WIP: support configurable certificates/keys, and root trust CAs (#114)

* wip: tls options implemented in openssl * update naming, remove #define guard * assert compiled with USE_TLS for tls options * apply autoformatter * include tls options impl * style cleanup; auto ssl_err * ssl_err -> sslErr * be explicit about SSL_VERIFY_NONE
2019-09-22 18:06:15 -07:00
parent ed4be773a2
commit 408ee41990
11 changed files with 222 additions and 70 deletions
--- a/ixwebsocket/IXSocketFactory.cpp
+++ b/ixwebsocket/IXSocketFactory.cpp
@ -8,15 +8,15 @@

 #ifdef IXWEBSOCKET_USE_TLS

-# ifdef IXWEBSOCKET_USE_MBED_TLS
-#  include <ixwebsocket/IXSocketMbedTLS.h>
-# elif __APPLE__
-#  include <ixwebsocket/IXSocketAppleSSL.h>
-# elif defined(_WIN32)
-#  include <ixwebsocket/IXSocketSChannel.h>
-# elif defined(IXWEBSOCKET_USE_OPEN_SSL)
-#  include <ixwebsocket/IXSocketOpenSSL.h>
-# endif
+#ifdef IXWEBSOCKET_USE_MBED_TLS
+#include <ixwebsocket/IXSocketMbedTLS.h>
+#elif __APPLE__
+#include <ixwebsocket/IXSocketAppleSSL.h>
+#elif defined(_WIN32)
+#include <ixwebsocket/IXSocketSChannel.h>
+#elif defined(IXWEBSOCKET_USE_OPEN_SSL)
+#include <ixwebsocket/IXSocketOpenSSL.h>
+#endif

 #else

@ -27,7 +27,8 @@
 namespace ix
 {
    std::shared_ptr<Socket> createSocket(bool tls,
-                                         std::string& errorMsg)
+                                         std::string& errorMsg,
+                                         const SocketTLSOptions& tlsOptions)
    {
        errorMsg.clear();
        std::shared_ptr<Socket> socket;
@ -39,15 +40,15 @@ namespace ix
        else
        {
 #ifdef IXWEBSOCKET_USE_TLS
-# if defined(IXWEBSOCKET_USE_MBED_TLS)
-            socket = std::make_shared<SocketMbedTLS>();
-# elif defined(__APPLE__)
-            socket = std::make_shared<SocketAppleSSL>();
-# elif defined(_WIN32)
-            socket = std::make_shared<SocketSChannel>();
-# else
-            socket = std::make_shared<SocketOpenSSL>();
-# endif
+#if defined(IXWEBSOCKET_USE_MBED_TLS)
+            socket = std::make_shared<SocketMbedTLS>(tlsOptions);
+#elif defined(__APPLE__)
+            socket = std::make_shared<SocketAppleSSL>(tlsOptions);
+#elif defined(_WIN32)
+            socket = std::make_shared<SocketSChannel>(tlsOptions);
+#else
+            socket = std::make_shared<SocketOpenSSL>(tlsOptions);
+#endif
 #else
            errorMsg = "TLS support is not enabled on this platform.";
            return nullptr;
@ -62,8 +63,7 @@ namespace ix
        return socket;
    }

-    std::shared_ptr<Socket> createSocket(int fd,
-                                         std::string& errorMsg)
+    std::shared_ptr<Socket> createSocket(int fd, std::string& errorMsg)
    {
        errorMsg.clear();

@ -75,4 +75,4 @@ namespace ix

        return socket;
    }
-}
+} // namespace ix