summaryrefslogtreecommitdiff
path: root/ACE/protocols/ace/INet/HTTPS_Context.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'ACE/protocols/ace/INet/HTTPS_Context.cpp')
-rw-r--r--ACE/protocols/ace/INet/HTTPS_Context.cpp125
1 files changed, 125 insertions, 0 deletions
diff --git a/ACE/protocols/ace/INet/HTTPS_Context.cpp b/ACE/protocols/ace/INet/HTTPS_Context.cpp
new file mode 100644
index 00000000000..6eff53b4daf
--- /dev/null
+++ b/ACE/protocols/ace/INet/HTTPS_Context.cpp
@@ -0,0 +1,125 @@
+// $Id$
+
+#include "ace/INet/HTTPS_Context.h"
+
+#if !defined (__ACE_INLINE__)
+#include "ace/INet/HTTPS_Context.inl"
+#endif
+
+#include "ace/OS_NS_stdlib.h"
+#include "ace/OS_NS_unistd.h"
+#include "ace/OS_NS_sys_stat.h"
+#include "ace/INet/INet_Log.h"
+
+ACE_BEGIN_VERSIONED_NAMESPACE_DECL
+
+namespace ACE
+{
+ namespace HTTPS
+ {
+
+ int Context::ssl_mode_ = ACE_SSL_Context::SSLv3;
+ bool Context::ssl_strict_ = false;
+ bool Context::ssl_once_ = true;
+ int Context::ssl_depth_ = 0;
+ bool Context::ssl_verify_peer_ = true;
+
+ Context::Context (bool verify_peer,
+ bool strict,
+ bool once,
+ int depth,
+ int ssl_mode,
+ ACE_SSL_Context* ssl_ctx,
+ bool release,
+ ACE::INet::SSL_CallbackManager* ssl_cbmngr)
+ : ssl_ctx_ (0)
+ {
+ if (ssl_ctx == 0)
+ {
+ ACE_NEW_NORETURN (ssl_ctx, ACE_SSL_Context ());
+ release = true;
+ }
+ if (ssl_ctx != 0)
+ {
+ if (release)
+ {
+ this->alloc_safe.reset (ssl_ctx);
+ }
+ this->ssl_ctx_ = ssl_ctx;
+
+ this->ssl_ctx_->set_mode (ssl_mode);
+ if (verify_peer)
+ this->ssl_ctx_->set_verify_peer (strict ? 1 : 0,
+ once ? 1 : 0,
+ depth);
+ if (ssl_cbmngr != 0)
+ ssl_cbmngr->initialize_callbacks (this->ssl_ctx_);
+ // do this to be sure that these settings have been properly set
+ // ACE_SSL_Context does not handle this quite correctly
+ ::SSL_CTX_set_verify (this->ssl_ctx_->context (),
+ this->ssl_ctx_->default_verify_mode (),
+ this->ssl_ctx_->default_verify_callback ());
+ INET_DEBUG (9,(LM_INFO, DLINFO
+ ACE_TEXT ("HTTPS_Context::ctor - ")
+ ACE_TEXT ("ssl_mode = [%d], ")
+ ACE_TEXT ("verify_peer = [%d], ")
+ ACE_TEXT ("verify_mode = [%d]\n"),
+ this->ssl_ctx_->get_mode (),
+ (verify_peer ? 1 : 0),
+ this->ssl_ctx_->default_verify_mode ()));
+ }
+ }
+
+ Context::Context (ACE_SSL_Context* ssl_ctx,
+ bool release,
+ ACE::INet::SSL_CallbackManager* ssl_cbmngr)
+ : ssl_ctx_ (ssl_ctx)
+ {
+ if (this->ssl_ctx_ != 0)
+ {
+ if (release)
+ this->alloc_safe.reset (this->ssl_ctx_);
+
+ if (ssl_cbmngr != 0)
+ ssl_cbmngr->initialize_callbacks (this->ssl_ctx_);
+ }
+ }
+
+ Context& Context::instance ()
+ {
+ return *ACE_Unmanaged_Singleton<Context, ACE_SYNCH::MUTEX>::instance ();
+ }
+
+ Context::Context (const Context&)
+ {
+ }
+
+ Context::~Context ()
+ {
+ }
+
+ bool Context::load_trusted_ca (const char* ca_location)
+ {
+ ACE_stat stat;
+ if (ca_location != 0 && ACE_OS::stat (ca_location, &stat) == 0)
+ {
+ bool is_dir = ((stat.st_mode & S_IFMT) == S_IFDIR);
+ if (this->ssl_ctx_->load_trusted_ca (is_dir ? 0 : ca_location,
+ is_dir ? ca_location : 0,
+ false) == 0)
+ return true;
+ }
+ else
+ {
+ INET_ERROR (1, (LM_ERROR, DLINFO
+ ACE_TEXT ("Context::load_trusted_ca - ")
+ ACE_TEXT ("invalid ca_location [%C]\n"),
+ ca_location == 0 ? "(null)" : ca_location));
+ }
+ return false;
+ }
+
+ }
+}
+
+ACE_END_VERSIONED_NAMESPACE_DECL
View Lorry Controller Status