Refactor: add typedef boost::asio::ssl::context TlsContext; and use it

lib/base/tlsstream.hpp

@@ -59,7 +59,7 @@ private:
 struct UnbufferedAsioTlsStreamParams
 {
 	boost::asio::io_context& IoContext;
-	boost::asio::ssl::context& SslContext;
+	TlsContext& SslContext;
 	const String& Hostname;
 };
 
@@ -108,7 +108,7 @@ class AsioTlsStream : public boost::asio::buffered_stream<UnbufferedAsioTlsStrea
 {
 public:
 	inline
-	AsioTlsStream(boost::asio::io_context& ioContext, boost::asio::ssl::context& sslContext, const String& hostname = String())
+	AsioTlsStream(boost::asio::io_context& ioContext, TlsContext& sslContext, const String& hostname = String())
 		: AsioTlsStream(UnbufferedAsioTlsStreamParams{ioContext, sslContext, hostname})
 	{
 	}

lib/base/tlsutility.cpp

@@ -72,18 +72,18 @@ void InitializeOpenSSL()
 	l_SSLInitialized = true;
 }
 
-static void InitSslContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& pubkey, const String& privkey, const String& cakey)
+static void InitSslContext(const Shared<TlsContext>::Ptr& context, const String& pubkey, const String& privkey, const String& cakey)
 {
 	char errbuf[256];
 
 	// Enforce TLS v1.2 as minimum
 	context->set_options(
-		boost::asio::ssl::context::default_workarounds |
-		boost::asio::ssl::context::no_compression |
-		boost::asio::ssl::context::no_sslv2 |
-		boost::asio::ssl::context::no_sslv3 |
-		boost::asio::ssl::context::no_tlsv1 |
-		boost::asio::ssl::context::no_tlsv1_1
+		TlsContext::default_workarounds |
+		TlsContext::no_compression |
+		TlsContext::no_sslv2 |
+		TlsContext::no_sslv3 |
+		TlsContext::no_tlsv1 |
+		TlsContext::no_tlsv1_1
 	);
 
 	// Custom TLS flags
@@ -202,13 +202,13 @@ static void InitSslContext(const Shared<boost::asio::ssl::context>::Ptr& context
  * @param cakey CA certificate chain file.
  * @returns An SSL context.
  */
-Shared<boost::asio::ssl::context>::Ptr MakeAsioSslContext(const String& pubkey, const String& privkey, const String& cakey)
+Shared<TlsContext>::Ptr MakeAsioSslContext(const String& pubkey, const String& privkey, const String& cakey)
 {
 	namespace ssl = boost::asio::ssl;
 
 	InitializeOpenSSL();
 
-	auto context (Shared<ssl::context>::Make(ssl::context::tls));
+	auto context (Shared<TlsContext>::Make(TlsContext::tls));
 
 	InitSslContext(context, pubkey, privkey, cakey);
 
@@ -220,7 +220,7 @@ Shared<boost::asio::ssl::context>::Ptr MakeAsioSslContext(const String& pubkey,
  * @param context The ssl context.
  * @param cipherList The ciper list.
  **/
-void SetCipherListToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& cipherList)
+void SetCipherListToSSLContext(const Shared<TlsContext>::Ptr& context, const String& cipherList)
 {
 	char errbuf[256];
 
@@ -278,12 +278,12 @@ int ResolveTlsProtocolVersion(const std::string& version) {
 	}
 }
 
-Shared<boost::asio::ssl::context>::Ptr SetupSslContext(String certPath, String keyPath,
+Shared<TlsContext>::Ptr SetupSslContext(String certPath, String keyPath,
 	String caPath, String crlPath, String cipherList, String protocolmin, DebugInfo di)
 {
 	namespace ssl = boost::asio::ssl;
 
