MySQL 8.4.3
Source Code Documentation
TlsClientContext Class Reference

Client TLS Context. More...

#include <tls_client_context.h>

Inheritance diagram for TlsClientContext:
[legend]

Classes

struct  Sessions
 
struct  SslSessionDeleter
 

Public Types

using SslSession = std::unique_ptr< SSL_SESSION, SslSessionDeleter >
 
- Public Types inherited from TlsContext
using InfoCallback = void(*)(const SSL *, int, int)
 

Public Member Functions

 TlsClientContext (TlsVerify mode=TlsVerify::PEER, bool session_cache_mode=false, size_t session_cache_size=0, std::chrono::seconds session_cache_timeout=std::chrono::seconds(0))
 
 TlsClientContext (const TlsClientContext &)=delete
 
 TlsClientContext (TlsClientContext &&)=default
 
TlsClientContextoperator= (const TlsClientContext &)=delete
 
TlsClientContextoperator= (TlsClientContext &&)=default
 
 ~TlsClientContext ()
 
stdx::expected< void, std::error_code > cipher_list (const std::string &ciphers)
 set cipher-list. More...
 
stdx::expected< void, std::error_code > cipher_suites (const std::string &ciphers)
 set cipher-suites of TLSv1.3. More...
 
stdx::expected< void, std::error_code > verify (TlsVerify verify)
 verification of certificates. More...
 
stdx::expected< void, std::error_code > verify_hostname (const std::string &server_host)
 verify hostname. More...
 
stdx::expected< void, std::error_code > add_session (SSL_SESSION *sess)
 add session. More...
 
stdx::expected< void, std::error_code > remove_session (SSL_SESSION *sess)
 remove session. More...
 
stdx::expected< SSL_SESSION *, std::error_code > get_session ()
 get session. More...
 
- Public Member Functions inherited from TlsContext
 TlsContext (const SSL_METHOD *method)
 construct a TlsContext based on the SSL_METHODs provided by openssl. More...
 
stdx::expected< void, std::error_code > ssl_ca (const std::string &ca_file, const std::string &ca_path)
 set CA file and CA directory. More...
 
stdx::expected< void, std::error_code > crl (const std::string &crl_file, const std::string &crl_path)
 set CRL file and CRL directory. More...
 
SSL_CTX * get () const
 get non-owning pointer to SSL_CTX. More...
 
stdx::expected< void, std::error_code > version_range (TlsVersion min_version, TlsVersion max_version)
 set the supported TLS version range. More...
 
TlsVersion min_version () const
 get the min TLS version. More...
 
stdx::expected< void, std::error_code > curves_list (const std::string &curves)
 init elliptic curves for DH ciphers for Perfect Forward Security. More...
 
std::vector< std::string > cipher_list () const
 get current cipher-list. More...
 
void info_callback (InfoCallback)
 set info callback. More...
 
InfoCallback info_callback () const
 get info callback More...
 
int security_level () const
 get security_level. More...
 
long session_cache_hits () const
 get session reuse cache hits number More...
 
stdx::expected< void, std::error_code > load_key_and_cert (const std::string &private_key_file, const std::string &cert_chain_file)
 load key and cert. More...
 

Private Attributes

std::unique_ptr< Sessionssessions_
 
bool session_cache_mode_
 
size_t session_cache_size_
 
std::chrono::seconds session_cache_timeout_
 

Additional Inherited Members

- Static Public Member Functions inherited from TlsContext
static constexpr bool has_set_curves_list ()
 if TLS context allows to change elliptic curves list. More...
 
static constexpr bool has_set_cipher_suites ()
 if TLS context allows setting cipher-suites (TLSv1.3 and later). More...
 
- Protected Attributes inherited from TlsContext
std::unique_ptr< SSL_CTX, decltype(&SSL_CTX_free)> ssl_ctx_
 

Detailed Description

Client TLS Context.

Member Typedef Documentation

◆ SslSession

using TlsClientContext::SslSession = std::unique_ptr<SSL_SESSION, SslSessionDeleter>

Constructor & Destructor Documentation

◆ TlsClientContext() [1/3]

TlsClientContext::TlsClientContext ( TlsVerify  mode = TlsVerify::PEER,
bool  session_cache_mode = false,
size_t  session_cache_size = 0,
std::chrono::seconds  session_cache_timeout = std::chrono::seconds(0) 
)

◆ TlsClientContext() [2/3]

TlsClientContext::TlsClientContext ( const TlsClientContext )
delete

◆ TlsClientContext() [3/3]

TlsClientContext::TlsClientContext ( TlsClientContext &&  )
default

◆ ~TlsClientContext()

TlsClientContext::~TlsClientContext ( )

Member Function Documentation

◆ add_session()

stdx::expected< void, std::error_code > TlsClientContext::add_session ( SSL_SESSION *  sess)

add session.

◆ cipher_list()

stdx::expected< void, std::error_code > TlsClientContext::cipher_list ( const std::string &  ciphers)

set cipher-list.

for TLSv1.2-and-earlier ciphers.

Parameters
cipherscolon separated list of ciphers
Note
list is not filtered for unacceptable ciphers
See also
openssl ciphers
cipher_suites()

◆ cipher_suites()

stdx::expected< void, std::error_code > TlsClientContext::cipher_suites ( const std::string &  ciphers)

set cipher-suites of TLSv1.3.

openssl 1.1.1 added support for TLSv1.3 and move setting those ciphers to SSL_CTX_set_ciphersuites().

Parameters
cipherscolon separated list of ciphers. empty == empty, "DEFAULT" is the default-set
Note
list is not filtered for unacceptable ciphers
See also
openssl ciphers
has_set_cipher_suites()

◆ get_session()

stdx::expected< SSL_SESSION *, std::error_code > TlsClientContext::get_session ( )

get session.

◆ operator=() [1/2]

TlsClientContext & TlsClientContext::operator= ( const TlsClientContext )
delete

◆ operator=() [2/2]

TlsClientContext & TlsClientContext::operator= ( TlsClientContext &&  )
default

◆ remove_session()

stdx::expected< void, std::error_code > TlsClientContext::remove_session ( SSL_SESSION *  sess)

remove session.

◆ verify()

stdx::expected< void, std::error_code > TlsClientContext::verify ( TlsVerify  verify)

verification of certificates.

◆ verify_hostname()

stdx::expected< void, std::error_code > TlsClientContext::verify_hostname ( const std::string &  server_host)

verify hostname.

Parameters
server_hosthostname or ip-address to match in the certificate.

Member Data Documentation

◆ session_cache_mode_

bool TlsClientContext::session_cache_mode_
private

◆ session_cache_size_

size_t TlsClientContext::session_cache_size_
private

◆ session_cache_timeout_

std::chrono::seconds TlsClientContext::session_cache_timeout_
private

◆ sessions_

std::unique_ptr<Sessions> TlsClientContext::sessions_
private

The documentation for this class was generated from the following files: