MySQL  8.0.27
Source Code Documentation
ssl_acceptor_context_data.h
Go to the documentation of this file.
1 /* Copyright (c) 2020, 2021, Oracle and/or its affiliates.
2 
3  This program is free software; you can redistribute it and/or modify
4  it under the terms of the GNU General Public License, version 2.0,
5  as published by the Free Software Foundation.
6 
7  This program is also distributed with certain software (including
8  but not limited to OpenSSL) that is licensed under separate terms,
9  as designated in a particular file or component or in included license
10  documentation. The authors of MySQL hereby grant you an additional
11  permission to link the program and your derivative works with the
12  separately licensed software that they have included with MySQL.
13 
14  This program is distributed in the hope that it will be useful,
15  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  GNU General Public License, version 2.0, for more details.
18 
19  You should have received a copy of the GNU General Public License
20  along with this program; if not, write to the Free Software
21  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
22 
23 #ifndef SSL_ACCEPTOR_CONTEXT_DATA_INCLUDED
24 #define SSL_ACCEPTOR_CONTEXT_DATA_INCLUDED
25 
26 #include <string>
27 
28 #include "my_rcu_lock.h" /* MyRcuLock */
29 #include "openssl/ossl_typ.h" /* SSL */
30 #include "sql/ssl_init_callback.h" /* Ssl_init_callback */
31 #include "violite.h" /* st_VioSSLFd, enum_ssl_init_error */
32 
34 class TLS_channel;
36 
37 /**
38  Properties exposed by Ssl Acceptor context
39 
40  Note: Add new value before "last" and update
41  Ssl_acceptor_context_propert_type_names.
42 */
45  accepts,
71  last
72 };
73 /**
74  Note: Add new value before "last" and update
75  Ssl_acceptor_context_propert_type_names.
76 */
77 
78 /**
79  Fetch a string representation of SSL acceptor context property
80 
81  @param [in] property_type Property type
82 
83  @returns name of the property
84 */
85 std::string Ssl_ctx_property_name(
87 
88 /**
89  Increment operator for Ssl_acceptor_context_type
90  Used by iterator
91 
92  @param [in,out] property_type Current position in Ssl_acceptor_context_type
93 
94  @returns incremented value for property_type
95 */
97  Ssl_acceptor_context_property_type &property_type);
98 
99 /**
100  Container of SSL Acceptor context data
101 */
103  public:
104  /**
105  Ctor
106 
107  @param [in] channel Name of the channel
108  @param [in] use_ssl_arg Don't bother at all to try and construct
109  an SSL_CTX and just make an empty
110  SslAcceptorContext. Used to pass the
111  --ssl/--admin-ssl options at startup.
112  @param [in] callbacks TLS context initialization callbacks
113  to get values of various options and
114  perform validation
115  @param [in] report_ssl_error Report any SSL errors resulting from trying
116  to initialize the SSL_CTX to error log
117  @param [out] out_error An optional slot to return SSL_CTX
118  initialization error information
119  */
120  Ssl_acceptor_context_data(std::string channel, bool use_ssl_arg,
122  bool report_ssl_error = true,
123  enum enum_ssl_init_error *out_error = nullptr);
124 
125  /** Destructor */
127 
128  protected:
129  /* Disable copy/assignment */
132  delete;
133 
134  /* Disable move constructs */
137 
138  /**
139  Fetch given property from underlying TLS context
140 
141  @param [in] property_type Property to be fetched
142 
143  @returns Value of property for given context. Empty in case of failure.
144  */
145  std::string show_property(
146  Ssl_acceptor_context_property_type property_type) const;
147 
148  /** TLS context validity */
149  bool have_ssl() const { return ssl_acceptor_fd_ != nullptr; }
150 
151  /** Get channel name */
152  const char *channel_name() const { return channel_.c_str(); }
153 
154  /** Get Acceptor context */
155  operator struct st_VioSSLFd *() { return ssl_acceptor_fd_; }
156 
157  /** Get SSL handle */
158  operator SSL *() { return acceptor_; }
159 
160  /** Get current CA */
161  const char *current_ca() const { return current_ca_.c_str(); }
162 
163  /** Get current CA Path */
164  const char *current_capath() const { return current_capath_.c_str(); }
165 
166  /** Get current Certificate */
167  const char *current_cert() const { return current_cert_.c_str(); }
168 
169  /** Get current Key */
170  const char *current_key() const { return current_key_.c_str(); }
171 
172  /** Get current CRL certificate */
173  const char *current_crl() const { return current_crl_.c_str(); }
174 
175  /** Get current CRL Path */
176  const char *current_crlpath() const { return current_crlpath_.c_str(); }
177 
178  /** Get current TLS version */
179  const char *current_version() const { return current_version_.c_str(); }
180 
181  /** Get current TLSv1.2 ciphers */
182  const char *current_cipher() const { return current_cipher_.c_str(); }
183 
184  /** Get current TLSv1.3 ciphers */
185  const char *current_ciphersuites() const {
186  return current_ciphersuites_.c_str();
187  }
188 
189  private:
190  /** Channel name */
191  std::string channel_;
192 
193  /** SSL_CTX barerer */
195 
196  /**
197  An SSL for @ref ssl_acceptor_fd_ to allow access to parameters not in
198  SSL_CTX to be available even if the current connection is not
199  encrypted.
