summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTobias Markmann <tm@ayena.de>2018-01-05 15:45:34 (GMT)
committerTobias Markmann <tm@ayena.de>2018-01-30 11:46:28 (GMT)
commit9eaa75b907a515a65ccb2002632fbf2f30c5aee8 (patch)
tree94102960e7814eebb5f8646dacf34ad06f8c1f8d /Swiften/TLS/OpenSSL/OpenSSLContext.h
parent1f70a58280db165c0df80c81b41986f1d67c0a95 (diff)
downloadswift-9eaa75b907a515a65ccb2002632fbf2f30c5aee8.zip
swift-9eaa75b907a515a65ccb2002632fbf2f30c5aee8.tar.bz2
Modernize OpenSSL crypto backend
* use std::unique_ptr for memory management of dynamic OpenSSL objects * use an initializer class and static instance of it to correctly initialize/finalize OpenSSL on first use * use enum class instead of simple enum for state * use nullptr instead of NULL Test-Information: Builds and tests pass on macOS 10.13.2 with clang-trunk and ASAN. Change-Id: I346f14e21c34871c1900a8e1ac000450770a0bbe
Diffstat (limited to 'Swiften/TLS/OpenSSL/OpenSSLContext.h')
-rw-r--r--Swiften/TLS/OpenSSL/OpenSSLContext.h49
1 files changed, 34 insertions, 15 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.h b/Swiften/TLS/OpenSSL/OpenSSLContext.h
index e75b3c9..49ada51 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLContext.h
+++ b/Swiften/TLS/OpenSSL/OpenSSLContext.h
@@ -1,11 +1,13 @@
/*
- * Copyright (c) 2010-2016 Isode Limited.
+ * Copyright (c) 2010-2018 Isode Limited.
* All rights reserved.
* See the COPYING file for more information.
*/
#pragma once
+#include <memory>
+
#include <boost/noncopyable.hpp>
#include <boost/signals2.hpp>
@@ -15,23 +17,40 @@
#include <Swiften/TLS/CertificateWithKey.h>
#include <Swiften/TLS/TLSContext.h>
-namespace Swift {
+namespace std {
+ template<>
+ class default_delete<SSL_CTX> {
+ public:
+ void operator()(SSL_CTX *ptr) {
+ SSL_CTX_free(ptr);
+ }
+ };
+ template<>
+ class default_delete<SSL> {
+ public:
+ void operator()(SSL *ptr) {
+ SSL_free(ptr);
+ }
+ };
+}
+
+namespace Swift {
class OpenSSLContext : public TLSContext, boost::noncopyable {
public:
OpenSSLContext();
- virtual ~OpenSSLContext();
+ virtual ~OpenSSLContext() override final;
- void connect();
- bool setClientCertificate(CertificateWithKey::ref cert);
+ void connect() override final;
+ bool setClientCertificate(CertificateWithKey::ref cert) override final;
- void handleDataFromNetwork(const SafeByteArray&);
- void handleDataFromApplication(const SafeByteArray&);
+ void handleDataFromNetwork(const SafeByteArray&) override final;
+ void handleDataFromApplication(const SafeByteArray&) override final;
- std::vector<Certificate::ref> getPeerCertificateChain() const;
- std::shared_ptr<CertificateVerificationError> getPeerCertificateVerificationError() const;
+ std::vector<Certificate::ref> getPeerCertificateChain() const override final;
+ std::shared_ptr<CertificateVerificationError> getPeerCertificateVerificationError() const override final;
- virtual ByteArray getFinishMessage() const;
+ virtual ByteArray getFinishMessage() const override final;
private:
static void ensureLibraryInitialized();
@@ -43,12 +62,12 @@ namespace Swift {
void sendPendingDataToApplication();
private:
- enum State { Start, Connecting, Connected, Error };
+ enum class State { Start, Connecting, Connected, Error };
State state_;
- SSL_CTX* context_;
- SSL* handle_;
- BIO* readBIO_;
- BIO* writeBIO_;
+ std::unique_ptr<SSL_CTX> context_;
+ std::unique_ptr<SSL> handle_;
+ BIO* readBIO_ = nullptr;
+ BIO* writeBIO_ = nullptr;
};
}