MySQL 9.0.0
Source Code Documentation
ssl_acceptor_context_data.h
Go to the documentation of this file.
1/* Copyright (c) 2020, 2024, Oracle and/or its affiliates.
2
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License, version 2.0,
5 as published by the Free Software Foundation.
6
7 This program is designed to work with certain software (including
8 but not limited to OpenSSL) that is licensed under separate terms,
9 as designated in a particular file or component or in included license
10 documentation. The authors of MySQL hereby grant you an additional
11 permission to link the program and your derivative works with the
12 separately licensed software that they have either included with
13 the program or referenced in the documentation.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License, version 2.0, for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
23
24#ifndef SSL_ACCEPTOR_CONTEXT_DATA_INCLUDED
25#define SSL_ACCEPTOR_CONTEXT_DATA_INCLUDED
26
27#include <string>
28
29#include "my_rcu_lock.h" /* MyRcuLock */
30#include "openssl/ossl_typ.h" /* SSL */
31#include "sql/ssl_init_callback.h" /* Ssl_init_callback */
32#include "violite.h" /* st_VioSSLFd, enum_ssl_init_error */
33
35class TLS_channel;
37
38/**
39 Properties exposed by Ssl Acceptor context
40
41 Note: Add new value before "last" and update
42 Ssl_acceptor_context_propert_type_names.
43*/
46 accepts,
73 last
74};
75/**
76 Note: Add new value before "last" and update
77 Ssl_acceptor_context_propert_type_names.
78*/
79
80/**
81 Fetch a string representation of SSL acceptor context property
82
83 @param [in] property_type Property type
84
85 @returns name of the property
86*/
87std::string Ssl_ctx_property_name(
89
90/**
91 Increment operator for Ssl_acceptor_context_type
92 Used by iterator
93
94 @param [in,out] property_type Current position in Ssl_acceptor_context_type
95
96 @returns incremented value for property_type
97*/
100
101/**
102 Container of SSL Acceptor context data
103*/
105 public:
106 /**
107 Ctor
108
109 @param [in] channel Name of the channel
110 @param [in] callbacks TLS context initialization callbacks
111 to get values of various options and
112 perform validation
113 @param [in] report_ssl_error Report any SSL errors resulting from trying
114 to initialize the SSL_CTX to error log
115 @param [out] out_error An optional slot to return SSL_CTX
116 initialization error information
117 */
119 bool report_ssl_error = true,
120 enum enum_ssl_init_error *out_error = nullptr);
121
122 /** Destructor */
124
125 protected:
126 /* Disable copy/assignment */
129 delete;
130
131 /* Disable move constructs */
134
135 /**
136 Fetch given property from underlying TLS context
137
138 @param [in] property_type Property to be fetched
139
140 @returns Value of property for given context. Empty in case of failure.
141 */
142 std::string show_property(
143 Ssl_acceptor_context_property_type property_type) const;
144
145 /** TLS context validity */
146 bool have_ssl() const { return ssl_acceptor_fd_ != nullptr; }
147
148 /** Get channel name */
149 const char *channel_name() const { return channel_.c_str(); }
150
151 /** Get Acceptor context */
152 operator struct st_VioSSLFd *() { return ssl_acceptor_fd_; }
153
154 /** Get SSL handle */
155 operator SSL *() { return acceptor_; }
156
157 /** Get current CA */
158 const char *current_ca() const { return current_ca_.c_str(); }
159
160 /** Get current CA Path */
161 const char *current_capath() const { return current_capath_.c_str(); }
162
163 /** Get current Certificate */
164 const char *current_cert() const { return current_cert_.c_str(); }
165
166 /** Get current Key */
167 const char *current_key() const { return current_key_.c_str(); }
168
169 /** Get current CRL certificate */
170 const char *current_crl() const { return current_crl_.c_str(); }
171
172 /** Get current CRL Path */
173 const char *current_crlpath() const { return current_crlpath_.c_str(); }
174
175 /** Get current TLS version */
176 const char *current_version() const { return current_version_.c_str(); }
177
178 /** Get current TLSv1.2 ciphers */
179 const char *current_cipher() const { return current_cipher_.c_str(); }
180
181 /** Get current TLSv1.3 ciphers */
182 const char *current_ciphersuites() const {
184 }
185
186 private:
187 /** Channel name */
188 std::string channel_;
189
190 /** SSL_CTX barerer */
192
193 /**
194 An SSL for @ref ssl_acceptor_fd_ to allow access to parameters not in
195 SSL_CTX to be available even if the current connection is not
196 encrypted.
197 */
199
200 /**
201 Copies of the current effective values for quick return via the
202 status vars
203 */
209
210 /* F.R.I.E.N.D.S. */
212 friend class TLS_channel;
214};
215
216#endif // SSL_ACCEPTOR_CONTEXT_DATA_INCLUDED
TLS context access wrapper for ease of use.
