caf::net::ssl::context Class Reference
SSL state, shared by multiple connections. More...
#include <context.hpp>
Public Member Functions | |
| context (std::nullptr_t) | |
| context (context &&other) | |
| context & | operator= (context &&other) |
| operator bool () const noexcept | |
| bool | operator! () const noexcept |
| void | verify_mode (verify_t flags) |
| Overrides the verification mode for this context. | |
| template<typename PasswordCallback > | |
| void | password_callback (PasswordCallback callback) |
| Overrides the callback to obtain the password for encrypted PEM files. | |
| void | password (std::string password) |
Overrides the callback to obtain the password for encrypted PEM files with a function that always returns password. | |
| void * | native_handle () const noexcept |
| Retrieves the native handle from the context. | |
| expected< connection > | new_connection (stream_socket fd) |
Creates a new SSL connection on fd. | |
| expected< connection > | new_connection (stream_socket fd, close_on_shutdown_t) |
Creates a new SSL connection on fd. | |
| bool | enable_default_verify_paths () |
| Configure the context to use the default locations for loading CA certificates. | |
| bool | add_verify_path (const char *path) |
| Configures the context to load CA certificate from a directory. | |
| bool | add_verify_path (const std::string &path) |
| Configures the context to load CA certificate from a directory. | |
| bool | load_verify_file (const char *path) |
| Loads a CA certificate file. | |
| bool | load_verify_file (const std::string &path) |
| Loads a CA certificate file. | |
| bool | use_certificate_file (const char *path, format file_format) |
| Loads the first certificate found in given file. | |
| bool | use_certificate_file (const std::string &path, format file_format) |
| Loads the first certificate found in given file. | |
| bool | use_certificate_chain_file (const char *path) |
| Loads a certificate chain from a PEM-formatted file. | |
| bool | use_certificate_chain_file (const std::string &path) |
| Loads a certificate chain from a PEM-formatted file. | |
| bool | use_private_key_file (const char *path, format file_format) |
| Loads the first private key found in given file. | |
| bool | use_private_key_file (const std::string &path, format file_format) |
| Loads the first private key found in given file. | |
Static Public Member Functions | |
| static expected< void > | enable (bool flag) |
Starting point for chaining expected<T>::and_then() invocations, whereas the next function in the chain should create the SSL context depending on the value of flag. | |
| static expected< context > | make (tls min_version, tls max_version=tls::any) |
| Returns a generic SSL context with TLS. | |
| static expected< context > | make_server (tls min_version, tls max_version=tls::any) |
| Returns a SSL context with TLS for a server role. | |
| static expected< context > | make_client (tls min_version, tls max_version=tls::any) |
| Returns a SSL context with TLS for a client role. | |
| static expected< context > | make (dtls min_version, dtls max_version=dtls::any) |
| Returns a generic SSL context with DTLS. | |
| static expected< context > | make_server (dtls min_version, dtls max_version=dtls::any) |
| Returns a SSL context with DTLS for a server role. | |
| static expected< context > | make_client (dtls min_version, dtls max_version=dtls::any) |
| Returns a SSL context with TLS for a client role. | |
| static context | from_native (void *native_handle) |
Reinterprets native_handle as the native implementation type and takes ownership of the handle. | |
| static std::string | next_error_string () |
| Retrieves a human-readable error description for a preceding call to another member functions and removes that error from the thread-local error queue. | |
| static void | append_next_error_string (std::string &buf) |
Retrieves a human-readable error description for a preceding call to another member functions, appends the generated string to buf and removes that error from the thread-local error queue. | |
| static std::string | last_error_string () |
Convenience function for calling next_error_string repeatedly until has_error returns false. | |
| static bool | has_error () noexcept |
| Queries whether the thread-local error stack has at least one entry. | |
| static error | last_error () |
| Retrieves all errors from the thread-local error queue and assembles them into a single error string. | |
| static error | last_error_or (error default_error) |
Returns last_error or default_error if the former is default-constructed. | |
| static error | last_error_or_unexpected (std::string_view description) |
| Returns last_error or an error that represents an unexpected failure if the former is default-constructed. | |
Detailed Description
SSL state, shared by multiple connections.
Member Function Documentation
◆ add_verify_path() [1/2]
|
nodiscard |
Configures the context to load CA certificate from a directory.
- Parameters
-
path Null-terminated string with a path to a directory. Files in the directory must use the CA subject name hash value as file name with a suffix to disambiguate multiple certificates, e.g., 9d66eef0.0and9d66eef0.1.
