43GSsl::OpenSSL::LibraryImp::LibraryImp(
G::StringArray & library_config , Library::LogFn log_fn ,
bool verbose ) :
46 m_config(library_config)
51 GDEF_IGNORE_RETURN RAND_status() ;
54 m_index = SSL_get_ex_new_index( 0 ,
nullptr ,
nullptr ,
nullptr ,
nullptr ) ;
58 throw Error(
"SSL_get_ex_new_index" ) ;
62GSsl::OpenSSL::LibraryImp::~LibraryImp()
67void GSsl::OpenSSL::LibraryImp::cleanup()
71std::string GSsl::OpenSSL::LibraryImp::sid()
73 std::string v = OpenSSL_version(OPENSSL_VERSION) ;
87std::string GSsl::OpenSSL::LibraryImp::credit(
const std::string & prefix ,
const std::string & eol ,
const std::string & eot )
89 std::ostringstream ss ;
91 << prefix <<
"This product includes software developed by the OpenSSL Project" << eol
92 << prefix <<
"for use in the OpenSSL Toolkit (http://www.openssl.org/)" << eol
98 const std::string & key_file ,
const std::string & cert_file ,
const std::string & ca_file ,
99 const std::string & default_peer_certificate_name ,
const std::string & default_peer_host_name ,
100 const std::string & profile_config )
102 std::shared_ptr<ProfileImp> profile_ptr =
103 std::make_shared<ProfileImp>(*
this,is_server_profile,key_file,cert_file,ca_file,
104 default_peer_certificate_name,default_peer_host_name,profile_config) ;
105 m_profile_map.insert( Map::value_type(profile_name,profile_ptr) ) ;
110 auto p = m_profile_map.find( profile_name ) ;
111 return p != m_profile_map.end() ;
116 auto p = m_profile_map.find( profile_name ) ;
117 if( p == m_profile_map.end() )
throw Error( std::string(
"no such profile: [").append(profile_name).append(1U,
']') ) ;
118 return *(*p).second ;
121GSsl::Library::LogFn GSsl::OpenSSL::LibraryImp::log()
const
126bool GSsl::OpenSSL::LibraryImp::verbose()
const
131int GSsl::OpenSSL::LibraryImp::index()
const
140 result.push_back(
"SHA512" ) ;
141 result.push_back(
"SHA256" ) ;
142 result.push_back(
"SHA1" ) ;
143 result.push_back(
"MD5" ) ;
149 return Digester( std::make_unique<GSsl::OpenSSL::DigesterImp>(hash_type,state,need_state) ) ;
152GSsl::OpenSSL::DigesterImp::DigesterImp(
const std::string & hash_type ,
const std::string & state ,
bool need_state ) :
153 m_hash_type(Type::Other) ,
156 bool have_state = !state.empty() ;
159 #if GCONFIG_HAVE_OPENSSL_HASH_FUNCTIONS
160 if( hash_type ==
"MD5" && ( have_state || need_state ) )
162 m_hash_type = Type::Md5 ;
168 m_state_size = m_value_size + 4U ;
170 else if( hash_type ==
"SHA1" && ( have_state || need_state ) )
172 m_hash_type = Type::Sha1 ;
173 SHA1_Init( &m_sha1 ) ;
178 m_state_size = m_value_size + 4U ;
180 else if( hash_type ==
"SHA256" && ( have_state || need_state ) )
182 m_hash_type = Type::Sha256 ;
183 SHA256_Init( &m_sha256 ) ;
188 m_state_size = m_value_size + 4U ;
192 if( m_state_size == 0U )
194 if( have_state || need_state )
195 throw Error( std::string(
"hash state resoration not implemented for ").append(hash_type) ) ;
