doxygen/0.12.1/TLSStream_8h_source.html

/*

 * TLSStream.h

 *

 * Copyright (C) 2011 IBR, TU Braunschweig

 *

 * Written-by: Stephen Roettger <roettger@ibr.cs.tu-bs.de>

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *     http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 *

 */


#ifndef TLSSTREAM_H_

#define TLSSTREAM_H_


#include <streambuf>

#include <iostream>

#include <memory>

#include <vector>

#include <openssl/ssl.h>

#include "ibrcommon/thread/Mutex.h"

#include "ibrcommon/data/File.h"

#include "ibrcommon/ssl/iostreamBIO.h"


namespace ibrcommon

{

        class TLSStream : public std::basic_streambuf<char, std::char_traits<char> >, public std::iostream

        {

                static const std::string TAG;


        public:

                typedef std::char_traits<char> traits;


                TLSStream(std::iostream *stream);

                virtual ~TLSStream();


                void setServer(bool val);


            static void init(X509 *certificate, EVP_PKEY *privateKey, ibrcommon::File trustedCAPath, bool enableEncryption = false);


            static void flushInitialization();


            static bool isInitialized();


            void close();


                static const size_t BUFF_SIZE = 5120;


                X509 *activate();


        protected:

                virtual int sync();

                virtual traits::int_type overflow(traits::int_type = traits::eof());

                virtual traits::int_type underflow();


        private:

                std::string log_error_msg(int errnumber);


                static bool _initialized;

                /* this second initialized variable is needed, because init() can fail and SSL_library_init() is not reentrant. */

                static bool _SSL_initialized;

                static ibrcommon::Mutex _initialization_lock;


                bool _activated;

                ibrcommon::Mutex _activation_lock;


                // Input buffer

                std::vector<char> in_buf_;

                // Output buffer

                std::vector<char> out_buf_;


                std::iostream *_stream;

                /* indicates if this node is the server in the underlying tcp connection */

                bool _server;


                static SSL_CTX *_ssl_ctx;

                SSL *_ssl;

                X509 *_peer_cert;

                iostreamBIO *_iostreamBIO;

        };

}


#endif /* TLSSTREAM_H_ */