C++ Actor Framework 1.0.0
Loading...
Searching...
No Matches
caf::net::ssl::context Class Reference

SSL state, shared by multiple connections. More...

#include <context.hpp>

Public Member Functions

 context (std::nullptr_t)
 
 context (context &&other)
 
contextoperator= (context &&other)
 
 operator bool () const noexcept
 
bool operator! () const noexcept
 
void verify_mode (verify_t flags)
 Overrides the verification mode for this context.
 
template<typename PasswordCallback >
void password_callback (PasswordCallback callback)
 Overrides the callback to obtain the password for encrypted PEM files.
 
void password (std::string password)
 Overrides the callback to obtain the password for encrypted PEM files with a function that always returns password.
 
void * native_handle () const noexcept
 Retrieves the native handle from the context.
 
expected< connectionnew_connection (stream_socket fd)
 Creates a new SSL connection on fd.
 
expected< connectionnew_connection (stream_socket fd, close_on_shutdown_t)
 Creates a new SSL connection on fd.
 
bool enable_default_verify_paths ()
 Configure the context to use the default locations for loading CA certificates.
 
bool add_verify_path (const char *path)
 Configures the context to load CA certificate from a directory.
 
bool add_verify_path (const std::string &path)
 Configures the context to load CA certificate from a directory.
 
bool load_verify_file (const char *path)
 Loads a CA certificate file.
 
bool load_verify_file (const std::string &path)
 Loads a CA certificate file.
 
bool use_certificate_file (const char *path, format file_format)
 Loads the first certificate found in given file.
 
bool use_certificate_file (const std::string &path, format file_format)
 Loads the first certificate found in given file.
 
bool use_certificate_chain_file (const char *path)
 Loads a certificate chain from a PEM-formatted file.
 
bool use_certificate_chain_file (const std::string &path)
 Loads a certificate chain from a PEM-formatted file.
 
bool use_private_key_file (const char *path, format file_format)
 Loads the first private key found in given file.
 
bool use_private_key_file (const std::string &path, format file_format)
 Loads the first private key found in given file.
 

Static Public Member Functions

static expected< void > enable (bool flag)
 Starting point for chaining expected<T>::and_then() invocations, whereas the next function in the chain should create the SSL context depending on the value of flag.
 
static expected< contextmake (tls min_version, tls max_version=tls::any)
 Returns a generic SSL context with TLS.
 
static expected< contextmake_server (tls min_version, tls max_version=tls::any)
 Returns a SSL context with TLS for a server role.
 
static expected< contextmake_client (tls min_version, tls max_version=tls::any)
 Returns a SSL context with TLS for a client role.
 
static expected< contextmake (dtls min_version, dtls max_version=dtls::any)
 Returns a generic SSL context with DTLS.
 
static expected< contextmake_server (dtls min_version, dtls max_version=dtls::any)
 Returns a SSL context with DTLS for a server role.
 
static expected< contextmake_client (dtls min_version, dtls max_version=dtls::any)
 Returns a SSL context with TLS for a client role.
 
static context from_native (void *native_handle)
 Reinterprets native_handle as the native implementation type and takes ownership of the handle.
 
static std::string next_error_string ()
 Retrieves a human-readable error description for a preceding call to another member functions and removes that error from the thread-local error queue.
 
static void append_next_error_string (std::string &buf)
 Retrieves a human-readable error description for a preceding call to another member functions, appends the generated string to buf and removes that error from the thread-local error queue.
 
static std::string last_error_string ()
 Convenience function for calling next_error_string repeatedly until has_error returns false.
 
static bool has_error () noexcept
 Queries whether the thread-local error stack has at least one entry.
 
static error last_error ()
 Retrieves all errors from the thread-local error queue and assembles them into a single error string.
 
static error last_error_or (error default_error)
 Returns last_error or default_error if the former is default-constructed.
 
static error last_error_or_unexpected (std::string_view description)
 Returns last_error or an error that represents an unexpected failure if the former is default-constructed.
 

Detailed Description

SSL state, shared by multiple connections.

Member Function Documentation

◆ add_verify_path() [1/2]

bool caf::net::ssl::context::add_verify_path ( const char * path)
nodiscard

Configures the context to load CA certificate from a directory.

Parameters
pathNull-terminated string with a path to a directory. Files in the directory must use the CA subject name hash value as file name with a suffix to disambiguate multiple certificates, e.g., 9d66eef0.0 and 9d66eef0.1.
Returns
true on success, false otherwise and last_error can be used to retrieve a human-readable error representation.
Note
Calls SSL_CTX_load_verify_locations

◆ add_verify_path() [2/2]

bool caf::net::ssl::context::add_verify_path ( const std::string & path)
nodiscard

Configures the context to load CA certificate from a directory.