197 m_hash_type = Type::Other ;
198 m_evp_ctx = EVP_MD_CTX_create() ;
200 const EVP_MD * md = EVP_get_digestbyname( hash_type.c_str() ) ;
202 throw Error( std::string(
"unsupported hash function name: [").append(hash_type).append(1U,
']') ) ;
204 m_block_size =
static_cast<std::size_t
>( EVP_MD_block_size(md) ) ;
205 m_value_size =
static_cast<std::size_t
>( EVP_MD_size(md) ) ;
207 EVP_DigestInit_ex( m_evp_ctx , md ,
nullptr ) ;
211GSsl::OpenSSL::DigesterImp::~DigesterImp()
213 if( m_hash_type == Type::Other )
214 EVP_MD_CTX_destroy( m_evp_ctx ) ;
219 return m_block_size ;
224 return m_value_size ;
229 return m_state_size ;
234 #if GCONFIG_HAVE_OPENSSL_HASH_FUNCTIONS
235 if( m_hash_type == Type::Md5 )
237 else if( m_hash_type == Type::Sha1 )
239 else if( m_hash_type == Type::Sha256 )
242 return std::string() ;
247 #if GCONFIG_HAVE_OPENSSL_HASH_FUNCTIONS
248 if( m_hash_type == Type::Md5 )
249 MD5_Update( &m_md5 , data.data() , data.size() ) ;
250 else if( m_hash_type == Type::Sha1 )
251 SHA1_Update( &m_sha1 , data.data() , data.size() ) ;
252 else if( m_hash_type == Type::Sha256 )
253 SHA256_Update( &m_sha256 , data.data() , data.size() ) ;
255 EVP_DigestUpdate( m_evp_ctx , data.data() , data.size() ) ;
257 EVP_DigestUpdate( m_evp_ctx , data.data() , data.size() ) ;
263 std::vector<unsigned char> output ;
265 #if GCONFIG_HAVE_OPENSSL_HASH_FUNCTIONS
266 if( m_hash_type == Type::Md5 )
268 n = MD5_DIGEST_LENGTH ;
270 MD5_Final( &output[0] , &m_md5 ) ;
272 else if( m_hash_type == Type::Sha1 )
274 n = SHA_DIGEST_LENGTH ;
276 SHA1_Final( &output[0] , &m_sha1 ) ;
278 else if( m_hash_type == Type::Sha256 )
280 n = SHA256_DIGEST_LENGTH ;
282 SHA256_Final( &output[0] , &m_sha256 ) ;
287 unsigned int output_size = 0 ;
288 output.resize( EVP_MAX_MD_SIZE ) ;
289 EVP_DigestFinal_ex( m_evp_ctx , &output[0] , &output_size ) ;
290 n =
static_cast<std::size_t
>(output_size) ;
292 G_ASSERT( n == valuesize() ) ;
293 const char * p =
reinterpret_cast<char*
>(&output[0]) ;
294 return std::string(p,n) ;
299GSsl::OpenSSL::ProfileImp::ProfileImp(
const LibraryImp & library_imp ,
bool is_server_profile ,
300 const std::string & key_file ,
const std::string & cert_file ,
const std::string & ca_path ,
301 const std::string & default_peer_certificate_name ,
const std::string & default_peer_host_name ,
302 const std::string & profile_config ) :
303 m_library_imp(library_imp) ,
304 m_default_peer_certificate_name(default_peer_certificate_name) ,
305 m_default_peer_host_name(default_peer_host_name) ,
306 m_ssl_ctx(nullptr,
std::function<void(SSL_CTX*)>(deleter))
310 Config extra_config = m_library_imp.config() ;
311 if( !profile_config.empty() )
314 extra_config = Config( profile_config_list ) ;
315 if( !profile_config_list.empty() )
316 G_WARNING(
"GSsl::OpenSSL::ProfileImp::ctor: tls-config: tls " << (is_server_profile?
