diff options
| author | Claudius 'keldu' Holeksa <mail@keldu.de> | 2024-08-26 20:17:33 +0200 |
|---|---|---|
| committer | Claudius 'keldu' Holeksa <mail@keldu.de> | 2024-08-26 20:17:33 +0200 |
| commit | a8854301d2fe3d09b41ca055a713500edcead000 (patch) | |
| tree | 3c2701131dfbfca1a6a4707faa508aa114d7ad7e /modules/io-tls | |
| parent | 5152bb37e0a5ec533b55512ef93eecde5c1cae34 (diff) | |
Working on remote io tcp proxies and tls
Diffstat (limited to 'modules/io-tls')
| -rw-r--r-- | modules/io-tls/tls.cpp | 52 | ||||
| -rw-r--r-- | modules/io-tls/tls.hpp | 26 |
2 files changed, 49 insertions, 29 deletions
diff --git a/modules/io-tls/tls.cpp b/modules/io-tls/tls.cpp index 57406e3..981aa08 100644 --- a/modules/io-tls/tls.cpp +++ b/modules/io-tls/tls.cpp @@ -41,10 +41,15 @@ tls::impl &tls::get_impl() { return *impl_; } class tls_io_stream final : public io_stream { private: own<io_stream> internal; + gnutls_certificate_credentials_t xcred_; gnutls_session_t session_handle; public: - tls_io_stream(own<io_stream> internal_) : internal{std::move(internal_)} {} + tls_io_stream(own<io_stream> internal_, gnutls_certificate_credentials_t xcred__, gnutls_session_t session_handle__): + internal{std::move(internal_)}, + xcred_{xcred__}, + session_handle_{session_handle__} + {} ~tls_io_stream() { gnutls_bye(session_handle, GNUTLS_SHUT_RDWR); } @@ -89,6 +94,43 @@ public: gnutls_session_t &session() { return session_handle; } }; +class tls_server final : public server { +private: + own<server> internal_; + gnutls_certificate_credentials_t xcred_; + gnutls_session_t session_handle_; + +public: + tls_server(own<server> internal__, gnutls_certificate_credentials_t xcred__): + internal_{std::move(internal__)} + {} + + ~tls_server() { + gnutls_bye(session_handle_, GNUTLS_SHUT_RDWR); + gnutls_certificate_free_credentials(xcred_); + } + + conveyor<own<io_stream>> accept() override { + return make_error<err::not_implemented>(); + } +}; + +class tls_network final : public network { +private: + tls& tls_; + network &internal; +public: + tls_network(tls& tls_, network &network_); + + conveyor<own<network_address>> resolve_address(const std::string &addr, uint16_t port = 0) override; + + own<server> listen(network_address& address) override; + + conveyor<own<io_stream>> connect(network_address& address) override; + + own<class datagram> datagram(network_address& address) override; +}; + tls_server::tls_server(own<server> srv) : internal{std::move(srv)} {} conveyor<own<io_stream>> tls_server::accept() { @@ -157,8 +199,12 @@ public: }; } -own<server> tls_network::listen(network_address& address) { - return heap<tls_server>(internal.listen(address)); +own<server> tls_network::listen(const network_address& address) { + gnutls_certificate_credentials_t x509_cred; + gnutls_certificate_allocate_credentials(&x509_cred); + auto int_srv = internal.listen(address); + + return heap<tls_server>(int_srv, x509_cred); } conveyor<own<io_stream>> tls_network::connect(network_address& address) { diff --git a/modules/io-tls/tls.hpp b/modules/io-tls/tls.hpp index 5313bf7..a04598d 100644 --- a/modules/io-tls/tls.hpp +++ b/modules/io-tls/tls.hpp @@ -9,32 +9,6 @@ namespace saw { class tls; -class tls_server final : public server { -private: - own<server> internal; - -public: - tls_server(own<server> srv); - - conveyor<own<io_stream>> accept() override; -}; - -class tls_network final : public network { -private: - tls& tls_; - network &internal; -public: - tls_network(tls& tls_, network &network_); - - conveyor<own<network_address>> resolve_address(const std::string &addr, uint16_t port = 0) override; - - own<server> listen(network_address& address) override; - - conveyor<own<io_stream>> connect(network_address& address) override; - - own<class datagram> datagram(network_address& address) override; -}; - /** * tls context class. * Provides tls network class which ensures the usage of tls encrypted connections |