acl/lib_acl_cpp/include/acl_cpp/stream/polarssl_conf.hpp

118 lines
2.6 KiB
C++
Raw Normal View History

#pragma once
2017-06-02 14:47:24 +08:00
#include "../acl_cpp_define.hpp"
#include "../stdlib/thread_mutex.hpp"
#include "sslbase_conf.hpp"
2014-11-19 00:25:21 +08:00
#include <vector>
2022-08-19 10:28:04 +08:00
namespace acl {
2014-11-19 00:25:21 +08:00
/**
* SSL ֤<EFBFBD><EFBFBD>У<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ͷ<EFBFBD><EFBFBD><EFBFBD>
2014-11-19 00:25:21 +08:00
*/
2022-08-19 10:28:04 +08:00
typedef enum {
POLARSSL_VERIFY_NONE, // <20><>У<EFBFBD><D0A3>֤<EFBFBD><D6A4>
POLARSSL_VERIFY_OPT, // ѡ<><D1A1><EFBFBD><EFBFBD>У<EFBFBD><EFBFBD><E9A3AC><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ʱ<EFBFBD><CAB1><EFBFBD><EFBFBD><EFBFBD>ֺ<EFBFBD>У<EFBFBD><D0A3>
POLARSSL_VERIFY_REQ // Ҫ<><D2AA><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ʱУ<CAB1><D0A3>
2014-11-19 00:25:21 +08:00
} polarssl_verify_t;
class polarssl_io;
2014-11-19 00:25:21 +08:00
/**
* SSL <EFBFBD><EFBFBD><EFBFBD>Ӷ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>һ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ϊȫ<EFBFBD>ֶ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ÿһ<EFBFBD><EFBFBD> SSL
* <EFBFBD><EFBFBD><EFBFBD>Ӷ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>֤<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ã<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ȫ<EFBFBD><EFBFBD><EFBFBD>Ե<EFBFBD>֤<EFBFBD><EFBFBD><EFBFBD>Կ<EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ϣ<EFBFBD><EFBFBD>ÿһ<EFBFBD><EFBFBD> SSL <EFBFBD><EFBFBD><EFBFBD><EFBFBD>
* (polarssl_io) <EFBFBD><EFBFBD><EFBFBD>ñ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>setup_certs <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ʼ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>֤<EFBFBD><EFBFBD><EFBFBD>Կ<EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ϣ
2014-11-19 00:25:21 +08:00
*/
2022-08-19 10:28:04 +08:00
class ACL_CPP_API polarssl_conf : public sslbase_conf {
2014-11-19 00:25:21 +08:00
public:
2020-01-12 19:41:29 +08:00
/**
* <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
* @param server_side {bool} <EFBFBD><EFBFBD><EFBFBD><EFBFBD>ָ<EFBFBD><EFBFBD><EFBFBD>Ƿ<EFBFBD><EFBFBD><EFBFBD><EFBFBD>˻<EFBFBD><EFBFBD>ǿͻ<EFBFBD><EFBFBD>ˣ<EFBFBD><EFBFBD><EFBFBD>Ϊ true ʱ
* Ϊ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ģʽ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ϊ<EFBFBD>ͻ<EFBFBD><EFBFBD><EFBFBD>ģʽ
* @param verify_mode {polarssl_verify_t} SSL ֤<EFBFBD><EFBFBD>У<EFBFBD><EFBFBD><EFBFBD>
*/
polarssl_conf(bool server_side = false,
polarssl_verify_t verify_mode = POLARSSL_VERIFY_NONE);
2019-12-17 18:30:49 +08:00
virtual ~polarssl_conf(void);
2014-11-19 00:25:21 +08:00
/**
2020-01-02 23:29:06 +08:00
* @override
2014-11-19 00:25:21 +08:00
*/
bool load_ca(const char* ca_file, const char* ca_path);
2014-11-19 00:25:21 +08:00
/**
2020-01-02 23:29:06 +08:00
* @override
2014-11-19 00:25:21 +08:00
*/
bool add_cert(const char* crt_file);
2014-11-19 00:25:21 +08:00
/**
2020-01-02 23:29:06 +08:00
* @override
2014-11-19 00:25:21 +08:00
*/
