mirror of https://github.com/Icinga/icinga2.git
Replace std::shared_ptr<boost::asio::ssl::context> with Shared<boost::asio::ssl::context>::Ptr
This commit is contained in:
parent
a1fef92835
commit
ba1ce9c853
|
@ -58,7 +58,7 @@ void InitializeOpenSSL()
|
||||||
l_SSLInitialized = true;
|
l_SSLInitialized = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
static void SetupSslContext(const std::shared_ptr<boost::asio::ssl::context>& context, const String& pubkey, const String& privkey, const String& cakey)
|
static void SetupSslContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& pubkey, const String& privkey, const String& cakey)
|
||||||
{
|
{
|
||||||
char errbuf[256];
|
char errbuf[256];
|
||||||
|
|
||||||
|
@ -156,13 +156,13 @@ static void SetupSslContext(const std::shared_ptr<boost::asio::ssl::context>& co
|
||||||
* @param cakey CA certificate chain file.
|
* @param cakey CA certificate chain file.
|
||||||
* @returns An SSL context.
|
* @returns An SSL context.
|
||||||
*/
|
*/
|
||||||
std::shared_ptr<boost::asio::ssl::context> MakeAsioSslContext(const String& pubkey, const String& privkey, const String& cakey)
|
Shared<boost::asio::ssl::context>::Ptr MakeAsioSslContext(const String& pubkey, const String& privkey, const String& cakey)
|
||||||
{
|
{
|
||||||
namespace ssl = boost::asio::ssl;
|
namespace ssl = boost::asio::ssl;
|
||||||
|
|
||||||
InitializeOpenSSL();
|
InitializeOpenSSL();
|
||||||
|
|
||||||
auto context (std::make_shared<ssl::context>(ssl::context::tlsv12));
|
auto context (Shared<ssl::context>::Make(ssl::context::tlsv12));
|
||||||
|
|
||||||
SetupSslContext(context, pubkey, privkey, cakey);
|
SetupSslContext(context, pubkey, privkey, cakey);
|
||||||
|
|
||||||
|
@ -174,7 +174,7 @@ std::shared_ptr<boost::asio::ssl::context> MakeAsioSslContext(const String& pubk
|
||||||
* @param context The ssl context.
|
* @param context The ssl context.
|
||||||
* @param cipherList The ciper list.
|
* @param cipherList The ciper list.
|
||||||
**/
|
**/
|
||||||
void SetCipherListToSSLContext(const std::shared_ptr<boost::asio::ssl::context>& context, const String& cipherList)
|
void SetCipherListToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& cipherList)
|
||||||
{
|
{
|
||||||
char errbuf[256];
|
char errbuf[256];
|
||||||
|
|
||||||
|
@ -215,7 +215,7 @@ void SetCipherListToSSLContext(const std::shared_ptr<boost::asio::ssl::context>&
|
||||||
* @param context The ssl context.
|
* @param context The ssl context.
|
||||||
* @param tlsProtocolmin The minimum TLS protocol version.
|
* @param tlsProtocolmin The minimum TLS protocol version.
|
||||||
*/
|
*/
|
||||||
void SetTlsProtocolminToSSLContext(const std::shared_ptr<boost::asio::ssl::context>& context, const String& tlsProtocolmin)
|
void SetTlsProtocolminToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& tlsProtocolmin)
|
||||||
{
|
{
|
||||||
// tlsProtocolmin has no effect since we enforce TLS 1.2 since 2.11.
|
// tlsProtocolmin has no effect since we enforce TLS 1.2 since 2.11.
|
||||||
/*
|
/*
|
||||||
|
@ -235,7 +235,7 @@ void SetTlsProtocolminToSSLContext(const std::shared_ptr<boost::asio::ssl::conte
|
||||||
* @param context The SSL context.
|
* @param context The SSL context.
|
||||||
* @param crlPath The path to the CRL file.
|
* @param crlPath The path to the CRL file.
