wraps SSL_CTX.  
 More...
#include <tls_context.h>
|  | 
| std::unique_ptr< SSL_CTX, decltype(&SSL_CTX_free)> | ssl_ctx_ | 
|  | 
wraps SSL_CTX. 
TODO:
- SSL_CTX_set_session_cache_mode()
- SSL_CTX_set_alpn_select_cb()
- SSL_CTX_set_tlsext_ticket_key_cb()
- SSL_CTX_set_tlsext_servername_callback() for SNI
- SSL_CTX_set_cert_verify_callback() vs. SSL_CTX_set_verify() 
◆ InfoCallback
◆ TlsContext()
  
  | 
        
          | TlsContext::TlsContext | ( | const SSL_METHOD * | method | ) |  |  | explicit | 
 
construct a TlsContext based on the SSL_METHODs provided by openssl. 
 
 
◆ cipher_list()
      
        
          | std::vector< std::string > TlsContext::cipher_list | ( |  | ) | const | 
      
 
 
◆ crl()
      
        
          | stdx::expected< void, std::error_code > TlsContext::crl | ( | const std::string & | crl_file, | 
        
          |  |  | const std::string & | crl_path | 
        
          |  | ) |  |  | 
      
 
set CRL file and CRL directory. 
Search-order:
- crl_file (if not empty)
- all PEMs in crl_dir (if not empty)
- See also
- X509_STORE_load_locations
- Parameters
- 
  
    | crl_file | path to a PEM file containing CRL file, ignored if empty() |  | crl_path | path to a directory of PEM files containing CRL files, ignored if empty() |  
 
- Returns
- success 
- Return values
- 
  
    | false | if both ca_file and ca_path are empty |  
 
 
 
◆ curves_list()
      
        
          | stdx::expected< void, std::error_code > TlsContext::curves_list | ( | const std::string & | curves | ) |  | 
      
 
init elliptic curves for DH ciphers for Perfect Forward Security. 
- Note
- uses P-512, P-384 or P-256 
- See also
- RFC 5480 
- 
has_curves()
- Parameters
- 
  
    | curves | colon-separated names of curves |  
 
- Exceptions
- 
  
    | TlsError |  |  | std::invalid_argument | if API isn't supported |  
 
- See also
- has_set_curves_list() 
 
 
◆ get()
  
  | 
        
          | SSL_CTX * TlsContext::get | ( |  | ) | const |  | inline | 
 
get non-owning pointer to SSL_CTX. 
 
 
◆ has_set_cipher_suites()
  
  | 
        
          | static constexpr bool TlsContext::has_set_cipher_suites | ( |  | ) |  |  | inlinestaticconstexpr | 
 
if TLS context allows setting cipher-suites (TLSv1.3 and later). 
- Returns
- if cipher_suites() is supported. 
- Return values
- 
  
    | false | cipher_suites() is not supported |  
 
 
 
◆ has_set_curves_list()
  
  | 
        
          | static constexpr bool TlsContext::has_set_curves_list | ( |  | ) |  |  | inlinestaticconstexpr | 
 
if TLS context allows to change elliptic curves list. 
- Returns
- if curves_list() is supported. 
- Return values
- 
  
    | false | curves_list() is not supported |  
 
 
 
◆ info_callback() [1/2]
◆ info_callback() [2/2]
◆ min_version()
◆ security_level()
      
        
          | int TlsContext::security_level | ( |  | ) | const | 
      
 
 
◆ session_cache_hits()
      
        
          | long TlsContext::session_cache_hits | ( |  | ) | const | 
      
 
get session reuse cache hits number 
 
 
◆ ssl_ca()
      
        
          | stdx::expected< void, std::error_code > TlsContext::ssl_ca | ( | const std::string & | ca_file, | 
        
          |  |  | const std::string & | ca_path | 
        
          |  | ) |  |  | 
      
 
set CA file and CA directory. 
Search-order:
- ca_file (if not empty)
- all PEMs in ca_dir (if not empty)
- See also
- SSL_CTX_load_verify_locations
- Parameters
- 
  
    | ca_file | path to a PEM file containing a certificate of a CA, ignored if empty() |  | ca_path | path to a directory of PEM files containing certifications, ignored if empty() of CAs |  
 
- Returns
- success 
- Return values
- 
  
    | false | if both ca_file and ca_path are empty |  
 
 
 
◆ version_range()
set the supported TLS version range. 
 
 
◆ ssl_ctx_
  
  | 
        
          | std::unique_ptr<SSL_CTX, decltype(&SSL_CTX_free)> TlsContext::ssl_ctx_ |  | protected | 
 
 
The documentation for this class was generated from the following files: