2 * Worldvisions Weaver Software:
3 * Copyright (C) 1997-2002 Net Integration Technologies, Inc.
5 * SSL (Socket Security Layer) communications via WvStreams.
7 #ifndef __WVSSLSTREAM_H
8 #define __WVSSLSTREAM_H
10 #include "wvfdstream.h"
12 #include "wvstreamclone.h"
19 typedef struct ssl_ctx_st SSL_CTX
;
20 typedef struct ssl_st SSL
;
21 typedef struct ssl_method_st SSL_METHOD
;
27 typedef wv::function
<bool(WvX509
*)> WvSSLValidateCallback
;
28 typedef wv::function
<bool(WvX509
*, WvSSLStream
*)> WvSSLGlobalValidateCallback
;
31 * SSL Stream, handles SSLv2, SSLv3, and TLS
32 * Methods - If you want it to be a server, then you must feed the constructor
35 class WvSSLStream
: public WvStreamClone
38 /* This ValidateCallback is purely more convenient to set (not passed in
39 * via constructor) than its local cousin. It is used when you want an
40 * easy way to assign a validation function to any WvSSLStream you might
41 * be using. NOTE: It should be assigned before you instantiate a stream,
42 * and should never be changed while WvSSLStreams still linger.
44 * NOTE: Using wv::bind can effectively bind an object with a particular
45 * function for this callback, so you can do all sorts of interesting stuff
48 static WvSSLGlobalValidateCallback global_vcb
;
50 * Start an SSL connection on the stream _slave. The x509 structure
51 * is optional for a client, and mandatory for a server. You need to
52 * keep the X509 object around for the entire life of this object!
54 WvSSLStream(IWvStream
*_slave
, WvX509Mgr
*_x509
= NULL
,
55 WvSSLValidateCallback _vcb
= 0, bool _is_server
= false);
57 /** Cleans up everything (calls close + frees up the SSL Objects used) */
58 virtual ~WvSSLStream();
60 virtual void pre_select(SelectInfo
&si
);
61 virtual bool post_select(SelectInfo
&si
);
64 virtual bool isok() const;
65 virtual void noread();
66 virtual void nowrite();
71 /** SSL Context - used to create SSL Object */
75 * Main SSL Object - after SSL_set_fd() we make all calls through the
76 * connection through here
80 virtual size_t uwrite(const void *buf
, size_t len
);
81 virtual size_t uread(void *buf
, size_t len
);
85 * Connection Status Flag, since SSL takes a few seconds to
89 SelectRequest connect_wants
;
91 /** Set the connected flag and flush the unconnected_buf */
92 void setconnected(bool conn
);
94 /** Keep track of whether we are a client or a server */
97 /** We have to override the WvStream noread/nowrite implementation... */
98 bool ssl_stop_read
, ssl_stop_write
;
100 /** Keep track of whether we want to check the peer who connects to us */
101 WvSSLValidateCallback vcb
;
103 /** Internal Log Object */
107 * SSL_write() may return an SSL_ERROR_WANT_WRITE code which
108 * indicates that the function should be called again with
109 * precisely the same arguments as the last time. To ensure that
110 * this can happen, we must unfortunately copy data into a bounce
111 * buffer and remeber the fact. We use a WvBuf here to allow
112 * an arbitrary amount of data to be set aside.
114 WvInPlaceBuf write_bouncebuf
;
117 /** Similar nastiness happens with SSL_read() */
118 WvInPlaceBuf read_bouncebuf
;
121 /** Need to buffer writes until sslconnected */
122 WvDynBuf unconnected_buf
;
124 /** Prints out the entire SSL error queue */
125 void printerr(WvStringParm func
);
128 const char *wstype() const { return "WvSSLStream"; }
131 #endif // __WVSSLSTREAM_H