sipxportlib
Version 3.3
|
Wrapper for the OpenSSL SSL_CTX context structure. This class is responsible for all global policy initialization and enforcement. More...
#include <OsSSL.h>
Public Member Functions | |
OsSSL (const char *authorityPath=NULL, const char *publicCertificatePath=NULL, const char *privateKeyPath=NULL) | |
Construct an SSL Context from which connections are created. More... | |
~OsSSL () | |
SSL * | getServerConnection () |
Get an SSL server connection handle. More... | |
SSL * | getClientConnection () |
Get an SSL client connection handle. More... | |
void | releaseConnection (SSL *&connection) |
Release an SSL session handle. More... | |
void | dumpCipherList () |
Debug: print out list of ciphers enabled. More... | |
Static Public Member Functions | |
static bool | peerIdentity (SSL *connection, UtlSList *altNames, UtlString *commonName) |
Get the validated names for the connection peer. More... | |
static void | logConnectParams (const OsSysLogFacility facility, const OsSysLogPriority priority, const char *callerMsg, SSL *connection) |
Log SSL connection information. More... | |
static void | logError (const OsSysLogFacility facility, const OsSysLogPriority priority, const char *callerMsg, int errCode) |
Log an error resulting from an SSL call, with the SSL error text expanded. More... | |
Wrapper for the OpenSSL SSL_CTX context structure. This class is responsible for all global policy initialization and enforcement.
OsSSL | ( | const char * | authorityPath = NULL , |
const char * | publicCertificatePath = NULL , |
||
const char * | privateKeyPath = NULL |
||
) |
Construct an SSL Context from which connections are created.
authorityPath | Path to a directory containing trusted certificates files; If NULL, compiled-in default is used |
publicCertificatePath | Path to certificate file; If NULL, compiled-in default is used |
privateKeyPath | Path to private key file; If NULL, compiled-in default is used. |
~OsSSL | ( | ) |
SSL* getServerConnection | ( | ) |
Get an SSL server connection handle.
SSL* getClientConnection | ( | ) |
Get an SSL client connection handle.
void releaseConnection | ( | SSL *& | connection | ) |
Release an SSL session handle.
Get the validated names for the connection peer.
Usually, the names in the altNames will be easier to parse and use than commonName Either or both of altNames or commonName may be NULL, in which case no names are returned; the return value still indicates the trust relationship with the peer certificate.
connection | SSL context from connection to be described |
altNames | UtlStrings for verfied subjectAltNames are added to this - caller must free them. |
commonName | the Subject name is returned here |
|
static |
Log SSL connection information.
facility | callers facility |
priority | log priority |
callerMsg | Identifies circumstances of connection |
connection | SSL connection to be described |
|
static |
Log an error resulting from an SSL call, with the SSL error text expanded.
facility | callers facility |
priority | how bad was it? |
callerMsg | Identifies caller and what failed |
errCode | error returned from ssl routine |
void dumpCipherList | ( | ) |
Debug: print out list of ciphers enabled.