bool set_key(const char* key_file, const char* key_pass = NULL);
2014-11-19 00:25:21 +08:00
/**
2020-01-02 23:29:06 +08:00
* @override
2014-11-19 00:25:21 +08:00
*/
2020-01-02 23:29:06 +08:00
void enable_cache(bool on);
2014-11-19 00:25:21 +08:00
2020-01-02 23:29:06 +08:00
public:
2014-11-19 00:25:21 +08:00
/**
2020-01-02 23:29:06 +08:00
* <EFBFBD><EFBFBD><EFBFBD><EFBFBD> SSL ֤<EFBFBD><EFBFBD>У<EFBFBD>ʽ<EFBFBD><EFBFBD><EFBFBD>ڲ<EFBFBD>ȱʡΪ<EFBFBD><EFBFBD>У<EFBFBD><EFBFBD>֤<EFBFBD><EFBFBD>
* @param verify_mode {polarssl_verify_t}
2014-11-19 00:25:21 +08:00
*/
2020-01-02 23:29:06 +08:00
void set_authmode(polarssl_verify_t verify_mode);
2014-11-19 00:25:21 +08:00
/**
* <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ض<EFBFBD><EFBFBD><EFBFBD>
* @return {void*}<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ֵΪ entropy_context <EFBFBD><EFBFBD><EFBFBD><EFBFBD>
2014-11-19 00:25:21 +08:00
*/
2019-07-07 11:00:12 +08:00
void* get_entropy(void)
2014-11-19 00:25:21 +08:00
{
return entropy_;
}
/**
2020-01-02 23:29:06 +08:00
* stream_hook::open <EFBFBD>ڲ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ñ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>װ<EFBFBD><EFBFBD>ǰ SSL <EFBFBD><EFBFBD><EFBFBD>Ӷ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>֤<EFBFBD><EFBFBD>
* @param ssl {void*} SSL <EFBFBD><EFBFBD><EFBFBD>Ӷ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ϊ ssl_context <EFBFBD><EFBFBD><EFBFBD><EFBFBD>
2020-01-02 23:29:06 +08:00
* @param server_side {bool} <EFBFBD>Ƿ<EFBFBD><EFBFBD><EFBFBD><EFBFBD>˻<EFBFBD><EFBFBD>ǿͻ<EFBFBD><EFBFBD><EFBFBD>
* @return {bool} <EFBFBD><EFBFBD><EFBFBD><EFBFBD> SSL <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ƿ<EFBFBD><EFBFBD>ɹ<EFBFBD>
2014-11-19 00:25:21 +08:00
*/
bool setup_certs(void* ssl, bool server_side);
2014-11-19 00:25:21 +08:00
2019-12-17 18:30:49 +08:00
public:
/**
* <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ȵ<EFBFBD><EFBFBD>ô˺<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> libpolarssl.so <EFBFBD><EFBFBD>ȫ·<EFBFBD><EFBFBD>
* @param path {const char*} libpolarssl.so <EFBFBD><EFBFBD>ȫ·<EFBFBD><EFBFBD>
*/
static void set_libpath(const char* path);
/**
* <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ʽ<EFBFBD><EFBFBD><EFBFBD>ñ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>̬<EFBFBD><EFBFBD><EFBFBD><EFBFBD> polarssl <EFBFBD><EFBFBD>̬<EFBFBD><EFBFBD>
2020-01-02 23:29:06 +08:00
* @return {bool} <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ƿ<EFBFBD><EFBFBD>ɹ<EFBFBD>
*/
2020-01-02 23:29:06 +08:00
static bool load(void);
2019-12-17 18:30:49 +08:00
public:
// @override sslbase_conf
2020-07-01 17:05:41 +08:00
sslbase_io* create(bool nblock);
2019-12-17 18:30:49 +08:00
private:
friend class polarssl_io;
bool has_inited_;
thread_mutex lock_;
2020-01-12 19:41:29 +08:00
bool server_side_;
2014-11-19 00:25:21 +08:00
void* entropy_;
void* cacert_;
void* pkey_;
void* cert_chain_;
void* cache_;
polarssl_verify_t verify_mode_;
2019-12-17 18:30:49 +08:00
private:
void init_once(void);
2019-07-07 11:00:12 +08:00
void free_ca(void);
2014-11-19 00:25:21 +08:00
};
} // namespace acl