 |
OpenVPN 3 Core Library
|
|
OpenVPN 3 Core Library
|
defines a class that handles SSL/TLS handshaking More...
#include <acc_certcheck.hpp>
Public Types | |
| using | MsgT = std::optional< std::string > |
Public Member Functions | |
| AccHandshaker ()=default | |
| AccHandshaker (SSLLib::SSLAPI::Config::Ptr cfg) | |
| Construct a new AccHandshaker object. | |
| MsgT | process_msg (const MsgT &msg) |
| Incrementally process the CLIENT HELLO / SERVER HELLO exchange. | |
| std::string | details () |
| returns ssl_handshake_details() if the SSLAPI is available | |
| void | reset (SSLLib::SSLAPI::Config::Ptr cfg) |
| Re-init the handshaker. | |
Private Attributes | |
| std::unique_ptr< SslApiBuilder > | mSslApi |
defines a class that handles SSL/TLS handshaking
Defines a class that handles SSL/TLS handshaking for device authentication.
It takes in a configuration pointer for the SSL library and uses that to initialize an SSL connection object. The main methods are the constructor which takes the SSL config pointer and initializes the internal SSL object using that config. The process_msg method takes in a message string, passes it into the SSL object to continue the handshake, and returns any response message the SSL object generates during the handshake. This allows incrementally processing the handshake protocol messages. The reset method reinitializes the SSL object if the config changes.
Internally it contains a unique pointer to a SslApiBuilder object. The SslApiBuilder initializes the lower level SSL objects like the SSL context, factory, and server instance using the provided configuration. So the AccHandshaker gives a simple interface to perform an SSL handshake using an SSL configuration. It handles setting up the SSL objects correctly, feeding the handshake messages into the SSL library, and getting any responses back out. This allows verifying possession of the correct certificates and keys.
Definition at line 86 of file acc_certcheck.hpp.
| using openvpn::AccHandshaker::MsgT = std::optional<std::string> |
Definition at line 88 of file acc_certcheck.hpp.
|
default |
|
inline |
Construct a new AccHandshaker object.
| cfg | an initialized confiog object type Config::Ptr |
Definition at line 102 of file acc_certcheck.hpp.
|
inline |
returns ssl_handshake_details() if the SSLAPI is available
| std::exception | derived type with more information regarding the problem |
Definition at line 148 of file acc_certcheck.hpp.
|
inline |
Incrementally process the CLIENT HELLO / SERVER HELLO exchange.
| msg | optional cipher text from the TLS peer |
| std::exception | derived type with more information regarding the problem |
The function will stop returning reply data when it's done handshaking. A handshake failure may result in an exception derived from std::exception being thrown.
Definition at line 116 of file acc_certcheck.hpp.
|
inline |
Re-init the handshaker.
| cfg | configuration that should be installed |
| throws | an object derived from std::exception if there is a problem with the init process |
Rebuilds the SSLAPI object with the specified configuration and begins the handshake process. Data exchange for the actual handshake is done via calls to process_msg.
Definition at line 163 of file acc_certcheck.hpp.
|
private |
Definition at line 96 of file acc_certcheck.hpp.
1.9.8