23 #include "SSLHandler.h"
25 SSLHandler::SSLHandler() {
26 logger = Logger::getLogger(
"SSLHandler");
29 SSLHandler::~SSLHandler() {
33 char* SSLHandler::pass = NULL;
34 BIO* SSLHandler::bio_err = NULL;
36 int SSLHandler::s_server_session_id_context = 1;
37 int SSLHandler::s_server_auth_session_id_context = 2;
41 int SSLHandler::password_cb(
char *buf,
int num,
int rwflag,
void *userdata)
43 if(num<(
int)(strlen(pass)+1))
50 void SSLHandler::load_dh_params(SSL_CTX *ctx,
char *file)
55 if ((bio=BIO_new_file(file,
"r")) == NULL)
56 logger <<
"Couldn't open DH file" << endl;
58 ret=PEM_read_bio_DHparams(bio,NULL,NULL,
61 if(SSL_CTX_set_tmp_dh(ctx,ret)<0)
62 logger <<
"Couldn't set DH parameters" << endl;
65 void SSLHandler::sigpipe_handle(
int x){
68 SSL_CTX *SSLHandler::initialize_ctx(
char *keyfile,
char *password,
string ca_list)
76 SSL_load_error_strings();
79 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
83 signal(SIGPIPE,sigpipe_handle);
86 meth=(SSL_METHOD*)SSLv23_method();
87 ctx=SSL_CTX_new(meth);
90 if(!(SSL_CTX_use_certificate_chain_file(ctx,
92 logger <<
"Can't read certificate file" << endl;
95 SSL_CTX_set_default_passwd_cb(ctx,
97 if(!(SSL_CTX_use_PrivateKey_file(ctx,
98 keyfile,SSL_FILETYPE_PEM)))
99 logger <<
"Can't read key file" << endl;
102 if(!(SSL_CTX_load_verify_locations(ctx,
104 logger <<
"Can't read CA list" << endl;
105 #if (OPENSSL_VERSION_NUMBER < 0x00905100L)
106 SSL_CTX_set_verify_depth(ctx,1);
112 void SSLHandler::destroy_ctx(SSL_CTX *ctx)
117 void SSLHandler::error_occurred(
char *error,
int fd,SSL *ssl)
121 int r=SSL_shutdown(ssl);
137 logger <<
"Socket shutdown failed" << endl;
143 void SSLHandler::closeSSL(
int fd,SSL *ssl,BIO* bio)
146 int r=SSL_shutdown(ssl);
162 logger <<
"Socket shutdown failed" << endl;