Parameters
pathNull-terminated string with a path to a directory. Files in the directory must use the CA subject name hash value as file name with a suffix to disambiguate multiple certificates, e.g., 9d66eef0.0 and 9d66eef0.1.
Returns
true on success, false otherwise and last_error can be used to retrieve a human-readable error representation.
Note
Calls SSL_CTX_load_verify_locations

◆ append_next_error_string()

void caf::net::ssl::context::append_next_error_string ( std::string & buf)
static

Retrieves a human-readable error description for a preceding call to another member functions, appends the generated string to buf and removes that error from the thread-local error queue.

Call repeatedly until has_error returns false to retrieve all errors from the queue.

◆ enable_default_verify_paths()

bool caf::net::ssl::context::enable_default_verify_paths ( )
nodiscard

Configure the context to use the default locations for loading CA certificates.

Returns
true on success, false otherwise and last_error can be used to retrieve a human-readable error representation.

◆ last_error()

error caf::net::ssl::context::last_error ( )
static

Retrieves all errors from the thread-local error queue and assembles them into a single error string.

Returns
all error strings from the thread-local error queue or

◆ load_verify_file() [1/2]

bool caf::net::ssl::context::load_verify_file ( const char * path)
nodiscard

Loads a CA certificate file.

Parameters
pathNull-terminated string with a path to a single PEM file.
Returns
true on success, false otherwise and last_error can be used to retrieve a human-readable error representation.
Note
Calls SSL_CTX_load_verify_locations

◆ load_verify_file() [2/2]

bool caf::net::ssl::context::load_verify_file ( const std::string & path)
nodiscard

Loads a CA certificate file.

Parameters
pathNull-terminated string with a path to a single PEM file.
Returns
true on success, false otherwise and last_error can be used to retrieve a human-readable error representation.
Note
Calls SSL_CTX_load_verify_locations

◆ new_connection() [1/2]

expected< connection > caf::net::ssl::context::new_connection ( stream_socket fd)

Creates a new SSL connection on fd.

The connection does not take ownership of the socket, i.e., does not close the socket when the SSL session ends.

◆ new_connection() [2/2]

expected< connection > caf::net::ssl::context::new_connection ( stream_socket fd,
close_on_shutdown_t  )

Creates a new SSL connection on fd.

The connection takes ownership of the socket, i.e., closes the socket when the SSL session ends.

◆ next_error_string()

std::string caf::net::ssl::context::next_error_string ( )
static

Retrieves a human-readable error description for a preceding call to another member functions and removes that error from the thread-local error queue.

Call repeatedly until has_error returns false to retrieve all errors from the queue.

◆ password()

void caf::net::ssl::context::password ( std::string password)

Overrides the callback to obtain the password for encrypted PEM files with a function that always returns password.

Note
calls SSL_CTX_set_default_passwd_cb

◆ password_callback()

template<typename PasswordCallback >
void caf::net::ssl::context::password_callback ( PasswordCallback callback)

Overrides the callback to obtain the password for encrypted PEM files.

Note
calls SSL_CTX_set_default_passwd_cb

◆ use_certificate_chain_file() [1/2]

bool caf::net::ssl::context::use_certificate_chain_file ( const char * path)
nodiscard

Loads a certificate chain from a PEM-formatted file.

Note
calls SSL_CTX_use_certificate_chain_file

◆ use_certificate_chain_file() [2/2]

bool caf::net::ssl::context::use_certificate_chain_file ( const std::string & path)
nodiscard

Loads a certificate chain from a PEM-formatted file.

Note
calls SSL_CTX_use_certificate_chain_file

◆ use_certificate_file() [1/2]

bool caf::net::ssl::context::use_certificate_file ( const char * path,
format file_format )
nodiscard

Loads the first certificate found in given file.

Parameters
pathNull-terminated string with a path to a single file.

◆ use_certificate_file() [2/2]

bool caf::net::ssl::context::use_certificate_file ( const std::string & path,
format file_format )
nodiscard

Loads the first certificate found in given file.

Parameters
pathNull-terminated string with a path to a single file.

◆ use_private_key_file()

bool caf::net::ssl::context::use_private_key_file ( const std::string & path,
format file_format )
nodiscard

Loads the first private key found in given file.

◆ verify_mode()

void caf::net::ssl::context::verify_mode ( verify_t flags)

Overrides the verification mode for this context.

Note
calls SSL_CTX_set_verify

The documentation for this class was generated from the following files: