SSLSocket.h

/*
 * Copyright 2003 Michael A. Marsh, Cornell University. All rights reserved.
 * This software is released under the modified BSD license.
 * See the file LICENSE in the top-level directory for details.
 */
//
// $Id: SSLSocket.h,v 1.3 2004/05/19 15:56:57 mmarsh Exp $
//
// $Log: SSLSocket.h,v $
// Revision 1.3  2004/05/19 15:56:57  mmarsh
// *** empty log message ***
//
// Revision 1.2  2003/11/04 22:20:38  mmarsh
// General code cleanup, including the addition of a few new exception
// classes.
//
//

#ifndef __CODEX_SSL_SSLSOCKET_H__
#define __CODEX_SSL_SSLSOCKET_H__

#include <openssl/ssl.h>

#include "CODEX_Quorum/Socket.h"
#include "CODEX_Quorum/SocketBuilder.h"

namespace CODEX_SSL
{
   class SSLSocket : public CODEX_Quorum::SocketBase
   {
      public :
         SSLSocket( SSL_CTX*  ctx              ,
                    int       domain=PF_INET   ,
                    int       type=SOCK_STREAM ,
                    int       protocol=0       ,
                    bool      blocking=false   );
         SSLSocket(const SSLSocket& aOther);
         virtual ~SSLSocket();

         int set_fd( fd_set* fd_bitmap, StateType s ) const;

         bool isset_fd( const fd_set* fd_bitmap, StateType s ) const;

         size_t readFrom( void* output, size_t maxSize=1024 ) const;

      protected :
         CODEX_Quorum::SocketBase* clone();

         void connect( const CODEX_Quorum::RemoteServer& server );

         void finish_accept();

         int internal_write( const unsigned char* output,
                             size_t maxSize ) const;

      private :
         SSL_CTX*      m_ctx;
         SSL*          m_ssl_con;
         mutable bool  m_needRead;
         mutable bool  m_needWrite;
   };

   class SSLSocketBuilder : public CODEX_Quorum::SocketBuilder
   {
      public :
         SSLSocketBuilder( SSL_METHOD*  meth,
                           const X509*  cert,
                           const RSA*   privKey,
                           const char*  ciphers,
                           const char*  caCertFile,
                           const char*  hostCertFile,
                           int          verify,
                           int          domain=PF_INET   ,
                           int          type=SOCK_STREAM ,
                           int          protocol=0       ,
                           bool         blocking=false   );

         virtual ~SSLSocketBuilder();

         CODEX_Quorum::SocketBase* operator()() const;

      protected :
         SSL_CTX*  m_ctx;
   };


   //------ Exceptions ------//

   class QSESSLSocket : public CODEX_Quorum::QSESocketBase
   {
      public :
         QSESSLSocket( const string& fname, int line, int error ) :
            CODEX_Quorum::QSESocketBase( fname, line, error )
         {}

      protected :
         void errMsg() const;
   };

   class SSLExceptionBase : public CODEX_Exceptions::ExceptionBase
   {
      public :
         SSLExceptionBase( const string& fname, int line ) :
            CODEX_Exceptions::ExceptionBase( fname, line )
         {}

         void report() const;

      protected :
         virtual void derivedMsg() const = 0;
   };

   class SSLNullContextException : public SSLExceptionBase
   {
      public :
         SSLNullContextException( const string& fname, int line ) :
            SSLExceptionBase( fname, line )
         {}

      protected :
         void derivedMsg() const;
   };

   class SSLNullCiphersException : public SSLExceptionBase
   {
      public :
         SSLNullCiphersException( const string& fname, int line ) :
            SSLExceptionBase( fname, line )
         {}

      protected :
         void derivedMsg() const;
   };

   class SSLVerificationFlagsException : public SSLExceptionBase
   {
      public :
         SSLVerificationFlagsException( const string& fname, int line ) :
            SSLExceptionBase( fname, line )
         {}

      protected :
         void derivedMsg() const;
   };

}

#endif /* __CODEX_SSL_SSLSOCKET_H__ */

---