(file) Return to TLS.h CVS log (file) (dir) Up to [Pegasus] / pegasus / src / Pegasus / Common
File: [Pegasus] / pegasus / src / Pegasus / Common / TLS.h (download)
Revision: 1.44, Tue Feb 26 19:05:10 2008 UTC (16 years, 4 months ago) by kumpf
Branch: MAIN
CVS Tags: TASK_PEP328_SOLARIS_NEVADA_PORT, TASK-PEP328_SOLARIS_NEVADA_PORT_v2-root, TASK-PEP328_SOLARIS_NEVADA_PORT_v2-branch, TASK-PEP328_SOLARIS_NEVADA_PORT-root, TASK-PEP328_SOLARIS_NEVADA_PORT-branch, TASK-PEP328_SOLARIS_IX86_CC_PORT-root, TASK-PEP328_SOLARIS_IX86_CC_PORT-branch-v2, TASK-PEP328_SOLARIS_IX86_CC_PORT-branch, TASK-PEP311_WSMan-root, TASK-PEP311_WSMan-branch, RELEASE_2_8_2-RC1, RELEASE_2_8_2, RELEASE_2_8_1-RC1, RELEASE_2_8_1, RELEASE_2_8_0_BETA, RELEASE_2_8_0-RC2, RELEASE_2_8_0-RC1, RELEASE_2_8_0-FC, RELEASE_2_8_0, RELEASE_2_8-root, RELEASE_2_8-branch, Makefile
Changes since 1.43: +1 -2 lines 
BUG#: 7469
TITLE: Build failure in CIMClientRep.cpp on Windows
DESCRIPTION: Limit the inclusion of SSL header files to the Common library.

//%2006////////////////////////////////////////////////////////////////////////
//
// Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
// Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
// Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
// IBM Corp.; EMC Corporation, The Open Group.
// Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
// IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
// Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
// EMC Corporation; VERITAS Software Corporation; The Open Group.
// Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.;
// EMC Corporation; Symantec Corporation; The Open Group.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to
// deal in the Software without restriction, including without limitation the
// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
// sell copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
// 
// THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
// ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
// "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
// LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
// PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
// HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
// ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
//==============================================================================
//
//%/////////////////////////////////////////////////////////////////////////////

#ifndef Pegasus_TLS_h
#define Pegasus_TLS_h

#include <Pegasus/Common/Config.h>
#include <Pegasus/Common/Socket.h>
#include <Pegasus/Common/String.h>
#include <Pegasus/Common/InternalException.h>
#include <Pegasus/Common/SSLContext.h>
#include <Pegasus/Common/Linkage.h>
#include <Pegasus/Common/AutoPtr.h>
#include <Pegasus/Common/ReadWriteSem.h>

PEGASUS_NAMESPACE_BEGIN

#ifdef PEGASUS_HAS_SSL
class PEGASUS_COMMON_LINKAGE SSLSocket
{
public:

    SSLSocket(
        SocketHandle socket,
        SSLContext * sslcontext,
        ReadWriteSem * sslContextObjectLock,
        const String& ipAddress);

    ~SSLSocket();

    Boolean incompleteSecureReadOccurred(Sint32 retCode);

    Sint32 read(void* ptr, Uint32 size);

    Sint32 timedWrite(const void* ptr,
                      Uint32 size,
                      Uint32 socketWriteTimeout);

    void close();

    void disableBlocking();

    static void initializeInterface();

    static void uninitializeInterface();

    SocketHandle getSocket() {return _socket;}

    /**
        Accepts the connection, performing the necessary SSL handshake.

        @return Returns -1 on failure, 0 if not enough data is available to
        complete the operation (retry needed), and 1 on success.
     */
    Sint32 accept();

    Sint32 connect(Uint32 timeoutMilliseconds);

    Boolean isPeerVerificationEnabled();

    Boolean isCertificateVerified();

    /**
        Gets peer certificate chain.

        @return array of SSLCertificateInfo pointers if there is an
                    SSLCallbackInfo pointer,
                Otherwise an empty array
     */
    Array<SSLCertificateInfo*> getPeerCertificateChain();

private:

    /**
        This member is of type SSL*, but we don't want to expose a dependency
        on the SSL include files in a header file.
    */
    void* _SSLConnection;

    SocketHandle _socket;
    SSLContext * _SSLContext;
    /**
        Keeps a copy of the CRL store from the _SSLContext to prevent using a
        dangling pointer when the CRL store is reloaded in the _SSLContext.
    */
    void* _crlStore;
    ReadWriteSem * _sslContextObjectLock;
    Uint32 _sslReadErrno;

    AutoPtr<SSLCallbackInfo> _SSLCallbackInfo;
    String _ipAddress;
    Boolean _certificateVerified;
};
#else

// offer a non ssl dummy class for use in MP_Socket

class SSLSocket {};

#endif // end of PEGASUS_HAS_SSL

//
// MP_Socket (Multi-purpose Socket class
//

class MP_Socket {

public:
    MP_Socket(SocketHandle socket);                          // "normal" socket

    MP_Socket(
        SocketHandle socket,
        SSLContext * sslcontext,
        ReadWriteSem * sslContextObjectLock,
        const String& ipAddress = String::EMPTY);

    ~MP_Socket();

    Boolean isSecure();

    Boolean incompleteSecureReadOccurred(Sint32 retCode);

    SocketHandle getSocket();

    Sint32 read(void* ptr, Uint32 size);

    Sint32 write(const void* ptr, Uint32 size);

    void close();

    void disableBlocking();

    /**
        Accepts the connection, performing an SSL handshake if applicable.

        @return Returns -1 on failure, 0 if not enough data is available to
        complete the operation (retry needed), and 1 on success.
     */
    Sint32 accept();

    Sint32 connect(Uint32 timeoutMilliseconds);

    Boolean isPeerVerificationEnabled();

    Array<SSLCertificateInfo*> getPeerCertificateChain();

    Boolean isCertificateVerified();

    void setSocketWriteTimeout(Uint32 socketWriteTimeout);

#ifdef PEGASUS_OS_ZOS
    // Return the authenicated user name
    String getAuthenticatedUser() { return String(_username); }
    // Is the client authenticated ?
    Boolean isClientAuthenticated() { return _userAuthenticated; }
    // What was type of authentication ?
    String getAuthType() { return _authType; }
#endif

    union {
        SocketHandle _socket;
        SSLSocket *_sslsock;
    };

private:
    Boolean   _isSecure;
    Uint32    _socketWriteTimeout;

#ifdef PEGASUS_OS_ZOS
    // Query a AT-TLS secured socket for the authenticated 
    // client userID.
    int ATTLS_zOS_query();

    // Query a UNIX Domain socket (local socket) for
    // the connected client userID.
    int LocalSocket_zOS_query();

    // The user name if authenticated.
    char _username[10];
    // Was a user authenticated ?
    Boolean _userAuthenticated;
    // Was it AT-TLS or UNIX Domain authentication ?
    String _authType;
#endif

};




PEGASUS_NAMESPACE_END

#endif /* Pegasus_TLS_h */
No CVS admin address has been configured
 Powered by
ViewCVS 0.9.2