21#include <boost/asio/ssl.hpp> 
   27inline boost::asio::ssl::stream_base::handshake_type roleToImpl(
TlsRole role) {
 
   29        return (boost::asio::ssl::stream_base::server);
 
   31        return (boost::asio::ssl::stream_base::client);
 
   40    virtual ~TlsContext() { }
 
   45    explicit TlsContext(TlsRole role);
 
   48    boost::asio::ssl::context& getContext();
 
   54    ::SSL_CTX* getNativeContext();
 
   60    virtual bool getCertRequired() 
const;
 
   69    static std::string getErrMsg(boost::system::error_code ec);
 
   76    virtual void setCertRequired(
bool cert_required);
 
   81    virtual void loadCaFile(
const std::string& ca_file);
 
   86    virtual void loadCaPath(
const std::string& ca_path);
 
   91    virtual void loadCertFile(
const std::string& cert_file);
 
   96    virtual void loadKeyFile(
const std::string& key_file);
 
  102    boost::asio::ssl::context context_;
 
  105    friend class TlsContextBase;
 
  109typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> TlsStreamImpl;
 
  118template <
typename Callback, 
typename TlsStreamImpl>
 
  122      TlsStreamImpl(io_service->getInternalIOService(),
 
  123      context->getContext()), role_(context->getRole()) {
 
  129template <
typename Callback>
 
  130class TlsStream : 
public TlsStreamBase<Callback, TlsStreamImpl> {
 
  134    typedef TlsStreamBase<Callback, TlsStreamImpl> Base;
 
  141    TlsStream(
const IOServicePtr& service, TlsContextPtr context)
 
  142        : Base(service, context) {
 
  146    virtual ~TlsStream() {
 
  152    virtual void handshake(Callback& callback) {
 
  153        Base::async_handshake(roleToImpl(Base::getRole()), callback);
 
  159    virtual void shutdown(Callback& callback) {
 
  160        Base::async_shutdown(callback);
 
  173    virtual std::string getSubject() {
 
  174        ::X509* cert = ::SSL_get_peer_certificate(this->native_handle());
 
  178        ::X509_NAME *name = ::X509_get_subject_name(cert);
 
  179        int loc = ::X509_NAME_get_index_by_NID(name, NID_commonName, -1);
 
  180        ::X509_NAME_ENTRY* ne = ::X509_NAME_get_entry(name, loc);
 
  185        unsigned char* buf = 0;
 
  186        int len = ::ASN1_STRING_to_UTF8(&buf, ::X509_NAME_ENTRY_get_data(ne));
 
  191        std::string ret(
reinterpret_cast<char*
>(buf), 
static_cast<size_t>(len));
 
  207    virtual std::string getIssuer() {
 
  208        ::X509* cert = ::SSL_get_peer_certificate(this->native_handle());
 
  212        ::X509_NAME *name = ::X509_get_issuer_name(cert);
 
  213        int loc = ::X509_NAME_get_index_by_NID(name, NID_commonName, -1);
 
  214        ::X509_NAME_ENTRY* ne = ::X509_NAME_get_entry(name, loc);
 
  219        unsigned char* buf = 0;
 
  220        int len = ::ASN1_STRING_to_UTF8(&buf, ::X509_NAME_ENTRY_get_data(ne));
 
  225        std::string ret(
reinterpret_cast<char*
>(buf), 
static_cast<size_t>(len));
 
  233const int STREAM_TRUNCATED = boost::asio::ssl::error::stream_truncated;
 
TlsStreamBase(const IOServicePtr &service, TlsContextPtr context)
Constructor.
boost::shared_ptr< TlsContext > TlsContextPtr
The type of shared pointers to TlsContext objects.
boost::shared_ptr< IOService > IOServicePtr
Defines a smart pointer to an IOService instance.
TlsRole
Client and server roles.
Defines the logger used by the top-level component of kea-lfc.