(file) Return to SSLContextRep.h CVS log (file) (dir) Up to [Pegasus] / pegasus / src / Pegasus / Common 
  1 karl  1.20 //%2005////////////////////////////////////////////////////////////////////////

  2 kumpf 1.1  //

  3 karl  1.18 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
  4            // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
  5            // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;

  6 karl  1.13 // IBM Corp.; EMC Corporation, The Open Group.

  7 karl  1.18 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
  8            // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.

  9 karl  1.20 // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
 10            // EMC Corporation; VERITAS Software Corporation; The Open Group.

 11 kumpf 1.1  //
 12            // Permission is hereby granted, free of charge, to any person obtaining a copy

 13 kumpf 1.2  // of this software and associated documentation files (the "Software"), to
 14            // deal in the Software without restriction, including without limitation the
 15            // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or

 16 kumpf 1.1  // sell copies of the Software, and to permit persons to whom the Software is
 17            // furnished to do so, subject to the following conditions:
 18            // 

 19 kumpf 1.2  // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN

 20 kumpf 1.1  // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
 21            // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT

 22 kumpf 1.2  // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 23            // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
 24            // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN

 25 kumpf 1.1  // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 26            // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 27            //
 28            //==============================================================================
 29            //
 30            // Author: Nag Boranna, Hewlett-Packard Company ( nagaraja_boranna@hp.com )
 31            //

 32 h.sterling 1.14 // Modified By: Sushma Fernandes, Hewlett-Packard Company (sushma_fernandes@hp.com)
 33                 //              Heather Sterling, IBM (hsterl@us.ibm.com)

 34 kumpf      1.1  //
 35                 //%/////////////////////////////////////////////////////////////////////////////
 36                 
 37                 #ifdef PEGASUS_HAS_SSL

 38 mday       1.12 #define OPENSSL_NO_KRB5 1 

 39 kumpf      1.1  #include <openssl/err.h>
 40                 #include <openssl/ssl.h>
 41                 #include <openssl/rand.h>
 42                 #else
 43                 #define SSL_CTX void
 44                 #endif
 45                 #include <Pegasus/Common/SSLContext.h>

 46 kumpf      1.3  #include <Pegasus/Common/Linkage.h>

 47 kumpf      1.10 #include <Pegasus/Common/IPC.h>

 48 kumpf      1.1  
 49                 #ifndef Pegasus_SSLContextRep_h
 50                 #define Pegasus_SSLContextRep_h
 51                 
 52                 
 53                 PEGASUS_NAMESPACE_BEGIN
 54                 

 55 dave.sudlik 1.22 class SSLCallbackInfoRep
 56                  {
 57                  public:
 58                      SSLCertificateVerifyFunction* verifyCertificateCallback;
 59                      SSLCertificateInfo* peerCertificate;
 60                      X509_STORE* crlStore;
 61                  };

 62 kumpf       1.1  

 63 kumpf       1.3  class PEGASUS_COMMON_LINKAGE SSLContextRep

 64 kumpf       1.1  {

 65 kumpf       1.10     /*
 66                      SSL locking callback function. It is needed to perform locking on 
 67                      shared data structures.
 68                  
 69                      This function needs access to variable ssl_locks.
 70                      Declare it as a friend of class SSLContextRep.
 71                  

 72 h.sterling  1.21     @param mode     Specifies whether to lock/unlock.
 73                      @param type Type of lock.

 74 kumpf       1.10     @param file      File name of the function setting the lock.
 75                      @param line      Line number of the function setting the lock.
 76                      */
 77                      friend void pegasus_locking_callback(
 78                                        int       mode,
 79                                        int       type,
 80                                        const     char* file,
 81                                        int       line);
 82                  

 83 kumpf       1.1  public:
 84                  
 85                      /** Constructor for a SSLContextRep object.

 86 h.sterling  1.14     @param trustStore  trust store file path

 87 kumpf       1.11     @param certPath  server certificate file path
 88                      @param keyPath  server key file path

 89 kumpf       1.1      @param verifyCert  function pointer to a certificate verification
 90                      call back function.

 91 h.sterling  1.14     @param randomFile  file path of a random file that is used as a seed
 92                      for random number generation by OpenSSL.
 93                  
 94                      @exception SSLException  exception indicating failure to create a context.
 95                      */
 96                      SSLContextRep(
 97                          const String& trustStore,
 98                          const String& certPath = String::EMPTY,
 99                          const String& keyPath = String::EMPTY,

100 h.sterling  1.21         const String& crlPath = String::EMPTY,

101 h.sterling  1.14         SSLCertificateVerifyFunction* verifyCert = NULL,
102                          const String& randomFile = String::EMPTY);
103                  

104 kumpf       1.7      SSLContextRep(const SSLContextRep& sslContextRep);
105                  

106 kumpf       1.1      ~SSLContextRep();
107                  
108                      SSL_CTX * getContext() const;
109                  

110 h.sterling  1.14     String getTrustStore() const;
111                  
112                      String getCertPath() const;
113                  
114                      String getKeyPath() const;
115                  

116 dave.sudlik 1.22 #ifdef PEGASUS_USE_DEPRECATED_INTERFACES
117                  	String getTrustStoreUserName() const;
118                  #endif
119                  

120 h.sterling  1.21     String getCRLPath() const;

121 h.sterling  1.14 

122 h.sterling  1.21     X509_STORE* getCRLStore() const;
123                  
124                      void setCRLStore(X509_STORE* store);

125 h.sterling  1.14 

126 h.sterling  1.19     Boolean isPeerVerificationEnabled() const;

127 h.sterling  1.14 

128 h.sterling  1.16     SSLCertificateVerifyFunction* getSSLCertificateVerifyFunction() const;
129                  

130 kumpf       1.10     /*
131                      Initialize the SSL locking environment. 
132                           
133                      This function sets the locking callback functions.
134                      */
135                      static void init_ssl();
136                  
137                      /*
138                      Cleanup the SSL locking environment.
139                      */
140                      static void free_ssl();
141                  

142 kumpf       1.1  private:
143                  

144 kumpf       1.7      SSL_CTX * _makeSSLContext();

145 kumpf       1.9      void _randomInit(const String& randomFile);

146 kumpf       1.15     Boolean _verifyPrivateKey(SSL_CTX *ctx, const String& keyPath);

147 kumpf       1.1  

148 h.sterling  1.14     String _trustStore;
149                      String _certPath;
150                      String _keyPath;

151 h.sterling  1.21     String _crlPath;

152 kumpf       1.7      String _randomFile;
153                      SSL_CTX * _sslContext;

154 h.sterling  1.14 
155                      Boolean _verifyPeer;

156 kumpf       1.10 

157 h.sterling  1.16     SSLCertificateVerifyFunction* _certificateVerifyFunction;
158                  

159 h.sterling  1.21     X509_STORE* _crlStore;

160 h.sterling  1.19 

161 kumpf       1.10     /*
162                         Mutex containing the SSL locks.
163                      */
164                      static Mutex* _sslLocks;
165                  
166                      /*
167                         Count for instances of this class. This is used to initialize and free
168                         SSL locking objects.
169                      */
170                      static int _countRep;
171                  
172                      /*
173                         Mutex for countRep.
174                      */
175                      static Mutex _countRepMutex;

176 kumpf       1.1  };
177                  
178                  PEGASUS_NAMESPACE_END
179                  
180                  #endif /* Pegasus_SSLContextRep_h */
181
No CVS admin address has been configured
 Powered by
ViewCVS 0.9.2