summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTobias Markmann <tm@ayena.de>2018-02-02 06:44:28 (GMT)
committerTobias Markmann <tm@ayena.de>2018-02-02 12:48:17 (GMT)
commit9919bcfde2a166f815d259712af516a2dc3bd896 (patch)
treeeb0fc07368c86e4fe5c10cb2284f1284c6a0641f /Swiften/TLS/OpenSSL/OpenSSLContext.h
parent9e2eee27d47ff1523677eb3881b4edcf66d7c0db (diff)
downloadswift-9919bcfde2a166f815d259712af516a2dc3bd896.zip
swift-9919bcfde2a166f815d259712af516a2dc3bd896.tar.bz2
Add basic TLS server support in OpenTLSContext
This also extends the TLSContext interface with methods required for server mode. Test-Information: Added unit tests that test new functionality in TLSContex. This includes test certificates in the source file that are not for public use. This new ClientServerTest is only enabled for OpenSSL, as other TLS backends do not support the new functionality yet. Tested on macOS 10.13.3 with clang-trunk. Change-Id: I8e43476057608067eb3b9852328aa21cd22974a0
Diffstat (limited to 'Swiften/TLS/OpenSSL/OpenSSLContext.h')
-rw-r--r--Swiften/TLS/OpenSSL/OpenSSLContext.h11
1 files changed, 9 insertions, 2 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.h b/Swiften/TLS/OpenSSL/OpenSSLContext.h
index 49ada51..5f06811 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLContext.h
+++ b/Swiften/TLS/OpenSSL/OpenSSLContext.h
@@ -38,10 +38,14 @@ namespace std {
namespace Swift {
class OpenSSLContext : public TLSContext, boost::noncopyable {
public:
- OpenSSLContext();
+ OpenSSLContext(Mode mode);
virtual ~OpenSSLContext() override final;
+ void accept() override final;
void connect() override final;
+
+ bool setCertificateChain(const std::vector<Certificate::ref>& certificateChain) override final;
+ bool setPrivateKey(const PrivateKey::ref& privateKey) override final;
bool setClientCertificate(CertificateWithKey::ref cert) override final;
void handleDataFromNetwork(const SafeByteArray&) override final;
@@ -57,13 +61,16 @@ namespace Swift {
static CertificateVerificationError::Type getVerificationErrorTypeForResult(int);
+ void initAndSetBIOs();
+ void doAccept();
void doConnect();
void sendPendingDataToNetwork();
void sendPendingDataToApplication();
private:
- enum class State { Start, Connecting, Connected, Error };
+ enum class State { Start, Accepting, Connecting, Connected, Error };
+ Mode mode_;
State state_;
std::unique_ptr<SSL_CTX> context_;
std::unique_ptr<SSL> handle_;