. /src/corosio/src /tls /detail /context_impl.hpp
0.00% Lines (0/6) 0.00% Functions (0/1)
[ ] prev/next file n p prev/next uncovered line
TLA Baseline Branch
Line Hits Code Line Hits Code
1   // 1   //
2   // Copyright (c) 2025 Vinnie Falco (vinnie.falco@gmail.com) 2   // Copyright (c) 2025 Vinnie Falco (vinnie.falco@gmail.com)
3   // 3   //
4   // Distributed under the Boost Software License, Version 1.0. (See accompanying 4   // Distributed under the Boost Software License, Version 1.0. (See accompanying
5   // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) 5   // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
6   // 6   //
7   // Official repository: https://github.com/cppalliance/corosio 7   // Official repository: https://github.com/cppalliance/corosio
8   // 8   //
9   9  
10   #ifndef SRC_TLS_DETAIL_CONTEXT_IMPL_HPP 10   #ifndef SRC_TLS_DETAIL_CONTEXT_IMPL_HPP
11   #define SRC_TLS_DETAIL_CONTEXT_IMPL_HPP 11   #define SRC_TLS_DETAIL_CONTEXT_IMPL_HPP
12   12  
13   #include <boost/corosio/tls_context.hpp> 13   #include <boost/corosio/tls_context.hpp>
14   14  
15   #include <functional> 15   #include <functional>
16   #include <mutex> 16   #include <mutex>
17   #include <string> 17   #include <string>
18   #include <vector> 18   #include <vector>
19   19  
20   namespace boost::corosio { 20   namespace boost::corosio {
21   21  
22   namespace detail { 22   namespace detail {
23   23  
24   /** Abstract base for cached native SSL contexts. 24   /** Abstract base for cached native SSL contexts.
25   25  
26   Stored in context::impl as an intrusive linked list. 26   Stored in context::impl as an intrusive linked list.
27   Each TLS backend derives from this to cache its native 27   Each TLS backend derives from this to cache its native
28   context handle ( WOLFSSL_CTX*, SSL_CTX*, etc. ). 28   context handle ( WOLFSSL_CTX*, SSL_CTX*, etc. ).
29   */ 29   */
30   class native_context_base 30   class native_context_base
31   { 31   {
32   public: 32   public:
33   native_context_base* next_ = nullptr; 33   native_context_base* next_ = nullptr;
34   void const* service_ = nullptr; 34   void const* service_ = nullptr;
35   35  
36   virtual ~native_context_base() = default; 36   virtual ~native_context_base() = default;
37   }; 37   };
38   38  
39   struct tls_context_data 39   struct tls_context_data
40   { 40   {
41   // Credentials 41   // Credentials
42   42  
43   std::string entity_certificate; 43   std::string entity_certificate;
44   tls_file_format entity_cert_format = tls_file_format::pem; 44   tls_file_format entity_cert_format = tls_file_format::pem;
45   std::string certificate_chain; 45   std::string certificate_chain;
46   std::string private_key; 46   std::string private_key;
47   tls_file_format private_key_format = tls_file_format::pem; 47   tls_file_format private_key_format = tls_file_format::pem;
48   48  
49   // Trust anchors 49   // Trust anchors
50   50  
51   std::vector<std::string> ca_certificates; 51   std::vector<std::string> ca_certificates;
52   std::vector<std::string> verify_paths; 52   std::vector<std::string> verify_paths;
53   bool use_default_verify_paths = false; 53   bool use_default_verify_paths = false;
54   54  
55   // Protocol settings 55   // Protocol settings
56   56  
57   tls_version min_version = tls_version::tls_1_2; 57   tls_version min_version = tls_version::tls_1_2;
58   tls_version max_version = tls_version::tls_1_3; 58   tls_version max_version = tls_version::tls_1_3;
59   std::string ciphersuites; 59   std::string ciphersuites;
60   std::vector<std::string> alpn_protocols; 60   std::vector<std::string> alpn_protocols;
61   61  
62   // Verification 62   // Verification
63   63  
64   tls_verify_mode verification_mode = tls_verify_mode::none; 64   tls_verify_mode verification_mode = tls_verify_mode::none;
65   int verify_depth = 100; 65   int verify_depth = 100;
66   std::string hostname; 66   std::string hostname;
67   std::function<bool(bool, void*)> verify_callback; 67   std::function<bool(bool, void*)> verify_callback;
68   68  
69   // SNI (Server Name Indication) 69   // SNI (Server Name Indication)
70   70  
71   std::function<bool(std::string_view)> servername_callback; 71   std::function<bool(std::string_view)> servername_callback;
72   72  
73   // Revocation 73   // Revocation
74   74  
75   std::vector<std::string> crls; 75   std::vector<std::string> crls;
76   std::string ocsp_staple; 76   std::string ocsp_staple;
77   bool require_ocsp_staple = false; 77   bool require_ocsp_staple = false;
78   tls_revocation_policy revocation = tls_revocation_policy::disabled; 78   tls_revocation_policy revocation = tls_revocation_policy::disabled;
79   79  
80   // Password 80   // Password
81   81  
82   std::function<std::string(std::size_t, tls_password_purpose)> 82   std::function<std::string(std::size_t, tls_password_purpose)>
83   password_callback; 83   password_callback;
84   84  
85   // Cached native contexts (intrusive list) 85   // Cached native contexts (intrusive list)
86   86  
87   mutable std::mutex native_contexts_mutex_; 87   mutable std::mutex native_contexts_mutex_;
88   mutable native_context_base* native_contexts_ = nullptr; 88   mutable native_context_base* native_contexts_ = nullptr;
89   89  
90   /** Find or insert a cached native context. 90   /** Find or insert a cached native context.
