String trustStoreUserName = String::EMPTY,

const String& randomFile = String::EMPTY);

#endif

SSLContextRep(const SSLContextRep& sslContextRep);

~SSLContextRep();

Line 125

Line 116

String getKeyPath() const;

#ifdef PEGASUS_USE_DEPRECATED_INTERFACES

String getTrustStoreUserName() const;

#endif

String getCRLPath() const;

X509_STORE* getCRLStore() const;

void setCRLStore(X509_STORE* store);

Boolean isPeerVerificationEnabled() const;

Boolean isTrustStoreAutoUpdateEnabled() const;

SSLCertificateVerifyFunction* getSSLCertificateVerifyFunction() const;

String getTrustStoreUserName() const;

private:

SSL_CTX * _makeSSLContext();

void _randomInit(const String& randomFile);

Boolean _verifyPrivateKey(SSL_CTX *ctx, const String& keyPath);

Initialize the SSL locking environment.

Line 143

Line 148

static void free_ssl();

private:

SSL_CTX * _makeSSLContext();

void _randomInit(const String& randomFile);

Boolean _verifyPrivateKey(SSL_CTX *ctx, const String& keyPath);

String _trustStore;

String _certPath;

String _keyPath;

String _crlPath;

String _randomFile;

SSL_CTX * _sslContext;

Boolean _verifyPeer;

Boolean _trustStoreAutoUpdate;

String _trustStoreUserName;

SSLCertificateVerifyFunction* _certificateVerifyFunction;

X509_STORE* _crlStore;

Mutex containing the SSL locks.

static Mutex* _sslLocks;

static AutoArrayPtr<Mutex> _sslLocks;

Count for instances of this class. This is used to initialize and free

Legend:

Removed from v.1.15
changed lines
	Added in v.1.23.2.1

No CVS admin address has been configured