"server":
"client")
317 <<
" profile configuration ignored: [" <<
G::Str::join(
",",profile_config_list) <<
"]" ) ;
320 if( m_ssl_ctx ==
nullptr )
322 Config::Fn version_fn = extra_config.fn( is_server_profile ) ;
323 m_ssl_ctx.reset( SSL_CTX_new( version_fn() ) ) ;
324 if( m_ssl_ctx !=
nullptr )
325 apply( extra_config ) ;
328 if( m_ssl_ctx ==
nullptr )
329 throw Error(
"SSL_CTX_new" , ERR_get_error() ) ;
331 if( !key_file.empty() )
335 G_WARNING(
"GSsl::Profile: " << format(
txt(
"cannot open ssl key file: %1%")) % key_file ) ;
337 check( SSL_CTX_use_PrivateKey_file(m_ssl_ctx.get(),key_file.c_str(),SSL_FILETYPE_PEM) ,
338 "use_PrivateKey_file" , key_file ) ;
341 if( !cert_file.empty() )
345 G_WARNING(
"GSsl::Profile: " << format(
txt(
"cannot open ssl certificate file: %1%")) % cert_file ) ;
347 check( SSL_CTX_use_certificate_chain_file(m_ssl_ctx.get(),cert_file.c_str()) ,
348 "use_certificate_chain_file" , cert_file ) ;
351 if( ca_path.empty() )
355 SSL_CTX_set_verify( m_ssl_ctx.get() , SSL_VERIFY_PEER , verifyPass ) ;
357 else if( ca_path ==
"<none>" )
360 SSL_CTX_set_verify( m_ssl_ctx.get() , SSL_VERIFY_NONE ,
nullptr ) ;
362 else if( ca_path ==
"<default>" )
365 bool no_verify = extra_config.noverify() ;
366 SSL_CTX_set_verify( m_ssl_ctx.get() , no_verify ? SSL_VERIFY_NONE : (SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT) , verifyPeerName ) ;
367 check( SSL_CTX_set_default_verify_paths( m_ssl_ctx.get() ) ,
"set_default_verify_paths" ) ;
373 const char * ca_file_p = ca_path_is_dir ? nullptr : ca_path.c_str() ;
374 const char * ca_dir_p = ca_path_is_dir ? ca_path.c_str() : nullptr ;
375 bool no_verify = extra_config.noverify() ;
376 SSL_CTX_set_verify( m_ssl_ctx.get() , no_verify ? SSL_VERIFY_NONE : (SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT) , verifyPeerName ) ;
377 check( SSL_CTX_load_verify_locations( m_ssl_ctx.get() , ca_file_p , ca_dir_p ) ,
"load_verify_locations" , ca_path ) ;
380 SSL_CTX_set_cipher_list( m_ssl_ctx.get() ,
"DEFAULT" ) ;
381 SSL_CTX_set_session_cache_mode( m_ssl_ctx.get() , SSL_SESS_CACHE_OFF ) ;
382 if( is_server_profile )
385 SSL_CTX_set_session_id_context( m_ssl_ctx.get() ,
reinterpret_cast<const unsigned char *
>(x.data()) , x.size() ) ;
389GSsl::OpenSSL::ProfileImp::~ProfileImp()
392void GSsl::OpenSSL::ProfileImp::deleter( SSL_CTX * p )
399 const std::string & peer_host_name )
const
401 return std::make_unique<OpenSSL::ProtocolImp>( *
this ,
402 peer_certificate_name.empty()?defaultPeerCertificateName():peer_certificate_name ,
403 peer_host_name.empty()?defaultPeerHostName():peer_host_name ) ;
406SSL_CTX * GSsl::OpenSSL::ProfileImp::p()
const
408 return const_cast<SSL_CTX*
>( m_ssl_ctx.get() ) ;
411const GSsl::OpenSSL::LibraryImp & GSsl::OpenSSL::ProfileImp::lib()
const
413 return m_library_imp ;
416const std::string & GSsl::OpenSSL::ProfileImp::defaultPeerCertificateName()
const
418 return m_default_peer_certificate_name ;
421const std::string & GSsl::OpenSSL::ProfileImp::defaultPeerHostName()
const
423 return m_default_peer_host_name ;
426void GSsl::OpenSSL::ProfileImp::check(
int rc ,
const std::string & fnname_tail ,
const std::string & file )
430 std::string fnname =
"SSL_CTX_" + fnname_tail ;
431 throw Error( fnname , ERR_get_error() , file ) ;