-	Shared<ssl::context>::Ptr context;
+	Shared<TlsContext>::Ptr context;
 
 	try {
 		context = MakeAsioSslContext(certPath, keyPath, caPath);
@@ -327,7 +327,7 @@ Shared<boost::asio::ssl::context>::Ptr SetupSslContext(String certPath, String k
  * @param context The ssl context.
  * @param tlsProtocolmin The minimum TLS protocol version.
  */
-void SetTlsProtocolminToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& tlsProtocolmin)
+void SetTlsProtocolminToSSLContext(const Shared<TlsContext>::Ptr& context, const String& tlsProtocolmin)
 {
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
 	int ret = SSL_CTX_set_min_proto_version(context->native_handle(), ResolveTlsProtocolVersion(tlsProtocolmin));
@@ -355,7 +355,7 @@ void SetTlsProtocolminToSSLContext(const Shared<boost::asio::ssl::context>::Ptr&
  * @param context The SSL context.
  * @param crlPath The path to the CRL file.
  */
-void AddCRLToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& crlPath)
+void AddCRLToSSLContext(const Shared<TlsContext>::Ptr& context, const String& crlPath)
 {
 	X509_STORE *x509_store = SSL_CTX_get_cert_store(context->native_handle());
 	AddCRLToSSLContext(x509_store, crlPath);

lib/base/tlsutility.hpp

@@ -38,18 +38,20 @@ const auto LEAF_VALID_FOR  = 60 * 60 * 24 * 397;
 const auto RENEW_THRESHOLD = 60 * 60 * 24 * 30;
 const auto RENEW_INTERVAL  = 60 * 60 * 24;
 
+typedef boost::asio::ssl::context TlsContext;
+
 void InitializeOpenSSL();
 
 String GetOpenSSLVersion();
 
-Shared<boost::asio::ssl::context>::Ptr MakeAsioSslContext(const String& pubkey = String(), const String& privkey = String(), const String& cakey = String());
-void AddCRLToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& crlPath);
+Shared<TlsContext>::Ptr MakeAsioSslContext(const String& pubkey = String(), const String& privkey = String(), const String& cakey = String());
+void AddCRLToSSLContext(const Shared<TlsContext>::Ptr& context, const String& crlPath);
 void AddCRLToSSLContext(X509_STORE *x509_store, const String& crlPath);
-void SetCipherListToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& cipherList);
-void SetTlsProtocolminToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& tlsProtocolmin);
+void SetCipherListToSSLContext(const Shared<TlsContext>::Ptr& context, const String& cipherList);
+void SetTlsProtocolminToSSLContext(const Shared<TlsContext>::Ptr& context, const String& tlsProtocolmin);
 int ResolveTlsProtocolVersion(const std::string& version);
 
-Shared<boost::asio::ssl::context>::Ptr SetupSslContext(String certPath, String keyPath,
+Shared<TlsContext>::Ptr SetupSslContext(String certPath, String keyPath,
 	String caPath, String crlPath, String cipherList, String protocolmin, DebugInfo di);
 
 String GetCertificateCN(const std::shared_ptr<X509>& certificate);

lib/cli/consolecommand.cpp

@@ -524,7 +524,7 @@ incomplete:
  */
 Shared<AsioTlsStream>::Ptr ConsoleCommand::Connect()
 {
-	Shared<boost::asio::ssl::context>::Ptr sslContext;
+	Shared<TlsContext>::Ptr sslContext;
 
 	try {
 		sslContext = MakeAsioSslContext(Empty, Empty, Empty); //TODO: Add support for cert, key, ca parameters

lib/icingadb/redisconnection.hpp

@@ -183,7 +183,7 @@ namespace icinga
 		typedef boost::asio::buffered_stream<Tcp::socket> TcpConn;
 		typedef boost::asio::buffered_stream<Unix::socket> UnixConn;
 