91   91  
92   @param service The unique key for the backend. 92   @param service The unique key for the backend.
93   @param create Factory function called if not found. 93   @param create Factory function called if not found.
94   94  
95   @return Pointer to the cached native context. 95   @return Pointer to the cached native context.
96   */ 96   */
97   template<typename Factory> 97   template<typename Factory>
98   native_context_base* find(void const* service, Factory&& create) const 98   native_context_base* find(void const* service, Factory&& create) const
99   { 99   {
100   std::lock_guard<std::mutex> lock(native_contexts_mutex_); 100   std::lock_guard<std::mutex> lock(native_contexts_mutex_);
101   101  
102   for (auto* p = native_contexts_; p; p = p->next_) 102   for (auto* p = native_contexts_; p; p = p->next_)
103   if (p->service_ == service) 103   if (p->service_ == service)
104   return p; 104   return p;
105   105  
106   // Not found - create and prepend 106   // Not found - create and prepend
107   auto* ctx = create(); 107   auto* ctx = create();
108   ctx->service_ = service; 108   ctx->service_ = service;
109   ctx->next_ = native_contexts_; 109   ctx->next_ = native_contexts_;
110   native_contexts_ = ctx; 110   native_contexts_ = ctx;
111   return ctx; 111   return ctx;
112   } 112   }
113   113  
MISUBC 114   ~tls_context_data() 114   ~tls_context_data()
115   { 115   {
116   // Clean up cached native contexts (no lock needed - destructor) 116   // Clean up cached native contexts (no lock needed - destructor)
MISUBC 117   while (native_contexts_) 117   while (native_contexts_)
118   { 118   {
MISUBC 119   auto* next = native_contexts_->next_; 119   auto* next = native_contexts_->next_;
MISUBC 120   delete native_contexts_; 120   delete native_contexts_;
MISUBC 121   native_contexts_ = next; 121   native_contexts_ = next;
122   } 122   }
MISUBC 123   } 123   }
124   }; 124   };
125   125  
126   } // namespace detail 126   } // namespace detail
127   127  
128   /** Implementation of tls_context. 128   /** Implementation of tls_context.
129   129  
130   Contains all portable TLS configuration data plus 130   Contains all portable TLS configuration data plus
131   cached native SSL contexts as an intrusive list. 131   cached native SSL contexts as an intrusive list.
132   */ 132   */
133   struct tls_context::impl : detail::tls_context_data 133   struct tls_context::impl : detail::tls_context_data
134   {}; 134   {};
135   135  
136   namespace detail { 136   namespace detail {
137   137  
138   /** Return the TLS context data. 138   /** Return the TLS context data.
139   139  
140   Provides read-only access to the portable configuration 140   Provides read-only access to the portable configuration
141   stored in the context. 141   stored in the context.
142   142  
143   @param ctx The TLS context. 143   @param ctx The TLS context.
144   144  
145   @return Reference to the context implementation. 145   @return Reference to the context implementation.
146   */ 146   */
147   inline tls_context_data const& 147   inline tls_context_data const&
148   get_tls_context_data(tls_context const& ctx) noexcept 148   get_tls_context_data(tls_context const& ctx) noexcept
149   { 149   {
150   return *ctx.impl_; 150   return *ctx.impl_;
151   } 151   }
152   152  
153   } // namespace detail 153   } // namespace detail
154   154  
155   } // namespace boost::corosio 155   } // namespace boost::corosio
156   156  
157   #endif 157   #endif