webrtc/talk/base/openssladapter.h
henrike@webrtc.org 28e2075280 Adds trunk/talk folder of revision 359 from libjingles google code to
trunk/talk


git-svn-id: http://webrtc.googlecode.com/svn/trunk@4318 4adac7df-926f-26a2-2b94-8c16560cd09d
2013-07-10 00:45:36 +00:00

106 lines
3.7 KiB
C++

/*
* libjingle
* Copyright 2004--2005, Google Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
* EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
* OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef TALK_BASE_OPENSSLADAPTER_H__
#define TALK_BASE_OPENSSLADAPTER_H__
#include <string>
#include "talk/base/ssladapter.h"
typedef struct ssl_st SSL;
typedef struct ssl_ctx_st SSL_CTX;
typedef struct x509_store_ctx_st X509_STORE_CTX;
namespace talk_base {
///////////////////////////////////////////////////////////////////////////////
class OpenSSLAdapter : public SSLAdapter {
public:
static bool InitializeSSL(VerificationCallback callback);
static bool InitializeSSLThread();
static bool CleanupSSL();
OpenSSLAdapter(AsyncSocket* socket);
virtual ~OpenSSLAdapter();
virtual int StartSSL(const char* hostname, bool restartable);
virtual int Send(const void* pv, size_t cb);
virtual int Recv(void* pv, size_t cb);
virtual int Close();
// Note that the socket returns ST_CONNECTING while SSL is being negotiated.
virtual ConnState GetState() const;
protected:
virtual void OnConnectEvent(AsyncSocket* socket);
virtual void OnReadEvent(AsyncSocket* socket);
virtual void OnWriteEvent(AsyncSocket* socket);
virtual void OnCloseEvent(AsyncSocket* socket, int err);
private:
enum SSLState {
SSL_NONE, SSL_WAIT, SSL_CONNECTING, SSL_CONNECTED, SSL_ERROR
};
int BeginSSL();
int ContinueSSL();
void Error(const char* context, int err, bool signal = true);
void Cleanup();
static bool VerifyServerName(SSL* ssl, const char* host,
bool ignore_bad_cert);
bool SSLPostConnectionCheck(SSL* ssl, const char* host);
#if _DEBUG
static void SSLInfoCallback(const SSL* s, int where, int ret);
#endif // !_DEBUG
static int SSLVerifyCallback(int ok, X509_STORE_CTX* store);
static VerificationCallback custom_verify_callback_;
friend class OpenSSLStreamAdapter; // for custom_verify_callback_;
static bool ConfigureTrustedRootCertificates(SSL_CTX* ctx);
static SSL_CTX* SetupSSLContext();
SSLState state_;
bool ssl_read_needs_write_;
bool ssl_write_needs_read_;
// If true, socket will retain SSL configuration after Close.
bool restartable_;
SSL* ssl_;
SSL_CTX* ssl_ctx_;
std::string ssl_host_name_;
bool custom_verification_succeeded_;
};
/////////////////////////////////////////////////////////////////////////////
} // namespace talk_base
#endif // TALK_BASE_OPENSSLADAPTER_H__