EHS Embedded HTTP Server  1.5.1.0
securesocket.h
1 /* $Id: securesocket.h 95 2012-03-31 21:08:13Z felfert $
2  *
3  * EHS is a library for embedding HTTP(S) support into a C++ application
4  *
5  * Copyright (C) 2004 Zachary J. Hansen
6  *
7  * Code cleanup, new features and bugfixes: Copyright (C) 2010 Fritz Elfert
8  *
9  * This library is free software; you can redistribute it and/or
10  * modify it under the terms of the GNU Lesser General Public
11  * License version 2.1 as published by the Free Software Foundation;
12  *
13  * This library is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16  * Lesser General Public License for more details.
17  *
18  * You should have received a copy of the GNU Lesser General Public
19  * License along with this library; if not, write to the Free Software
20  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21  *
22  * This can be found in the 'COPYING' file.
23  *
24  */
25 
26 #ifndef SECURE_SOCKET_H
27 #define SECURE_SOCKET_H
28 
29 #ifdef COMPILE_WITH_SSL
30 
31 #include <openssl/ssl.h>
32 #include <openssl/rand.h>
33 
34 #include <cstring>
35 #include <string>
36 #include <iostream>
37 
38 #include "socket.h"
39 #include "dynamicssllocking.h"
40 #include "staticssllocking.h"
41 #include "sslerror.h"
42 
43 
48 #define CIPHER_LIST "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"
49 
50 class PassphraseHandler;
51 
53 class SecureSocket : public Socket
54 {
55  private:
56  SecureSocket(const SecureSocket &);
57 
58  SecureSocket & operator=(const SecureSocket &);
59 
60  public:
61 
62  virtual void Init(int port);
63 
69  SecureSocket(const std::string & certfile = "",
70  PassphraseHandler *handler = NULL);
71 
73  virtual ~SecureSocket();
74 
75  virtual NetworkAbstraction *Accept();
76 
79  virtual bool IsSecure() const { return true; }
80 
81  virtual int Read(void *buf, int bufsize);
82 
83  virtual int Send(const void *buf, size_t buflen, int flags = 0);
84 
85  virtual void Close();
86 
87  virtual void ThreadCleanup();
88 
89  private:
90 
101  static int PassphraseCallback(char * buf, int bufsize, int rwflag, void * userdata);
102 
109  SecureSocket(SSL *ssl, ehs_socket_t fd, sockaddr_in *peer);
110 
112  SSL_CTX *InitializeCertificates();
113 
114  protected:
115 
117  SSL *m_pSsl;
118 
120  std::string m_sCertFile;
121 
123  PassphraseHandler * m_poPassphraseHandler;
124 
125  private:
126 
128  static DynamicSslLocking * s_pDynamicSslLocking;
129 
131  static StaticSslLocking * s_pStaticSslLocking;
132 
134  static SslError * s_pSslError;
135 
137  static SSL_CTX * s_pSslCtx;
138 
140  static int s_refcount;
141 
143  static pthread_mutex_t s_mutex;
144 };
145 
146 #endif // COMPILE_WITH_SSL
147 
148 #endif // SECURE_SOCKET_H
Socket::Init
virtual void Init(int port)
Initializes a listening socket.
Socket::Send
virtual int Send(const void *buf, size_t buflen, int flags=0)
Performs a send on the underlying socket.
Socket::Accept
virtual NetworkAbstraction * Accept()
Waits for an incoming connection.
Socket::Close
virtual void Close()
Closes the underlying socket.
Socket
plain socket implementation of NetworkAbstraction
Definition: socket.h:80
Socket::IsSecure
virtual bool IsSecure() const
Determines, whether the underlying socket is secure.
Definition: socket.h:123
Socket::Read
virtual int Read(void *buf, int bufsize)
Performs a read from the underlying socket.
NetworkAbstraction
Abstracts different socket types.
Definition: networkabstraction.h:49
Socket::ThreadCleanup
virtual void ThreadCleanup()
Handles thread specific clean up (used by OpenSSL).
Definition: socket.h:125
PassphraseHandler
This interface describes a handler for retrieving passphrases.
Definition: ehs.h:123