search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge pull request #2216 from jwillemsen/jwi-cxxversionchecks
[ACE_TAO.git] / ACE / protocols / ace / INet / HTTPS_Context.cpp
blob9bdb52864322e92d691c7699b98c0dd8a4a0ba87
1 #include "ace/INet/HTTPS_Context.h"
2
3 #if !defined (__ACE_INLINE__)
4 #include "ace/INet/HTTPS_Context.inl"
5 #endif
6
7 #include "ace/OS_NS_stdlib.h"
8 #include "ace/OS_NS_unistd.h"
9 #include "ace/OS_NS_sys_stat.h"
10 #include "ace/INet/INet_Log.h"
11
12 ACE_BEGIN_VERSIONED_NAMESPACE_DECL
13
14 namespace ACE
15 {
16 namespace HTTPS
17 {
18 int Context::ssl_mode_ = ACE_SSL_Context::SSLv23;
19 bool Context::ssl_strict_ = false;
20 bool Context::ssl_once_ = true;
21 int Context::ssl_depth_ = 0;
22 bool Context::ssl_verify_peer_ = true;
23
24 Context::Context (bool verify_peer,
25 bool strict,
26 bool once,
27 int depth,
28 int ssl_mode,
29 ACE_SSL_Context* ssl_ctx,
30 bool release,
31 ACE::INet::SSL_CallbackManager* ssl_cbmngr)
32 : ssl_ctx_ (0)
33 {
34 if (ssl_ctx == 0)
35 {
36 ACE_NEW_NORETURN (ssl_ctx, ACE_SSL_Context ());
37 release = true;
38 }
39 if (ssl_ctx != 0)
40 {
41 if (release)
42 {
43 this->alloc_safe.reset (ssl_ctx);
44 }
45 this->ssl_ctx_ = ssl_ctx;
46
47 this->ssl_ctx_->set_mode (ssl_mode);
48 if (verify_peer)
49 this->ssl_ctx_->set_verify_peer (strict ? 1 : 0,
50 once ? 1 : 0,
51 depth);
52 if (ssl_cbmngr != 0)
53 ssl_cbmngr->initialize_callbacks (this->ssl_ctx_);
54 // do this to be sure that these settings have been properly set
55 // ACE_SSL_Context does not handle this quite correctly
56 ::SSL_CTX_set_verify (this->ssl_ctx_->context (),
57 this->ssl_ctx_->default_verify_mode (),
58 this->ssl_ctx_->default_verify_callback ());
59 INET_DEBUG (9,(LM_INFO, DLINFO
60 ACE_TEXT ("HTTPS_Context::ctor - ")
61 ACE_TEXT ("ssl_mode = [%d], ")
62 ACE_TEXT ("verify_peer = [%d], ")
63 ACE_TEXT ("verify_mode = [%d]\n"),
64 this->ssl_ctx_->get_mode (),
65 (verify_peer ? 1 : 0),
66 this->ssl_ctx_->default_verify_mode ()));
67 }
68 }
69
70 Context::Context (ACE_SSL_Context* ssl_ctx,
71 bool release,
72 ACE::INet::SSL_CallbackManager* ssl_cbmngr)
73 : ssl_ctx_ (ssl_ctx)
74 {
75 if (this->ssl_ctx_ != 0)
76 {
77 if (release)
78 this->alloc_safe.reset (this->ssl_ctx_);
79
80 if (ssl_cbmngr != 0)
81 ssl_cbmngr->initialize_callbacks (this->ssl_ctx_);
82 }
83 }
84
85 Context& Context::instance ()
86 {
87 return *ACE_Unmanaged_Singleton<Context, ACE_SYNCH::MUTEX>::instance ();
88 }
89
90 Context::~Context ()
91 {
92 }
93
94 bool Context::load_trusted_ca (const char* ca_location)
95 {
96 ACE_stat stat;
97 if (ca_location != 0 && ACE_OS::stat (ca_location, &stat) == 0)
98 {
99 bool is_dir = ((stat.st_mode & S_IFMT) == S_IFDIR);
100 if (this->ssl_ctx_->load_trusted_ca (is_dir ? 0 : ca_location,
101 is_dir ? ca_location : 0,
102 false) == 0)
103 return true;
104 }
105 else
106 {
107 INET_ERROR (1, (LM_ERROR, DLINFO
108 ACE_TEXT ("Context::load_trusted_ca - ")
109 ACE_TEXT ("invalid ca_location [%C]\n"),
110 ca_location == 0 ? "(null)" : ca_location));
111 }
112 return false;
113 }
114
115 }
116 }
117
118 ACE_END_VERSIONED_NAMESPACE_DECL