-		Shared<boost::asio::ssl::context>::Ptr m_TLSContext;
+		Shared<TlsContext>::Ptr m_TLSContext;
 
 		template<class AsyncReadStream>
 		static Value ReadRESP(AsyncReadStream& stream, boost::asio::yield_context& yc);

lib/methods/ifwapichecktask.cpp

@@ -497,7 +497,7 @@ void IfwApiCheckTask::ScriptFunc(const Checkable::Ptr& checkable, const CheckRes
 
 	auto& io (IoEngine::Get().GetIoContext());
 	auto strand (Shared<asio::io_context::strand>::Make(io));
-	Shared<asio::ssl::context>::Ptr ctx;
+	Shared<TlsContext>::Ptr ctx;
 	double start = Utility::GetTime();
 
 	try {

lib/perfdata/elasticsearchwriter.cpp

@@ -602,7 +602,7 @@ OptionalTlsStream ElasticsearchWriter::Connect()
 	bool tls = GetEnableTls();
 
 	if (tls) {
-		Shared<boost::asio::ssl::context>::Ptr sslContext;
+		Shared<TlsContext>::Ptr sslContext;
 
 		try {
 			sslContext = MakeAsioSslContext(GetCertPath(), GetKeyPath(), GetCaPath());

lib/perfdata/gelfwriter.cpp

@@ -174,7 +174,7 @@ void GelfWriter::ReconnectInternal()
 	bool ssl = GetEnableTls();
 
 	if (ssl) {
-		Shared<boost::asio::ssl::context>::Ptr sslContext;
+		Shared<TlsContext>::Ptr sslContext;
 
 		try {
 			sslContext = MakeAsioSslContext(GetCertPath(), GetKeyPath(), GetCaPath());

lib/perfdata/influxdbcommonwriter.cpp

@@ -149,7 +149,7 @@ OptionalTlsStream InfluxdbCommonWriter::Connect()
 	bool ssl = GetSslEnable();
 
 	if (ssl) {
-		Shared<boost::asio::ssl::context>::Ptr sslContext;
+		Shared<TlsContext>::Ptr sslContext;
 
 		try {
 			sslContext = MakeAsioSslContext(GetSslCert(), GetSslKey(), GetSslCaCert());

lib/remote/apilistener.hpp

@@ -161,7 +161,7 @@ protected:
 	void ValidateTlsHandshakeTimeout(const Lazy<double>& lvalue, const ValidationUtils& utils) override;
 
 private:
-	Shared<boost::asio::ssl::context>::Ptr m_SSLContext;
+	Shared<TlsContext>::Ptr m_SSLContext;
 	boost::shared_mutex m_SSLContextMutex;
 
 	mutable std::mutex m_AnonymousClientsLock;

lib/remote/pkiutility.cpp

@@ -83,7 +83,7 @@ int PkiUtility::SignCsr(const String& csrfile, const String& certfile)
 
 std::shared_ptr<X509> PkiUtility::FetchCert(const String& host, const String& port)
 {
-	Shared<boost::asio::ssl::context>::Ptr sslContext;
+	Shared<TlsContext>::Ptr sslContext;
 
 	try {
 		sslContext = MakeAsioSslContext();
@@ -151,7 +151,7 @@ int PkiUtility::GenTicket(const String& cn, const String& salt, std::ostream& ti
 int PkiUtility::RequestCertificate(const String& host, const String& port, const String& keyfile,
 	const String& certfile, const String& cafile, const std::shared_ptr<X509>& trustedCert, const String& ticket)
 {
-	Shared<boost::asio::ssl::context>::Ptr sslContext;
+	Shared<TlsContext>::Ptr sslContext;
 
 	try {
 		sslContext = MakeAsioSslContext(certfile, keyfile);

plugins/check_nscp_api.cpp

@@ -176,7 +176,7 @@ static int FormatOutput(const Dictionary::Ptr& result)
  */
 static Shared<AsioTlsStream>::Ptr Connect(const String& host, const String& port)
 {
-	Shared<boost::asio::ssl::context>::Ptr sslContext;
+	Shared<TlsContext>::Ptr sslContext;
 
 	try {
 		sslContext = MakeAsioSslContext(Empty, Empty, Empty); //TODO: Add support for cert, key, ca parameters