IXWebSocket/ixwebsocket/IXSocketOpenSSL.h

69 lines
2.2 KiB
C
Raw Permalink Normal View History

2018-09-27 23:56:48 +02:00
/*
* IXSocketOpenSSL.h
2019-09-30 05:09:51 +02:00
* Author: Benjamin Sergeant, Matt DeBoer
* Copyright (c) 2017-2020 Machine Zone, Inc. All rights reserved.
2018-09-27 23:56:48 +02:00
*/
#ifdef IXWEBSOCKET_USE_OPEN_SSL
2018-09-27 23:56:48 +02:00
#pragma once
2018-12-15 01:28:11 +01:00
#include "IXCancellationRequest.h"
2019-05-30 17:46:50 +02:00
#include "IXSocket.h"
#include "IXSocketTLSOptions.h"
2019-05-30 17:46:50 +02:00
#include <mutex>
2018-09-27 23:56:48 +02:00
#include <openssl/bio.h>
#include <openssl/conf.h>
#include <openssl/err.h>
2019-05-30 17:46:50 +02:00
#include <openssl/hmac.h>
2018-09-27 23:56:48 +02:00
#include <openssl/ssl.h>
namespace ix
2018-09-27 23:56:48 +02:00
{
2019-05-12 20:43:21 +02:00
class SocketOpenSSL final : public Socket
2018-09-27 23:56:48 +02:00
{
public:
SocketOpenSSL(const SocketTLSOptions& tlsOptions, int fd = -1);
2018-09-27 23:56:48 +02:00
~SocketOpenSSL();
virtual bool accept(std::string& errMsg) final;
virtual bool connect(const std::string& host,
2018-09-27 23:56:48 +02:00
int port,
std::string& errMsg,
2018-12-15 01:28:11 +01:00
const CancellationRequest& isCancellationRequested) final;
2018-09-27 23:56:48 +02:00
virtual void close() final;
virtual ssize_t send(char* buffer, size_t length) final;
virtual ssize_t recv(void* buffer, size_t length) final;
2018-09-27 23:56:48 +02:00
private:
2019-01-05 20:42:25 +01:00
void openSSLInitialize();
2018-09-27 23:56:48 +02:00
std::string getSSLError(int ret);
SSL_CTX* openSSLCreateContext(std::string& errMsg);
bool openSSLAddCARootsFromString(const std::string roots);
bool openSSLClientHandshake(const std::string& hostname,
std::string& errMsg,
const CancellationRequest& isCancellationRequested);
2019-05-30 17:46:50 +02:00
bool openSSLCheckServerCert(SSL* ssl, const std::string& hostname, std::string& errMsg);
bool checkHost(const std::string& host, const char* pattern);
2019-09-30 05:07:53 +02:00
bool handleTLSOptions(std::string& errMsg);
bool openSSLServerHandshake(std::string& errMsg);
2018-09-27 23:56:48 +02:00
// Required for OpenSSL < 1.1
static void openSSLLockingCallback(int mode, int type, const char* /*file*/, int /*line*/);
2018-09-27 23:56:48 +02:00
SSL* _ssl_connection;
2019-01-05 02:28:13 +01:00
SSL_CTX* _ssl_context;
2018-09-27 23:56:48 +02:00
const SSL_METHOD* _ssl_method;
SocketTLSOptions _tlsOptions;
2019-05-30 17:46:50 +02:00
mutable std::mutex _mutex; // OpenSSL routines are not thread-safe
2019-01-05 20:42:25 +01:00
static std::once_flag _openSSLInitFlag;
2019-01-05 20:42:25 +01:00
static std::atomic<bool> _openSSLInitializationSuccessful;
2018-09-27 23:56:48 +02:00
};
2019-05-30 17:46:50 +02:00
} // namespace ix
#endif // IXWEBSOCKET_USE_OPEN_SSL