435void GSsl::OpenSSL::ProfileImp::apply(
const Config & config )
437 #if GCONFIG_HAVE_OPENSSL_MIN_MAX
439 SSL_CTX_set_min_proto_version( m_ssl_ctx.get() , config.min_() ) ;
442 SSL_CTX_set_max_proto_version( m_ssl_ctx.get() , config.max_() ) ;
445 if( config.reset() != 0L )
446 SSL_CTX_clear_options( m_ssl_ctx.get() , config.reset() ) ;
448 if( config.set() != 0L )
449 SSL_CTX_set_options( m_ssl_ctx.get() , config.set() ) ;
452int GSsl::OpenSSL::ProfileImp::verifyPass(
int , X509_STORE_CTX * )
457int GSsl::OpenSSL::ProfileImp::verifyPeerName(
int ok , X509_STORE_CTX * ctx )
461 if( ok && X509_STORE_CTX_get_error_depth(ctx) == 0 )
463 SSL * ssl =
static_cast<SSL*
>( X509_STORE_CTX_get_ex_data( ctx , SSL_get_ex_data_X509_STORE_CTX_idx() ) ) ;
467 OpenSSL::LibraryImp & library =
dynamic_cast<OpenSSL::LibraryImp&
>( Library::impstance() ) ;
468 OpenSSL::ProtocolImp * protocol =
static_cast<OpenSSL::ProtocolImp*
>( SSL_get_ex_data(ssl,library.index()) ) ;
469 if( protocol ==
nullptr )
472 std::string required_peer_certificate_name = protocol->requiredPeerCertificateName() ;
473 if( !required_peer_certificate_name.empty() )
475 X509 * cert = X509_STORE_CTX_get_current_cert( ctx ) ;
476 std::string subject = name(X509_get_subject_name(cert)) ;
478 bool found = std::find( subject_parts.begin() , subject_parts.end() ,
"CN="+required_peer_certificate_name ) != subject_parts.end() ;
479 library.log()( 2 , std::string(
"certificate-subject=[")
481 .append(
"] required-peer-name=[")
482 .append(required_peer_certificate_name)
483 .append(
"] ok=").append(1U,found?
'1':
'0') ) ;
498std::string GSsl::OpenSSL::ProfileImp::name( X509_NAME * x509_name )
500 if( x509_name ==
nullptr )
return std::string() ;
501 std::vector<char> buffer( 2048U ) ;
502 X509_NAME_oneline( x509_name , &buffer[0] , buffer.size() ) ;
503 buffer.back() =
'\0' ;
509GSsl::OpenSSL::ProtocolImp::ProtocolImp(
const ProfileImp & profile ,
const std::string & required_peer_certificate_name ,
510 const std::string & target_peer_host_name ) :
511 m_ssl(nullptr,
std::function<void(SSL*)>(deleter)) ,
512 m_log_fn(profile.lib().log()) ,
513 m_verbose(profile.lib().verbose()) ,
515 m_required_peer_certificate_name(required_peer_certificate_name) ,
518 m_ssl.reset( SSL_new(profile.p()) ) ;
519 if( m_ssl ==
nullptr )
520 throw Error(
"SSL_new" , ERR_get_error() ) ;
523 if( !target_peer_host_name.empty() )
524 SSL_set_tlsext_host_name( m_ssl.get() , target_peer_host_name.c_str() ) ;
527 SSL_set_ex_data( m_ssl.get() , profile.lib().index() ,
this ) ;
530GSsl::OpenSSL::ProtocolImp::~ProtocolImp()
533void GSsl::OpenSSL::ProtocolImp::deleter( SSL * p )
539void GSsl::OpenSSL::ProtocolImp::clearErrors()
543 Error::clearErrors() ;
546int GSsl::OpenSSL::ProtocolImp::error(
const char * op ,
int rc )
const
548 int e = SSL_get_error( m_ssl.get() , rc ) ;
549 logErrors( op , rc , e , Protocol::str(convert(e)) ) ;
553GSsl::Protocol::Result GSsl::OpenSSL::ProtocolImp::convert(
int e )
555 if( e == SSL_ERROR_WANT_READ )
return Protocol::Result::read ;
556 if( e == SSL_ERROR_WANT_WRITE )
return Protocol::Result::write ;
557 return Protocol::Result::error ;
572void GSsl::OpenSSL::ProtocolImp::set(
int fd )
576 int rc = SSL_set_fd( m_ssl.get() , fd ) ;
