MySQL 9.0.0
Source Code Documentation
ssl_wrapper_service.cc File Reference

Ssl functions wrapper service implementation. More...

#include <openssl/ssl.h>
#include <string.h>
#include "my_compiler.h"
#include "my_io.h"
#include "mysql/service_ssl_wrapper.h"

Namespaces

namespace  ssl_wrapper_service
 

Functions

int ssl_wrapper_service::dummy_function_to_ensure_we_are_linked_into_the_server ()
 
static char * my_asn1_time_to_string (ASN1_TIME *time, char *buf, size_t len)
 
void ssl_wrapper_version (Vio *vio, char *buffer, const size_t buffer_size)
 Return version of SSL used in current connection. More...
 
void ssl_wrapper_cipher (Vio *vio, char *buffer, const size_t buffer_size)
 Return cipher used in current connection. More...
 
long ssl_wrapper_cipher_list (Vio *vio, const char **clipher_list, const long maximun_num_of_elements)
 Return cipher list that can be used for SSL. More...
 
long ssl_wrapper_verify_depth (Vio *vio)
 Return the verification depth limit set in SSL. More...
 
long ssl_wrapper_verify_mode (Vio *vio)
 Return the verification mode set in SSL. More...
 
void ssl_wrapper_get_peer_certificate_issuer (Vio *vio, char *issuer, const size_t issuer_size)
 Return issuer name form peers ssl certificate. More...
 
void ssl_wrapper_get_peer_certificate_subject (Vio *vio, char *subject, const size_t subject_size)
 Return subject field form peers ssl certificate. More...
 
long ssl_wrapper_get_verify_result_and_cert (Vio *vio)
 Check is peer certificate is present and try to verify it. More...
 
long ssl_wrapper_ctx_verify_depth (struct st_VioSSLFd *vio_ssl)
 Return the verification depth limit set in SSL context. More...
 
long ssl_wrapper_ctx_verify_mode (struct st_VioSSLFd *vio_ssl)
 Return the verification mode set in SSL context. More...
 
void ssl_wrapper_ctx_server_not_after (struct st_VioSSLFd *vio_ssl, char *no_after, const size_t no_after_size)
 Return the last day the server certificate is valid. More...
 
void ssl_wrapper_ctx_server_not_before (struct st_VioSSLFd *vio_ssl, char *no_before, const size_t no_before_size)
 Return the first day the server certificate is valid. More...
 
long ssl_wrapper_sess_accept (struct st_VioSSLFd *vio_ssl)
 
long ssl_wrapper_sess_accept_good (struct st_VioSSLFd *vio_ssl)
 Cleanup data allocated by SSL on thread stack. More...
 
void ssl_wrapper_thread_cleanup ()
 Cleanup data allocated by SSL on thread stack. More...
 

Detailed Description

Ssl functions wrapper service implementation.

For more information please check the function comments.

Function Documentation

◆ my_asn1_time_to_string()

static char * my_asn1_time_to_string ( ASN1_TIME *  time,
char *  buf,
size_t  len 
)
static

◆ ssl_wrapper_cipher()

void ssl_wrapper_cipher ( Vio vio,
char *  buffer,
const size_t  buffer_size 
)

Return cipher used in current connection.

Parameters
vioVIO connection descriptor
bufferCharacter buffer in which the cipher name is going to be placed
buffer_sizeSize of the character buffer

◆ ssl_wrapper_cipher_list()

long ssl_wrapper_cipher_list ( Vio vio,
const char **  clipher_list,
const long  maximun_num_of_elements 
)

Return cipher list that can be used for SSL.

Parameters
vioVIO connection descriptor
clipher_listPointer to an array of c-strings
maximun_num_of_elementsSize of the pointer array

◆ ssl_wrapper_ctx_server_not_after()

void ssl_wrapper_ctx_server_not_after ( struct st_VioSSLFd vio_ssl,
char *  no_after,
const size_t  no_after_size 
)

Return the last day the server certificate is valid.

Parameters
vio_sslVIO SSL context descriptor
no_afterCharacter buffer for to be filed with the date in human readable format
no_after_sizeSize of the character buffer

◆ ssl_wrapper_ctx_server_not_before()

void ssl_wrapper_ctx_server_not_before ( struct st_VioSSLFd vio_ssl,
char *  no_before,
const size_t  no_before_size 
)

Return the first day the server certificate is valid.

Parameters
vio_sslVIO SSL context descriptor
no_beforeCharacter buffer for to be filed with the date in human readable format
no_before_sizeSize of the character buffer

◆ ssl_wrapper_ctx_verify_depth()

long ssl_wrapper_ctx_verify_depth ( struct st_VioSSLFd vio_ssl)

Return the verification depth limit set in SSL context.

Parameters
vio_sslVIO SSL context descriptor
Returns
-1 default values should be used >0 verification depth

◆ ssl_wrapper_ctx_verify_mode()

long ssl_wrapper_ctx_verify_mode ( struct st_VioSSLFd vio_ssl)

Return the verification mode set in SSL context.

Parameters
vio_sslVIO SSL context descriptor
Returns
-1 default values should be used >0 verification mode

◆ ssl_wrapper_get_peer_certificate_issuer()

void ssl_wrapper_get_peer_certificate_issuer ( Vio vio,
char *  issuer,
const size_t  issuer_size 
)

Return issuer name form peers ssl certificate.

Parameters
vioVIO connection descriptor
issuerCharacter buffer in which the issuer name is going to be placed
issuer_sizeSize of character buffer for the issuer name

◆ ssl_wrapper_get_peer_certificate_subject()

void ssl_wrapper_get_peer_certificate_subject ( Vio vio,
char *  subject,
const size_t  subject_size 
)

Return subject field form peers ssl certificate.

Parameters
vioVIO connection descriptor
subjectCharacter buffer in which the subject is going to be placed
subject_sizeSize of character buffer for the subject

◆ ssl_wrapper_get_verify_result_and_cert()

long ssl_wrapper_get_verify_result_and_cert ( Vio vio)

Check is peer certificate is present and try to verify it.

Parameters
vioVIO connection descriptor
Returns
X509_V_OK verification of peer certificate succeeded -1 verification failed

◆ ssl_wrapper_sess_accept()

long ssl_wrapper_sess_accept ( struct st_VioSSLFd vio_ssl)

◆ ssl_wrapper_sess_accept_good()

long ssl_wrapper_sess_accept_good ( struct st_VioSSLFd vio_ssl)

Cleanup data allocated by SSL on thread stack.

◆ ssl_wrapper_thread_cleanup()

void ssl_wrapper_thread_cleanup ( )

Cleanup data allocated by SSL on thread stack.

◆ ssl_wrapper_verify_depth()

long ssl_wrapper_verify_depth ( Vio vio)

Return the verification depth limit set in SSL.

Parameters
vioVIO connection descriptor
Returns
-1 default values should be used >0 verification depth

◆ ssl_wrapper_verify_mode()

long ssl_wrapper_verify_mode ( Vio vio)

Return the verification mode set in SSL.

Parameters
vioVIO connection descriptor
Returns
-1 default values should be used >0 verification mode

◆ ssl_wrapper_version()

void ssl_wrapper_version ( Vio vio,
char *  buffer,
const size_t  buffer_size 
)

Return version of SSL used in current connection.

Parameters
vioVIO connection descriptor
bufferCharacter buffer in which the version is going to be placed
buffer_sizeSize of the character buffer