Definition: ssl_acceptor_context_operator.h:102
helper class to deal with optionally empty strings
Definition: ssl_init_callback.h:50
const char * c_str() const
Definition: ssl_init_callback.h:57
TLS context access protector.
Definition: ssl_acceptor_context_operator.h:41
Container of SSL Acceptor context data.
Definition: ssl_acceptor_context_data.h:104
Ssl_acceptor_context_data operator=(const Ssl_acceptor_context_data &)=delete
OptionalString current_version_
Definition: ssl_acceptor_context_data.h:204
OptionalString current_key_
Definition: ssl_acceptor_context_data.h:205
~Ssl_acceptor_context_data()
Destructor.
Definition: ssl_acceptor_context_data.cc:349
std::string show_property(Ssl_acceptor_context_property_type property_type) const
Fetch given property from underlying TLS context.
Definition: ssl_acceptor_context_data.cc:354
const char * current_cert() const
Get current Certificate.
Definition: ssl_acceptor_context_data.h:164
const char * channel_name() const
Get channel name.
Definition: ssl_acceptor_context_data.h:149
Ssl_acceptor_context_data operator=(Ssl_acceptor_context_data &&)=delete
OptionalString current_capath_
Definition: ssl_acceptor_context_data.h:204
const char * current_version() const
Get current TLS version.
Definition: ssl_acceptor_context_data.h:176
OptionalString current_crl_
Definition: ssl_acceptor_context_data.h:205
std::string channel_
Channel name.
Definition: ssl_acceptor_context_data.h:188
const char * current_key() const
Get current Key.
Definition: ssl_acceptor_context_data.h:167
Ssl_acceptor_context_data(Ssl_acceptor_context_data &&)=delete
const char * current_cipher() const
Get current TLSv1.2 ciphers.
Definition: ssl_acceptor_context_data.h:179
bool current_tls_session_cache_mode_
Definition: ssl_acceptor_context_data.h:208
const char * current_ciphersuites() const
Get current TLSv1.3 ciphers.
Definition: ssl_acceptor_context_data.h:182
OptionalString current_ciphersuites_
Definition: ssl_acceptor_context_data.h:205
OptionalString current_crlpath_
Definition: ssl_acceptor_context_data.h:206
OptionalString current_cipher_
Definition: ssl_acceptor_context_data.h:205
SSL * acceptor_
An SSL for ssl_acceptor_fd_ to allow access to parameters not in SSL_CTX to be available even if the ...
Definition: ssl_acceptor_context_data.h:198
const char * current_capath() const
Get current CA Path.
Definition: ssl_acceptor_context_data.h:161
struct st_VioSSLFd * ssl_acceptor_fd_
SSL_CTX barerer.
Definition: ssl_acceptor_context_data.h:191
const char * current_ca() const
Get current CA.
Definition: ssl_acceptor_context_data.h:158
Ssl_acceptor_context_data(std::string channel, Ssl_init_callback *callbacks, bool report_ssl_error=true, enum enum_ssl_init_error *out_error=nullptr)
Ctor.
Definition: ssl_acceptor_context_data.cc:283
const char * current_crl() const
Get current CRL certificate.
Definition: ssl_acceptor_context_data.h:170
OptionalString current_ca_
Copies of the current effective values for quick return via the status vars.
Definition: ssl_acceptor_context_data.h:204
OptionalString current_cert_
Definition: ssl_acceptor_context_data.h:204
bool have_ssl() const
TLS context validity.
Definition: ssl_acceptor_context_data.h:146
long current_tls_session_cache_timeout_
Definition: ssl_acceptor_context_data.h:207
const char * current_crlpath() const
Get current CRL Path.
Definition: ssl_acceptor_context_data.h:173
Ssl_acceptor_context_data(const Ssl_acceptor_context_data &)=delete
Definition: ssl_init_callback.h:70
TLS context manager.
Definition: ssl_acceptor_context_operator.h:60
Ssl_acceptor_context_property_type
Properties exposed by Ssl Acceptor context.
Definition: ssl_acceptor_context_data.h:44
std::string Ssl_ctx_property_name(Ssl_acceptor_context_property_type property_type)
Note: Add new value before "last" and update Ssl_acceptor_context_propert_type_names.
Definition: ssl_acceptor_context_data.cc:267
Ssl_acceptor_context_property_type & operator++(Ssl_acceptor_context_property_type &property_type)
Increment operator for Ssl_acceptor_context_type Used by iterator.
Definition: ssl_acceptor_context_data.cc:273
Definition: task.h:427
Definition: violite.h:256
Vio Lite.
enum_ssl_init_error
Definition: violite.h:236