578 throw Error(
"SSL_set_fd" , ERR_get_error() ) ;
587 int rc = SSL_connect( m_ssl.get() ) ;
591 return Protocol::Result::ok ;
595 return convert(error(
"SSL_connect",rc)) ;
602 int rc = SSL_accept( m_ssl.get() ) ;
606 return Protocol::Result::ok ;
610 return convert(error(
"SSL_accept",rc)) ;
614void GSsl::OpenSSL::ProtocolImp::saveResult()
616 m_peer_certificate = Certificate(SSL_get_peer_certificate(m_ssl.get()),
true).str() ;
617 m_peer_certificate_chain = CertificateChain(SSL_get_peer_cert_chain(m_ssl.get())).str() ;
618 m_verified = !m_peer_certificate.empty() && SSL_get_verify_result(m_ssl.get()) == X509_V_OK ;
623 int rc = SSL_shutdown( m_ssl.get() ) ;
624 if( rc == 0 || rc == 1 )
625 return Protocol::Result::ok ;
627 return convert( rc ) ;
635 int buffer_size =
static_cast<int>(buffer_size_in) ;
636 int rc = SSL_read( m_ssl.get() , buffer , buffer_size ) ;
639 read_size =
static_cast<ssize_t
>(rc) ;
640 return SSL_pending(m_ssl.get()) ? Protocol::Result::more : Protocol::Result::ok ;
644 return convert(error(
"SSL_read",rc)) ;
652 int size =
static_cast<int>(size_in) ;
653 int rc = SSL_write( m_ssl.get() , buffer , size ) ;
656 size_out =
static_cast<ssize_t
>(rc) ;
657 return Protocol::Result::ok ;
661 return convert(error(
"SSL_write",rc)) ;
667 return m_peer_certificate ;
672 return m_peer_certificate_chain ;
677 const SSL_CIPHER * cipher = SSL_get_current_cipher(
const_cast<SSL*
>(m_ssl.get()) ) ;
678 const char * name = cipher ? SSL_CIPHER_get_name(cipher) : nullptr ;
684 const SSL_SESSION * session = SSL_get_session(
const_cast<SSL*
>(m_ssl.get()) ) ;
685 if( session ==
nullptr )
return std::string() ;
686 int v = SSL_SESSION_get_protocol_version( session ) ;
688 if( v == TLS1_VERSION )
return "TLSv1.0" ;
690 #ifdef TLS1_1_VERSION
691 if( v == TLS1_1_VERSION )
return "TLSv1.1" ;
693 #ifdef TLS1_2_VERSION
694 if( v == TLS1_2_VERSION )
return "TLSv1.2" ;
696 #ifdef TLS1_3_VERSION
697 if( v == TLS1_3_VERSION )
return "TLSv1.3" ;
699 if( v == 0x304 )
return "TLSv1.3" ;
709void GSsl::OpenSSL::ProtocolImp::logErrors(
const std::string & op ,
int rc ,
int e ,
const std::string & strerr )
const
711 if( m_log_fn !=
nullptr )
715 std::ostringstream ss ;
716 ss << op <<
": rc=" << rc <<
": error " << e <<
" => " << strerr ;
717 (*m_log_fn)( 1 , ss.str() ) ;
720 for(
int i = 2 ; i < 10000 ; i++ )
722 unsigned long ee = ERR_get_error() ;
723 if( ee == 0 ) break ;
724 Error eee( op , ee ) ;
725 (*m_log_fn)( 3 , std::string() + eee.what() ) ;
730std::string GSsl::OpenSSL::ProtocolImp::requiredPeerCertificateName()
const
732 return m_required_peer_certificate_name ;
737GSsl::OpenSSL::Error::Error(
const std::string & s ) :
738 std::runtime_error(
std::string(
"tls error: ").append(s) )
742GSsl::OpenSSL::Error::Error(
const std::string & fnname ,
unsigned long e ) :
743 std::runtime_error(
std::string(
"tls error: ").append(fnname).append(
"(): [").append(text(e)).append(1U,
']') )
748GSsl::OpenSSL::Error::Error(
const std::string & fnname ,
unsigned long e ,
const std::string & file ) :
749 std::runtime_error(
std::string(
"tls error: ").append(fnname).append(
"(): [").append(text(e)).append(
"]: file=[").append(file).append(1U,
']') )
754void GSsl::OpenSSL::Error::clearErrors()
