MySQL 8.4.2
Source Code Documentation
|
Client TLS Context. More...
#include <tls_client_context.h>
Classes | |
struct | Sessions |
struct | SslSessionDeleter |
Public Types | |
using | SslSession = std::unique_ptr< SSL_SESSION, SslSessionDeleter > |
Public Types inherited from TlsContext | |
using | InfoCallback = void(*)(const SSL *, int, int) |
Public Member Functions | |
TlsClientContext (TlsVerify mode=TlsVerify::PEER, bool session_cache_mode=false, size_t session_cache_size=0, std::chrono::seconds session_cache_timeout=std::chrono::seconds(0)) | |
TlsClientContext (const TlsClientContext &)=delete | |
TlsClientContext (TlsClientContext &&)=default | |
TlsClientContext & | operator= (const TlsClientContext &)=delete |
TlsClientContext & | operator= (TlsClientContext &&)=default |
~TlsClientContext () | |
stdx::expected< void, std::error_code > | cipher_list (const std::string &ciphers) |
set cipher-list. More... | |
stdx::expected< void, std::error_code > | cipher_suites (const std::string &ciphers) |
set cipher-suites of TLSv1.3. More... | |
stdx::expected< void, std::error_code > | verify (TlsVerify verify) |
verification of certificates. More... | |
stdx::expected< void, std::error_code > | verify_hostname (const std::string &server_host) |
verify hostname. More... | |
stdx::expected< void, std::error_code > | add_session (SSL_SESSION *sess) |
add session. More... | |
stdx::expected< void, std::error_code > | remove_session (SSL_SESSION *sess) |
remove session. More... | |
stdx::expected< SSL_SESSION *, std::error_code > | get_session () |
get session. More... | |
Public Member Functions inherited from TlsContext | |
TlsContext (const SSL_METHOD *method) | |
construct a TlsContext based on the SSL_METHODs provided by openssl. More... | |
stdx::expected< void, std::error_code > | ssl_ca (const std::string &ca_file, const std::string &ca_path) |
set CA file and CA directory. More... | |
stdx::expected< void, std::error_code > | crl (const std::string &crl_file, const std::string &crl_path) |
set CRL file and CRL directory. More... | |
SSL_CTX * | get () const |
get non-owning pointer to SSL_CTX. More... | |
stdx::expected< void, std::error_code > | version_range (TlsVersion min_version, TlsVersion max_version) |
set the supported TLS version range. More... | |
TlsVersion | min_version () const |
get the min TLS version. More... | |
stdx::expected< void, std::error_code > | curves_list (const std::string &curves) |
init elliptic curves for DH ciphers for Perfect Forward Security. More... | |
std::vector< std::string > | cipher_list () const |
get current cipher-list. More... | |
void | info_callback (InfoCallback) |
set info callback. More... | |
InfoCallback | info_callback () const |
get info callback More... | |
int | security_level () const |
get security_level. More... | |
long | session_cache_hits () const |
get session reuse cache hits number More... | |
stdx::expected< void, std::error_code > | load_key_and_cert (const std::string &private_key_file, const std::string &cert_chain_file) |
load key and cert. More... | |
Private Attributes | |
std::unique_ptr< Sessions > | sessions_ |
bool | session_cache_mode_ |
size_t | session_cache_size_ |
std::chrono::seconds | session_cache_timeout_ |
Additional Inherited Members | |
Static Public Member Functions inherited from TlsContext | |
static constexpr bool | has_set_curves_list () |
if TLS context allows to change elliptic curves list. More... | |
static constexpr bool | has_set_cipher_suites () |
if TLS context allows setting cipher-suites (TLSv1.3 and later). More... | |
Protected Attributes inherited from TlsContext | |
std::unique_ptr< SSL_CTX, decltype(&SSL_CTX_free)> | ssl_ctx_ |
Client TLS Context.
using TlsClientContext::SslSession = std::unique_ptr<SSL_SESSION, SslSessionDeleter> |
TlsClientContext::TlsClientContext | ( | TlsVerify | mode = TlsVerify::PEER , |
bool | session_cache_mode = false , |
||
size_t | session_cache_size = 0 , |
||
std::chrono::seconds | session_cache_timeout = std::chrono::seconds(0) |
||
) |
|
delete |
|
default |
TlsClientContext::~TlsClientContext | ( | ) |
stdx::expected< void, std::error_code > TlsClientContext::add_session | ( | SSL_SESSION * | sess | ) |
add session.
stdx::expected< void, std::error_code > TlsClientContext::cipher_list | ( | const std::string & | ciphers | ) |
set cipher-list.
for TLSv1.2-and-earlier ciphers.
ciphers | colon separated list of ciphers |
stdx::expected< void, std::error_code > TlsClientContext::cipher_suites | ( | const std::string & | ciphers | ) |
set cipher-suites of TLSv1.3.
openssl 1.1.1 added support for TLSv1.3 and move setting those ciphers to SSL_CTX_set_ciphersuites().
ciphers | colon separated list of ciphers. empty == empty, "DEFAULT" is the default-set |
stdx::expected< SSL_SESSION *, std::error_code > TlsClientContext::get_session | ( | ) |
get session.
|
delete |
|
default |
stdx::expected< void, std::error_code > TlsClientContext::remove_session | ( | SSL_SESSION * | sess | ) |
remove session.
stdx::expected< void, std::error_code > TlsClientContext::verify | ( | TlsVerify | verify | ) |
verification of certificates.
stdx::expected< void, std::error_code > TlsClientContext::verify_hostname | ( | const std::string & | server_host | ) |
verify hostname.
server_host | hostname or ip-address to match in the certificate. |
|
private |
|
private |
|
private |
|
private |