- Returns
trueon success,falseotherwise andlast_errorcan be used to retrieve a human-readable error representation.
- Note
- Calls
SSL_CTX_load_verify_locations
◆ add_verify_path() [2/2]
|
nodiscard |
Configures the context to load CA certificate from a directory.
- Parameters
-
path Null-terminated string with a path to a directory. Files in the directory must use the CA subject name hash value as file name with a suffix to disambiguate multiple certificates, e.g., 9d66eef0.0and9d66eef0.1.
- Returns
trueon success,falseotherwise andlast_errorcan be used to retrieve a human-readable error representation.
- Note
- Calls
SSL_CTX_load_verify_locations
◆ append_next_error_string()
|
static |
Retrieves a human-readable error description for a preceding call to another member functions, appends the generated string to buf and removes that error from the thread-local error queue.
Call repeatedly until has_error returns false to retrieve all errors from the queue.
◆ enable_default_verify_paths()
|
nodiscard |
Configure the context to use the default locations for loading CA certificates.
- Returns
trueon success,falseotherwise andlast_errorcan be used to retrieve a human-readable error representation.
◆ last_error()
|
static |
Retrieves all errors from the thread-local error queue and assembles them into a single error string.
- Returns
- all error strings from the thread-local error queue or
◆ load_verify_file() [1/2]
|
nodiscard |
Loads a CA certificate file.
- Parameters
-
path Null-terminated string with a path to a single PEM file.
- Returns
trueon success,falseotherwise andlast_errorcan be used to retrieve a human-readable error representation.
- Note
- Calls
SSL_CTX_load_verify_locations
◆ load_verify_file() [2/2]
|
nodiscard |
Loads a CA certificate file.
- Parameters
-
path Null-terminated string with a path to a single PEM file.
- Returns
trueon success,falseotherwise andlast_errorcan be used to retrieve a human-readable error representation.
- Note
- Calls
SSL_CTX_load_verify_locations
◆ new_connection() [1/2]
| expected< connection > caf::net::ssl::context::new_connection | ( | stream_socket | fd | ) |
Creates a new SSL connection on fd.
The connection does not take ownership of the socket, i.e., does not close the socket when the SSL session ends.
◆ new_connection() [2/2]
| expected< connection > caf::net::ssl::context::new_connection | ( | stream_socket | fd, |
| close_on_shutdown_t | ) |
Creates a new SSL connection on fd.
The connection takes ownership of the socket, i.e., closes the socket when the SSL session ends.
◆ next_error_string()
|
static |
Retrieves a human-readable error description for a preceding call to another member functions and removes that error from the thread-local error queue.
Call repeatedly until has_error returns false to retrieve all errors from the queue.
◆ password()
| void caf::net::ssl::context::password | ( | std::string | password | ) |
Overrides the callback to obtain the password for encrypted PEM files with a function that always returns password.
- Note
- calls
SSL_CTX_set_default_passwd_cb
◆ password_callback()
template<typename PasswordCallback >
| void caf::net::ssl::context::password_callback | ( | PasswordCallback | callback | ) |
Overrides the callback to obtain the password for encrypted PEM files.
- Note
- calls
SSL_CTX_set_default_passwd_cb
◆ use_certificate_chain_file() [1/2]
|
nodiscard |
Loads a certificate chain from a PEM-formatted file.
- Note
- calls
SSL_CTX_use_certificate_chain_file
◆ use_certificate_chain_file() [2/2]
|
nodiscard |
Loads a certificate chain from a PEM-formatted file.
- Note
- calls
SSL_CTX_use_certificate_chain_file
◆ use_certificate_file() [1/2]
|
nodiscard |
Loads the first certificate found in given file.
- Parameters
-
path Null-terminated string with a path to a single file.
◆ use_certificate_file() [2/2]
|
nodiscard |
Loads the first certificate found in given file.
- Parameters
-
path Null-terminated string with a path to a single file.
◆ use_private_key_file()
|
nodiscard |
Loads the first private key found in given file.
◆ verify_mode()
| void caf::net::ssl::context::verify_mode | ( | verify_t | flags | ) |
Overrides the verification mode for this context.
- Note
- calls
SSL_CTX_set_verify
The documentation for this class was generated from the following files:
- libcaf_net/caf/net/ssl/context.hpp
- libcaf_net/caf/net/ssl/context.cpp
Generated by
1.11.0