IBR-DTNSuite 0.6

ibrcommon/ibrcommon/net/TLSStream.h

Go to the documentation of this file.
00001 /*
00002  * TLSStream.h
00003  *
00004  *  Created on: Mar 24, 2011
00005  *      Author: roettger
00006  */
00007 
00008 #ifndef TLSSTREAM_H_
00009 #define TLSSTREAM_H_
00010 
00011 #include <streambuf>
00012 #include <iostream>
00013 #include <memory>
00014 #include <openssl/ssl.h>
00015 #include "ibrcommon/thread/Mutex.h"
00016 #include "ibrcommon/data/File.h"
00017 #include "ibrcommon/net/iostreamBIO.h"
00018 
00019 namespace ibrcommon
00020 {
00027         class TLSStream : public std::streambuf, public std::iostream
00028         {
00029         public:
00030                 typedef std::char_traits<char> traits;
00031 
00037                 TLSStream(std::iostream *stream);
00041                 virtual ~TLSStream();
00042 
00047                 void setServer(bool val);
00048 
00061             static void init(X509 *certificate, EVP_PKEY *privateKey, ibrcommon::File trustedCAPath, bool enableEncryption = false);
00062 
00066             static void flushInitialization();
00067 
00072             static bool isInitialized();
00073 
00078             void close();
00079 
00081                 static const size_t BUFF_SIZE = 5120;
00082 
00087                 X509 *activate();
00088 
00089         protected:
00090                 virtual int sync();
00091                 virtual int overflow(int = std::char_traits<char>::eof());
00092                 virtual int underflow();
00093 
00094         private:
00095                 std::string switchTLSError(int errnumber);
00096 
00097                 static bool _initialized;
00098                 /* this second initialized variable is needed, because init() can fail and SSL_library_init() is not reentrant. */
00099                 static bool _SSL_initialized;
00100                 static ibrcommon::Mutex _initialization_lock;
00101 
00102                 bool _activated;
00103                 ibrcommon::Mutex _activation_lock;
00104 
00105                 // Input buffer
00106                 char *in_buf_;
00107                 // Output buffer
00108                 char *out_buf_;
00109 
00110                 std::iostream *_stream;
00111                 /* indicates if this node is the server in the underlying tcp connection */
00112                 bool _server;
00113 
00114                 static SSL_CTX *_ssl_ctx;
00115                 SSL *_ssl;
00116                 X509 *_peer_cert;
00117                 std::auto_ptr<iostreamBIO> _iostreamBIO;
00118         };
00119 }
00120 
00121 #endif /* TLSSTREAM_H_ */