Qpid Proton C++  0.17.0
ssl.hpp
1 #ifndef PROTON_SSL_HPP
2 #define PROTON_SSL_HPP
3 
4 /*
5  *
6  * Licensed to the Apache Software Foundation (ASF) under one
7  * or more contributor license agreements. See the NOTICE file
8  * distributed with this work for additional information
9  * regarding copyright ownership. The ASF licenses this file
10  * to you under the Apache License, Version 2.0 (the
11  * "License"); you may not use this file except in compliance
12  * with the License. You may obtain a copy of the License at
13  *
14  * http://www.apache.org/licenses/LICENSE-2.0
15  *
16  * Unless required by applicable law or agreed to in writing,
17  * software distributed under the License is distributed on an
18  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
19  * KIND, either express or implied. See the License for the
20  * specific language governing permissions and limitations
21  * under the License.
22  *
23  */
24 
25 #include "./internal/export.hpp"
26 
27 #include <proton/ssl.h>
28 
29 #include <string>
30 
31 namespace proton {
32 
33 namespace internal {
34 template <class T> class factory;
35 }
36 
38 class ssl {
40  ssl(pn_ssl_t* s) : object_(s) {}
42 
43  public:
45  ssl() : object_(0) {}
46 
48  enum verify_mode {
50  VERIFY_PEER = PN_SSL_VERIFY_PEER,
52  ANONYMOUS_PEER = PN_SSL_ANONYMOUS_PEER,
54  VERIFY_PEER_NAME = PN_SSL_VERIFY_PEER_NAME
55  };
56 
59  UNKNOWN = PN_SSL_RESUME_UNKNOWN,
60  NEW = PN_SSL_RESUME_NEW,
61  REUSED = PN_SSL_RESUME_REUSED
62  };
63 
65 
68  PN_CPP_EXTERN std::string cipher() const;
69 
72  PN_CPP_EXTERN std::string protocol() const;
73 
75  PN_CPP_EXTERN int ssf() const;
76 
78  PN_CPP_EXTERN std::string remote_subject() const;
79 
81  PN_CPP_EXTERN void resume_session_id(const std::string& session_id);
82 
83  PN_CPP_EXTERN enum resume_status resume_status() const;
84 
86 
87  private:
88  pn_ssl_t* object_;
89 
91  friend class internal::factory<ssl>;
93 };
94 
97  public:
99  PN_CPP_EXTERN ssl_certificate(const std::string &certdb_main);
100 
101  // XXX Document the following constructors
102 
104  PN_CPP_EXTERN ssl_certificate(const std::string &certdb_main, const std::string &certdb_extra);
105 
107  PN_CPP_EXTERN ssl_certificate(const std::string &certdb_main, const std::string &certdb_extra, const std::string &passwd);
109 
110  private:
111  std::string certdb_main_;
112  std::string certdb_extra_;
113  std::string passwd_;
114  bool pw_set_;
115 
117  friend class ssl_client_options;
118  friend class ssl_server_options;
120 };
121 
122 class ssl_domain_impl;
123 
124 namespace internal {
125 
126 // Base class for SSL configuration
127 class ssl_domain {
128  public:
129  PN_CPP_EXTERN ssl_domain(const ssl_domain&);
130  PN_CPP_EXTERN ssl_domain& operator=(const ssl_domain&);
131  PN_CPP_EXTERN ~ssl_domain();
132 
133  protected:
134  ssl_domain(bool is_server);
135  pn_ssl_domain_t *pn_domain();
136 
137  private:
138  ssl_domain_impl *impl_;
139  bool server_type_;
140 };
141 
142 }
143 
145 class ssl_server_options : private internal::ssl_domain {
146  public:
149  PN_CPP_EXTERN ssl_server_options(ssl_certificate &cert);
150 
153  PN_CPP_EXTERN ssl_server_options(ssl_certificate &cert, const std::string &trust_db,
154  const std::string &advertise_db = std::string(),
155  enum ssl::verify_mode mode = ssl::VERIFY_PEER);
156 
159  PN_CPP_EXTERN ssl_server_options();
160 
161  private:
162  // Bring pn_domain into scope and allow connection_options to use
163  // it.
164  using internal::ssl_domain::pn_domain;
165 
167  friend class connection_options;
169 };
170 
172 class ssl_client_options : private internal::ssl_domain {
173  public:
175  PN_CPP_EXTERN ssl_client_options(const std::string &trust_db,
177 
179  PN_CPP_EXTERN ssl_client_options(ssl_certificate&, const std::string &trust_db,
181 
184  PN_CPP_EXTERN ssl_client_options();
185 
186  private:
187  // Bring pn_domain into scope and allow connection_options to use
188  // it.
189  using internal::ssl_domain::pn_domain;
190 
192  friend class connection_options;
194 };
195 
196 } // proton
197 
198 #endif // PROTON_SSL_HPP
Experimental - SSL configuration for inbound connections.
Definition: ssl.hpp:145
ssl()
Create an empty ssl object.
Definition: ssl.hpp:45
SSL information.
Definition: ssl.hpp:38
Require valid certificate and matching name.
Definition: ssl.hpp:54
Options for creating a connection.
Definition: connection_options.hpp:62
Experimental - SSL configuration for outbound connections.
Definition: ssl.hpp:172
resume_status
Outcome specifier for an attempted session resume.
Definition: ssl.hpp:58
verify_mode
Determines the level of peer validation.
Definition: ssl.hpp:48
Require peer to provide a valid identifying certificate.
Definition: ssl.hpp:50
Experimental - An SSL certificate.
Definition: ssl.hpp:96
The main Proton namespace.
Definition: annotation_key.hpp:30