|
VideoTools
|
|
VideoTools
|
A TLS protocol class. More...
#include <gssl.h>
Public Types | |
| enum | Result { Result_ok, Result_read, Result_write, Result_error, Result_more } |
| typedef size_t | size_type |
| typedef ssize_t | ssize_type |
| typedef void(* | LogFn )(int, const std::string &) |
Public Member Functions | |
| Protocol (const Profile &, LogFn log_fn) | |
| Constructor. | |
| ~Protocol () | |
| Destructor. | |
| Result | connect (G::ReadWrite &io) |
| Starts the protocol actively (as a client). | |
| Result | accept (G::ReadWrite &io) |
| Starts the protocol passively (as a server). | |
| Result | stop () |
| Initiates the protocol shutdown. | |
| Result | read (char *buffer, size_type buffer_size_in, ssize_type &data_size_out) |
| Reads user data into the supplied buffer. More... | |
| Result | write (const char *buffer, size_type data_size_in, ssize_type &data_size_out) |
| Writes user data. More... | |
| std::pair< std::string, bool > | peerCertificate (int format=0) |
| Returns the peer certificate and a verified flag. More... | |
Static Public Member Functions | |
| static std::string | str (Result result) |
| Converts a result enumeration into a printable string. More... | |
A TLS protocol class.
A protocol object should be constructed for each secure socket. The Protocol::connect() and Protocol::accept() methods are used to link the connection's i/o methods with the Protocol object. Event handling for the connection is performed by the client code according to the result codes from read(), write(), connect() and accept().
Client code will generally need separate states to reflect an incomplete read(), write(), connect() or accept() in order that they can be retried. The distinction between a return code of Result_read or Result_write should dictate whether the connection is put into the event loop's read list or write list but it should not influence the resulting state; in each state socket read events and write events can be handled identically, by retrying the incomplete function call.
The protocol is half-duplex in the sense that it is not possible to read() data while a write() is incomplete or write() data while a read() is incomplete. (Nor is it allowed to issue a second call while the first is still incomplete.)
All logging is done indirectly through a logging function pointer; the first parameter is the logging level which is 1 for verbose debug messages, 2 for useful information, and 3 for warnings and errors.
| std::pair< std::string, bool > GSsl::Protocol::peerCertificate | ( | int | format = 0 | ) |
Returns the peer certificate and a verified flag.
The default format of the certificate is printable with embedded newlines. Depending on the implementation it may be in PEM format, which can be interpreted using (eg.) "openssl x509 -in foo.pem -noout -text".
Definition at line 120 of file gssl_none.cpp.
| GSsl::Protocol::Result GSsl::Protocol::read | ( | char * | buffer, |
| size_type | buffer_size_in, | ||
| ssize_type & | data_size_out | ||
| ) |
Reads user data into the supplied buffer.
Returns Result_read if there is not enough transport data to complete the internal TLS data packet. In this case the file descriptor should remain in the select() read list and the Protocol::read() should be retried using the same parameters once the file descriptor is ready to be read.
Returns Result_write if the TLS layer tried to write to the file descriptor and had flow control asserted. In this case the file descriptor should be added to the select() write list and the Protocol::read() should be retried using the same parameters once the file descriptor is ready to be written.
Returns Result_ok if the internal TLS data packet is complete and it has been completely deposited in the supplied buffer.
Returns Result_more if the internal TLS data packet is complete and the supplied buffer was too small to take it all. In this case there will be no read event to trigger more read()s, so beware of stalling.
Returns Result_error if the transport connnection was lost or if the TLS session was shut down by the peer or on error.
Definition at line 105 of file gssl_none.cpp.
|
static |
Converts a result enumeration into a printable string.
Used in logging and diagnostics.
Definition at line 115 of file gssl_none.cpp.
| GSsl::Protocol::Result GSsl::Protocol::write | ( | const char * | buffer, |
| size_type | data_size_in, | ||
| ssize_type & | data_size_out | ||
| ) |
Writes user data.
Returns Result_ok if fully sent.
Returns Result_read if the TLS layer needs more transport data (eg. for a renegotiation). The write() should be repeated using the same parameters on the file descriptor's next readable event.
Returns Result_write if the TLS layer was blocked in writing transport data. The write() should be repeated using the same parameters on the file descriptor's next writable event.
Never returns Result_more.
Returns Result_error if the transport connnection was lost or if the TLS session was shut down by the peer or on error.
Definition at line 110 of file gssl_none.cpp.
1.8.6 
