From a8854301d2fe3d09b41ca055a713500edcead000 Mon Sep 17 00:00:00 2001 From: Claudius 'keldu' Holeksa Date: Mon, 26 Aug 2024 20:17:33 +0200 Subject: Working on remote io tcp proxies and tls --- modules/io-tls/tls.cpp | 52 +++++++++++++++++++++++++++++++++++++++++++++++--- modules/io-tls/tls.hpp | 26 ------------------------- 2 files changed, 49 insertions(+), 29 deletions(-) (limited to 'modules/io-tls') diff --git a/modules/io-tls/tls.cpp b/modules/io-tls/tls.cpp index 57406e3..981aa08 100644 --- a/modules/io-tls/tls.cpp +++ b/modules/io-tls/tls.cpp @@ -41,10 +41,15 @@ tls::impl &tls::get_impl() { return *impl_; } class tls_io_stream final : public io_stream { private: own internal; + gnutls_certificate_credentials_t xcred_; gnutls_session_t session_handle; public: - tls_io_stream(own internal_) : internal{std::move(internal_)} {} + tls_io_stream(own internal_, gnutls_certificate_credentials_t xcred__, gnutls_session_t session_handle__): + internal{std::move(internal_)}, + xcred_{xcred__}, + session_handle_{session_handle__} + {} ~tls_io_stream() { gnutls_bye(session_handle, GNUTLS_SHUT_RDWR); } @@ -89,6 +94,43 @@ public: gnutls_session_t &session() { return session_handle; } }; +class tls_server final : public server { +private: + own internal_; + gnutls_certificate_credentials_t xcred_; + gnutls_session_t session_handle_; + +public: + tls_server(own internal__, gnutls_certificate_credentials_t xcred__): + internal_{std::move(internal__)} + {} + + ~tls_server() { + gnutls_bye(session_handle_, GNUTLS_SHUT_RDWR); + gnutls_certificate_free_credentials(xcred_); + } + + conveyor> accept() override { + return make_error(); + } +}; + +class tls_network final : public network { +private: + tls& tls_; + network &internal; +public: + tls_network(tls& tls_, network &network_); + + conveyor> resolve_address(const std::string &addr, uint16_t port = 0) override; + + own listen(network_address& address) override; + + conveyor> connect(network_address& address) override; + + own datagram(network_address& address) override; +}; + tls_server::tls_server(own srv) : internal{std::move(srv)} {} conveyor> tls_server::accept() { @@ -157,8 +199,12 @@ public: }; } -own tls_network::listen(network_address& address) { - return heap(internal.listen(address)); +own tls_network::listen(const network_address& address) { + gnutls_certificate_credentials_t x509_cred; + gnutls_certificate_allocate_credentials(&x509_cred); + auto int_srv = internal.listen(address); + + return heap(int_srv, x509_cred); } conveyor> tls_network::connect(network_address& address) { diff --git a/modules/io-tls/tls.hpp b/modules/io-tls/tls.hpp index 5313bf7..a04598d 100644 --- a/modules/io-tls/tls.hpp +++ b/modules/io-tls/tls.hpp @@ -9,32 +9,6 @@ namespace saw { class tls; -class tls_server final : public server { -private: - own internal; - -public: - tls_server(own srv); - - conveyor> accept() override; -}; - -class tls_network final : public network { -private: - tls& tls_; - network &internal; -public: - tls_network(tls& tls_, network &network_); - - conveyor> resolve_address(const std::string &addr, uint16_t port = 0) override; - - own listen(network_address& address) override; - - conveyor> connect(network_address& address) override; - - own datagram(network_address& address) override; -}; - /** * tls context class. * Provides tls network class which ensures the usage of tls encrypted connections -- cgit v1.2.3