200  */
201  SSL *acceptor_;
202 
203  /**
204  Copies of the current effective values for quick return via the
205  status vars
206  */
210 
211  /* F.R.I.E.N.D.S. */
213  friend class TLS_channel;
215 };
216 
217 #endif // SSL_ACCEPTOR_CONTEXT_DATA_INCLUDED
static const sasl_callback_t callbacks[]
Definition: auth_ldap_sasl_client.h:44
TLS context access wrapper for ease of use.
Definition: ssl_acceptor_context_operator.h:104
helper class to deal with optionally empty strings
Definition: ssl_init_callback.h:37
const char * c_str() const
Definition: ssl_init_callback.h:44
TLS context access protector.
Definition: ssl_acceptor_context_operator.h:40
Container of SSL Acceptor context data.
Definition: ssl_acceptor_context_data.h:102
Ssl_acceptor_context_data operator=(const Ssl_acceptor_context_data &)=delete
OptionalString current_version_
Definition: ssl_acceptor_context_data.h:207
OptionalString current_key_
Definition: ssl_acceptor_context_data.h:208
~Ssl_acceptor_context_data()
Destructor.
Definition: ssl_acceptor_context_data.cc:186
std::string show_property(Ssl_acceptor_context_property_type property_type) const
Fetch given property from underlying TLS context.
Definition: ssl_acceptor_context_data.cc:191
const char * channel_name() const
Get channel name.
Definition: ssl_acceptor_context_data.h:152
Ssl_acceptor_context_data operator=(Ssl_acceptor_context_data &&)=delete
OptionalString current_capath_
Definition: ssl_acceptor_context_data.h:207
const char * current_crlpath() const
Get current CRL Path.
Definition: ssl_acceptor_context_data.h:176
OptionalString current_crl_
Definition: ssl_acceptor_context_data.h:208
const char * current_ca() const
Get current CA.
Definition: ssl_acceptor_context_data.h:161
std::string channel_
Channel name.
Definition: ssl_acceptor_context_data.h:191
Ssl_acceptor_context_data(Ssl_acceptor_context_data &&)=delete
const char * current_version() const
Get current TLS version.
Definition: ssl_acceptor_context_data.h:179
const char * current_key() const
Get current Key.
Definition: ssl_acceptor_context_data.h:170
OptionalString current_ciphersuites_
Definition: ssl_acceptor_context_data.h:208
OptionalString current_crlpath_
Definition: ssl_acceptor_context_data.h:209
OptionalString current_cipher_
Definition: ssl_acceptor_context_data.h:208
SSL * acceptor_
An SSL for ssl_acceptor_fd_ to allow access to parameters not in SSL_CTX to be available even if the ...
Definition: ssl_acceptor_context_data.h:201
const char * current_cert() const
Get current Certificate.
Definition: ssl_acceptor_context_data.h:167
struct st_VioSSLFd * ssl_acceptor_fd_
SSL_CTX barerer.
Definition: ssl_acceptor_context_data.h:194
const char * current_crl() const
Get current CRL certificate.
Definition: ssl_acceptor_context_data.h:173
Ssl_acceptor_context_data(std::string channel, bool use_ssl_arg, Ssl_init_callback *callbacks, bool report_ssl_error=true, enum enum_ssl_init_error *out_error=nullptr)
Ctor.
Definition: ssl_acceptor_context_data.cc:138
const char * current_ciphersuites() const
Get current TLSv1.3 ciphers.
Definition: ssl_acceptor_context_data.h:185
OptionalString current_ca_
Copies of the current effective values for quick return via the status vars.
Definition: ssl_acceptor_context_data.h:207
OptionalString current_cert_
Definition: ssl_acceptor_context_data.h:207
bool have_ssl() const
TLS context validity.
Definition: ssl_acceptor_context_data.h:149
Ssl_acceptor_context_data(const Ssl_acceptor_context_data &)=delete
const char * current_cipher() const
Get current TLSv1.2 ciphers.
Definition: ssl_acceptor_context_data.h:182
const char * current_capath() const
Get current CA Path.
Definition: ssl_acceptor_context_data.h:164
Definition: ssl_init_callback.h:57
TLS context manager.
Definition: ssl_acceptor_context_operator.h:59
Ssl_acceptor_context_property_type
Properties exposed by Ssl Acceptor context.
Definition: ssl_acceptor_context_data.h:43
std::string Ssl_ctx_property_name(Ssl_acceptor_context_property_type property_type)
Note: Add new value before "last" and update Ssl_acceptor_context_propert_type_names.
Definition: ssl_acceptor_context_data.cc:108
Ssl_acceptor_context_property_type & operator++(Ssl_acceptor_context_property_type &property_type)
Increment operator for Ssl_acceptor_context_type Used by iterator.
Definition: ssl_acceptor_context_data.cc:114
Definition: task.h:425
Definition: violite.h:254
Vio Lite.
enum_ssl_init_error
Definition: violite.h:235