gloox
1.0.28
|
#include <tlsdefault.h>
Public Types | |
enum | Type { VerifyingClient = 1 , AnonymousClient = 2 , VerifyingServer = 4 , AnonymousServer = 8 } |
Public Member Functions | |
TLSDefault (TLSHandler *th, const std::string server, Type type=VerifyingClient) | |
virtual | ~TLSDefault () |
virtual bool | init (const std::string &clientKey=EmptyString, const std::string &clientCerts=EmptyString, const StringList &cacerts=StringList()) |
virtual bool | encrypt (const std::string &data) |
virtual int | decrypt (const std::string &data) |
virtual void | cleanup () |
virtual bool | handshake () |
virtual bool | isSecure () const |
virtual bool | hasChannelBinding () const |
virtual const std::string | channelBinding () const |
virtual const std::string | channelBindingType () const |
virtual void | setCACerts (const StringList &cacerts) |
virtual const CertInfo & | fetchTLSInfo () const |
virtual void | setClientCert (const std::string &clientKey, const std::string &clientCerts) |
Public Member Functions inherited from TLSBase | |
TLSBase (TLSHandler *th, const std::string server) | |
virtual | ~TLSBase () |
void | setInitLib (bool init) |
Static Public Member Functions | |
static int | types () |
This is an abstraction of the various TLS backends.
You should use an instance of this class should you whish to use TLS encryption. TLS support for the main XMPP connection is managed by Client/ClientBase directly.
Definition at line 33 of file tlsdefault.h.
enum Type |
Supported TLS types.
Definition at line 40 of file tlsdefault.h.
TLSDefault | ( | TLSHandler * | th, |
const std::string | server, | ||
Type | type = VerifyingClient |
||
) |
Constructs a new TLS wrapper.
th | The TLSHandler to handle TLS-related events. |
server | The server to use in certificate verification. |
type | What you want to use this TLS object for. |
Definition at line 38 of file tlsdefault.cpp.
|
virtual |
Virtual Destructor.
Definition at line 74 of file tlsdefault.cpp.
|
virtual |
Returns the channel binding data for the established connection.
Reimplemented from TLSBase.
Definition at line 134 of file tlsdefault.cpp.
|
virtual |
Returns the type of channel binding to be used with SCRAM-SHA-1-PLUS.
Reimplemented from TLSBase.
Definition at line 139 of file tlsdefault.cpp.
|
virtual |
This function performs internal cleanup and will be called after a failed handshake attempt.
Implements TLSBase.
Definition at line 113 of file tlsdefault.cpp.
|
virtual |
Use this function to feed encrypted data or received handshake data to the encryption implementation. Handshake data will be eaten, unencrypted data will be pushed to the TLSHandler's handleDecryptedData() function.
data | The data to decrypt. |
Implements TLSBase.
Definition at line 108 of file tlsdefault.cpp.
|
virtual |
Use this function to feed unencrypted data to the encryption implementation. The encrypted result will be pushed to the TLSHandler's handleEncryptedData() function.
data | The data to encrypt. |
Implements TLSBase.
Definition at line 103 of file tlsdefault.cpp.
|
virtual |
This function is used to retrieve certificate and connection info of a encrypted connection.
Reimplemented from TLSBase.
Definition at line 150 of file tlsdefault.cpp.
|
virtual |
This functiopn performs the TLS handshake. Handshake data from the server side should be fed in using decrypt(). Handshake data that is to be sent to the other side is pushed through TLSBase's handleEncryptedData().
Implements TLSBase.
Definition at line 119 of file tlsdefault.cpp.
|
virtual |
This function indicates whether the underlying TLS implementation supports channel binding (used in e.g. SASL SCRAM-SHA-1-PLUS).
Reimplemented from TLSBase.
Definition at line 129 of file tlsdefault.cpp.
|
virtual |
Initializes the TLS module. This function must be called (and execute successfully) before the module can be used.
clientKey | The absolute path to the user's private key in PEM format. |
clientCerts | A path to a certificate bundle in PEM format. |
cacerts | A list of absolute paths to CA root certificate files in PEM format. |
Implements TLSBase.
Definition at line 79 of file tlsdefault.cpp.
|
virtual |
Returns the state of the encryption.
Reimplemented from TLSBase.
Definition at line 124 of file tlsdefault.cpp.
|
virtual |
Use this function to set a number of trusted root CA certificates which shall be used to verify a servers certificate.
cacerts | A list of absolute paths to CA root certificate files in PEM format. |
Implements TLSBase.
Definition at line 144 of file tlsdefault.cpp.
|
virtual |
Use this function to set the user's certificate and private key. The certificate will be presented to the server upon request and can be used for SASL EXTERNAL authentication. The user's certificate file should be a bundle of more than one certificate in PEM format. The first one in the file should be the user's certificate, each cert following that one should have signed the previous one.
clientKey | The absolute path to the user's private key in PEM format. |
clientCerts | A path to a certificate bundle in PEM format. |
Implements TLSBase.
Definition at line 155 of file tlsdefault.cpp.
|
static |
Returns an ORed list of supported TLS types.
Definition at line 87 of file tlsdefault.cpp.