pegasus/src/Pegasus/Common/TLS.h - annotate

Return to TLS.h CVS log

Up to [Pegasus] / pegasus / src / Pegasus / Common

1 karl 1.29 //%2006////////////////////////////////////////////////////////////////////////
2 mike 1.2 //
3 karl 1.18 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development 4 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems. 5 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
6 karl 1.14 // IBM Corp.; EMC Corporation, The Open Group.
7 karl 1.18 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.; 8 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
9 karl 1.20 // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.; 10 // EMC Corporation; VERITAS Software Corporation; The Open Group.
11 karl 1.29 // Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.; 12 // EMC Corporation; Symantec Corporation; The Open Group.
13 mike 1.2 // 14 // Permission is hereby granted, free of charge, to any person obtaining a copy
15 kumpf 1.8 // of this software and associated documentation files (the "Software"), to 16 // deal in the Software without restriction, including without limitation the 17 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
18 mike 1.2 // sell copies of the Software, and to permit persons to whom the Software is 19 // furnished to do so, subject to the following conditions:
20 karl 1.29 //
21 kumpf 1.8 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
22 mike 1.2 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED 23 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
24 kumpf 1.8 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR 25 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT 26 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
27 mike 1.2 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 29 //
30 sushma.fernandes 1.35 //============================================================================== 31 //
32 mike 1.2 //%///////////////////////////////////////////////////////////////////////////// 33 34 #ifndef Pegasus_TLS_h 35 #define Pegasus_TLS_h 36 37 #ifdef PEGASUS_HAS_SSL
38 david.dillard 1.24 #define OPENSSL_NO_KRB5 1
39 mike 1.2 #include <openssl/err.h> 40 #include <openssl/ssl.h>
41 kumpf 1.4 #include <openssl/rand.h>
42 mike 1.2 #else 43 #define SSL_CTX void
44 mday 1.13 typedef void SSL_Context; 45
46 kumpf 1.7 #endif // end of PEGASUS_HAS_SSL 47
48 mike 1.2 #include <Pegasus/Common/Config.h>
49 mday 1.13 #include <Pegasus/Common/Socket.h>
50 mike 1.2 #include <Pegasus/Common/String.h>
51 kumpf 1.11 #include <Pegasus/Common/InternalException.h>
52 kumpf 1.7 #include <Pegasus/Common/SSLContext.h>
53 kumpf 1.9 #include <Pegasus/Common/Linkage.h>
54 joyce.j 1.21 #include <Pegasus/Common/AutoPtr.h>
55 mike 1.33 #include <Pegasus/Common/ReadWriteSem.h>
56 mike 1.2
57 mike 1.3 // REVIEW: Figure out how this works (note to myself)? 58
59 kumpf 1.5
60 mike 1.2 PEGASUS_NAMESPACE_BEGIN 61 62 63 #ifdef PEGASUS_HAS_SSL
64 kumpf 1.9 class PEGASUS_COMMON_LINKAGE SSLSocket
65 mike 1.2 { 66 public: 67
68 kumpf 1.23 SSLSocket(
69 mike 1.31 SocketHandle socket,
70 kumpf 1.23 SSLContext * sslcontext,
71 sushma.fernandes 1.35 ReadWriteSem * sslContextObjectLock);
72 mike 1.2 73 ~SSLSocket(); 74
75 kumpf 1.12 Boolean incompleteReadOccurred(Sint32 retCode); 76
77 mike 1.2 Sint32 read(void* ptr, Uint32 size); 78
79 marek 1.32 Sint32 timedWrite(const void* ptr, 80 Uint32 size, 81 Uint32 socketWriteTimeout);
82 mike 1.2 83 void close(); 84 85 void enableBlocking(); 86 87 void disableBlocking(); 88 89 static void initializeInterface(); 90 91 static void uninitializeInterface(); 92