756 for(
int i = 0 ; ERR_get_error() && i < 10000 ; i++ )
760std::string GSsl::OpenSSL::Error::text(
unsigned long e )
762 std::vector<char> v( 300 ) ;
763 ERR_error_string_n( e , &v[0] , v.size() ) ;
764 std::string s( &v[0] , v.size() ) ;
765 return std::string( s.c_str() ) ;
770GSsl::OpenSSL::CertificateChain::CertificateChain( STACK_OF(X509) * chain )
772 for(
int i = 0 ; chain !=
nullptr && i < sk_X509_num(chain) ; i++ )
774 void * p = sk_X509_value(chain,i) ;
if( p ==
nullptr ) break ;
775 X509 * x509 =
static_cast<X509*
>(p) ;
776 m_str.append( Certificate(x509,
false).str() ) ;
780std::string GSsl::OpenSSL::CertificateChain::str()
const
787GSsl::OpenSSL::Certificate::Certificate( X509 * x509 ,
bool do_free )
789 if( x509 ==
nullptr ) return ;
790 BIO * bio = BIO_new( BIO_s_mem() ) ;
791 if( bio ==
nullptr ) return ;
792 int rc = PEM_write_bio_X509( bio , x509 ) ;
793 if( !rc ) { BIO_free(bio) ; return ; }
794 BUF_MEM * mem = nullptr ;
795 BIO_get_mem_ptr( bio , &mem ) ;
796 std::size_t n = mem ?
static_cast<std::size_t
>(mem->length) : 0U ;
797 const char * p = mem ? mem->data : nullptr ;
798 std::string data = p&&n ? std::string(p,n) :
std::string() ;
800 if( do_free ) X509_free( x509 ) ;
809std::string GSsl::OpenSSL::Certificate::str()
const
820 m_options_reset(0L) ,
821 m_noverify(consume(cfg,
"noverify"))
823 #if GCONFIG_HAVE_OPENSSL_TLS_METHOD
824 m_server_fn = TLS_server_method ;
825 m_client_fn = TLS_client_method ;
827 m_server_fn = SSLv23_server_method ;
828 m_client_fn = SSLv23_client_method ;
831 #if GCONFIG_HAVE_OPENSSL_MIN_MAX
834 if( consume(cfg,
"sslv3") ) m_min = SSL3_VERSION ;
835 if( consume(cfg,
"-sslv3") ) m_max = SSL3_VERSION ;
839 if( consume(cfg,
"tlsv1.0") ) m_min = TLS1_VERSION ;
840 if( consume(cfg,
"-tlsv1.0") ) m_max = TLS1_VERSION ;
843 #ifdef TLS1_1_VERSION
844 if( consume(cfg,
"tlsv1.1") ) m_min = TLS1_1_VERSION ;
845 if( consume(cfg,
"-tlsv1.1") ) m_max = TLS1_1_VERSION ;
848 #ifdef TLS1_2_VERSION
849 if( consume(cfg,
"tlsv1.2") ) m_min = TLS1_2_VERSION ;
850 if( consume(cfg,
"-tlsv1.2") ) m_max = TLS1_2_VERSION ;
853 #ifdef TLS1_3_VERSION
854 if( consume(cfg,
"tlsv1.3") ) m_min = TLS1_3_VERSION ;
855 if( consume(cfg,
"-tlsv1.3") ) m_max = TLS1_3_VERSION ;
861 if( consume(cfg,
"op_all") ) m_options_set |= SSL_OP_ALL ;
864 #ifdef SSL_OP_NO_TICKET
865 if( consume(cfg,
"op_no_ticket") ) m_options_set |= SSL_OP_NO_TICKET ;
868 #ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
869 if( consume(cfg,
"op_no_resumption") ) m_options_set |= SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION ;
872 #ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
873 if( consume(cfg,
"op_server_preference") ) m_options_set |= SSL_OP_CIPHER_SERVER_PREFERENCE ;
879 return LibraryImp::consume( list , item ) ;
882GSsl::OpenSSL::Config::Fn GSsl::OpenSSL::Config::fn(
bool server )
884 return server ? m_server_fn : m_client_fn ;
887long GSsl::OpenSSL::Config::set()
const
889 return m_options_set ;
892long GSsl::OpenSSL::Config::reset()
const
894 return m_options_reset ;
897int GSsl::OpenSSL::Config::min_()
const
902int GSsl::OpenSSL::Config::max_()
const
907bool GSsl::OpenSSL::Config::noverify()
const
virtual std::string state()=0
Implements Digester::state().
virtual std::size_t blocksize() const noexcept=0
Implements Digester::blocksize().
virtual std::size_t statesize() const noexcept=0
Implements Digester::statesize().
virtual std::size_t valuesize() const noexcept=0
Implements Digester::valuesize().
virtual std::string value()=0
Implements Digester::value().
virtual void add(G::string_view)=0
Implements Digester::add().
A class for objects that can perform a cryptographic hash.
virtual bool hasProfile(const std::string &profile_name) const =0
Implements Library::hasProfile().
virtual const Profile & profile(const std::string &profile_name) const =0
Implements Library::profile().
virtual Digester digester(const std::string &, const std::string &, bool) const =0
Implements Library::digester().
virtual std::string id() const =0
Implements Library::id().
virtual G::StringArray digesters(bool) const =0
Implements Library::digesters().
virtual void addProfile(const std::string &, bool, const std::string &, const std::string &, const std::string &, const std::string &, const std::string &, const std::string &)=0
Implements Library::addProfile().
Holds protocol version information, etc.
A base interface for profile classes that work with concrete classes derived from GSsl::LibraryImpBas...
virtual std::unique_ptr< ProtocolImpBase > newProtocol(const std::string &, const std::string &) const =0
Factory method for a new Protocol object.
virtual bool verified() const =0
Implements Protocol::verified().
virtual std::string peerCertificate() const =0
Implements Protocol::peerCertificate().
virtual Protocol::Result connect(G::ReadWrite &)=0
Implements Protocol::connect().
virtual std::string cipher() const =0
Implements Protocol::cipher().
virtual Protocol::Result write(const char *, std::size_t, ssize_t &)=0
Implements Protocol::write().
virtual std::string protocol() const =0
Implements Protocol::protocol().
virtual Protocol::Result read(char *, std::size_t, ssize_t &)=0
Implements Protocol::read().
virtual std::string peerCertificateChain() const =0
Implements Protocol::peerCertificateChain().
virtual Protocol::Result accept(G::ReadWrite &)=0
Implements Protocol::accept().
virtual Protocol::Result shutdown()=0
Implements Protocol::shutdown().
static bool isDirectory(const Path &path, std::nothrow_t)
Returns true if the path exists() and is a directory.
static bool exists(const Path &file)
Returns true if the file (directory, device etc.) exists.
static std::string encode(const uint_type *)
Returns the hash state as an N-character string of non-printing characters.
static void decode(const std::string &s, uint_type *values_out, size_type &size_out)
Converts an encode()d string back into a hash state of N/4 integers and a data size returned by refer...
A Path object represents a file system path.
std::string basename() const
Returns the rightmost part of the path, ignoring "." parts.
static std::string exe()
Returns the absolute path of the current executable, independent of the argv array passed to main().
An abstract interface for reading and writing from a non-blocking i/o channel.
virtual SOCKET fd() const noexcept=0
Returns the file descriptor.
A class which acquires the process's special privileges on construction and releases them on destruct...
static unsigned int replaceAll(std::string &s, string_view from, string_view to)
Does a global replace on string 's', replacing all occurrences of sub-string 'from' with 'to'.
static void splitIntoTokens(const std::string &in, StringArray &out, string_view ws, char esc='\0')
Splits the string into 'ws'-delimited tokens.
static std::string unique(const std::string &s, char c, char r)
Returns a string with repeated 'c' characters replaced by one 'r' character.
static std::string join(string_view sep, const StringArray &strings)
Concatenates an array of strings with separators.
static std::string fromInt(int i)
Converts int 'i' to a string.
static std::string printable(const std::string &in, char escape='\\')
Returns a printable representation of the given input string, using chacter code ranges 0x20 to 0x7e ...
A class like c++17's std::string_view.
An interface to an underlying TLS library.
const char * txt(const char *p)
A briefer alternative to G::gettext().
std::vector< std::string > StringArray
A std::vector of std::strings.