93 mike 1.31 SocketHandle getSocket() {return _socket;}
94 mike 1.2
95 kumpf 1.23 /**
96 david.dillard 1.24 Accepts the connection, performing the necessary SSL handshake.
97 kumpf 1.23 98 @return Returns -1 on failure, 0 if not enough data is available to 99 complete the operation (retry needed), and 1 on success. 100 */
101 mike 1.2 Sint32 accept(); 102 103 Sint32 connect(); 104
105 h.sterling 1.15 Boolean isPeerVerificationEnabled();
106 david.dillard 1.24
107 h.sterling 1.15 Boolean isCertificateVerified(); 108
109 carolann.graves 1.28 /** 110 Gets peer certificate chain. 111 112 @return array of SSLCertificateInfo pointers if there is an 113 SSLCallbackInfo pointer, 114 Otherwise an empty array 115 */
116 h.sterling 1.27 Array<SSLCertificateInfo*> getPeerCertificateChain();
117 h.sterling 1.15
118 mike 1.2 private: 119 120 SSL * _SSLConnection;
121 mike 1.31 SocketHandle _socket;
122 mike 1.2 SSLContext * _SSLContext;
123 kumpf 1.23 ReadWriteSem * _sslContextObjectLock;
124 sushma.fernandes 1.26 Uint32 _sslReadErrno;
125 h.sterling 1.15
126 joyce.j 1.21 AutoPtr<SSLCallbackInfo> _SSLCallbackInfo;
127 kumpf 1.16 Boolean _certificateVerified;
128 mike 1.2 }; 129 #else 130 131 // offer a non ssl dummy class for use in MP_Socket 132
133 mike 1.30 class SSLSocket {};
134 mike 1.2
135 kumpf 1.7 #endif // end of PEGASUS_HAS_SSL
136 mike 1.2 137 // 138 // MP_Socket (Multi-purpose Socket class 139 // 140 141 class MP_Socket { 142 143 public:
144 mike 1.31 MP_Socket(SocketHandle socket); // "normal" socket
145 mike 1.2
146 kumpf 1.23 MP_Socket(
147 mike 1.31 SocketHandle socket,
148 kumpf 1.23 SSLContext * sslcontext,
149 sushma.fernandes 1.35 ReadWriteSem * sslContextObjectLock);
150 mike 1.2 151 ~MP_Socket(); 152 153 Boolean isSecure();
154 kumpf 1.12 155 Boolean incompleteReadOccurred(Sint32 retCode);
156 mike 1.2
157 mike 1.31 SocketHandle getSocket();
158 mike 1.2 159 Sint32 read(void* ptr, Uint32 size); 160 161 Sint32 write(const void* ptr, Uint32 size); 162 163 void close(); 164 165 void enableBlocking(); 166 167 void disableBlocking(); 168
169 kumpf 1.23 /**
170 david.dillard 1.24 Accepts the connection, performing an SSL handshake if applicable.
171 kumpf 1.23 172 @return Returns -1 on failure, 0 if not enough data is available to 173 complete the operation (retry needed), and 1 on success. 174 */
175 mike 1.2 Sint32 accept(); 176 177 Sint32 connect();
178 h.sterling 1.15 179 Boolean isPeerVerificationEnabled(); 180
181 h.sterling 1.27 Array<SSLCertificateInfo*> getPeerCertificateChain();
182 h.sterling 1.15 183 Boolean isCertificateVerified(); 184
185 marek 1.32 void setSocketWriteTimeout(Uint32 socketWriteTimeout); 186
187 thilo.boehm 1.34 #ifdef PEGASUS_OS_ZOS 188 // Return the authenicated user name
189 kumpf 1.36 String getAuthenticatedUser() { return String(_username); } 190 Boolean isClientAuthenticated() { return _userAuthenticated; } 191 #endif
192 thilo.boehm 1.34
193 mike 1.2 union {
194 mike 1.31 SocketHandle _socket;
195 mike 1.2 SSLSocket *_sslsock; 196 }; 197 198 private: 199 Boolean _isSecure;
200 marek 1.32 Uint32 _socketWriteTimeout;
201 thilo.boehm 1.34 #ifdef PEGASUS_OS_ZOS
202 kumpf 1.36
203 thilo.boehm 1.34 int ATTLS_zOS_query(); 204 // The user name if authenticated through ATTLS. 205 char _username[10]; 206 Boolean _userAuthenticated;
207 kumpf 1.36 #endif
208 thilo.boehm 1.34
209 mike 1.2 };
210 mday 1.13 211 212
213 mike 1.2 214 PEGASUS_NAMESPACE_END 215 216 #endif /* Pegasus_TLS_h */

No CVS admin address has been configured