|
||||||
*/
|
*/
|
||||||
void AddCRLToSSLContext(const std::shared_ptr<boost::asio::ssl::context>& context, const String& crlPath)
|
void AddCRLToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& crlPath)
|
||||||
{
|
{
|
||||||
char errbuf[256];
|
char errbuf[256];
|
||||||
X509_STORE *x509_store = SSL_CTX_get_cert_store(context->native_handle());
|
X509_STORE *x509_store = SSL_CTX_get_cert_store(context->native_handle());
|
||||||
|
|
|
@ -5,6 +5,7 @@
|
||||||
|
|
||||||
#include "base/i2-base.hpp"
|
#include "base/i2-base.hpp"
|
||||||
#include "base/object.hpp"
|
#include "base/object.hpp"
|
||||||
|
#include "base/shared.hpp"
|
||||||
#include "base/string.hpp"
|
#include "base/string.hpp"
|
||||||
#include <openssl/ssl.h>
|
#include <openssl/ssl.h>
|
||||||
#include <openssl/bio.h>
|
#include <openssl/bio.h>
|
||||||
|
@ -22,10 +23,10 @@ namespace icinga
|
||||||
|
|
||||||
void InitializeOpenSSL();
|
void InitializeOpenSSL();
|
||||||
|
|
||||||
std::shared_ptr<boost::asio::ssl::context> MakeAsioSslContext(const String& pubkey = String(), const String& privkey = String(), const String& cakey = String());
|
Shared<boost::asio::ssl::context>::Ptr MakeAsioSslContext(const String& pubkey = String(), const String& privkey = String(), const String& cakey = String());
|
||||||
void AddCRLToSSLContext(const std::shared_ptr<boost::asio::ssl::context>& context, const String& crlPath);
|
void AddCRLToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& crlPath);
|
||||||
void SetCipherListToSSLContext(const std::shared_ptr<boost::asio::ssl::context>& context, const String& cipherList);
|
void SetCipherListToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& cipherList);
|
||||||
void SetTlsProtocolminToSSLContext(const std::shared_ptr<boost::asio::ssl::context>& context, const String& tlsProtocolmin);
|
void SetTlsProtocolminToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& tlsProtocolmin);
|
||||||
|
|
||||||
String GetCertificateCN(const std::shared_ptr<X509>& certificate);
|
String GetCertificateCN(const std::shared_ptr<X509>& certificate);
|
||||||
std::shared_ptr<X509> GetX509Certificate(const String& pemfile);
|
std::shared_ptr<X509> GetX509Certificate(const String& pemfile);
|
||||||
|
|
|
@ -524,7 +524,7 @@ incomplete:
|
||||||
*/
|
*/
|
||||||
Shared<AsioTlsStream>::Ptr ConsoleCommand::Connect()
|
Shared<AsioTlsStream>::Ptr ConsoleCommand::Connect()
|
||||||
{
|
{
|
||||||
std::shared_ptr<boost::asio::ssl::context> sslContext;
|
Shared<boost::asio::ssl::context>::Ptr sslContext;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
sslContext = MakeAsioSslContext(Empty, Empty, Empty); //TODO: Add support for cert, key, ca parameters
|
sslContext = MakeAsioSslContext(Empty, Empty, Empty); //TODO: Add support for cert, key, ca parameters
|
||||||
|
|
|
@ -588,7 +588,7 @@ OptionalTlsStream ElasticsearchWriter::Connect()
|
||||||
bool tls = GetEnableTls();
|
bool tls = GetEnableTls();
|
||||||
|
|
||||||
if (tls) {
|
if (tls) {
|
||||||
std::shared_ptr<boost::asio::ssl::context> sslContext;
|
Shared<boost::asio::ssl::context>::Ptr sslContext;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
sslContext = MakeAsioSslContext(GetCertPath(), GetKeyPath(), GetCaPath());
|
sslContext = MakeAsioSslContext(GetCertPath(), GetKeyPath(), GetCaPath());
|
||||||
|
|
|
@ -163,7 +163,7 @@ void GelfWriter::ReconnectInternal()
|
||||||
bool ssl = GetEnableTls();
|
bool ssl = GetEnableTls();
|
||||||
|
|
||||||
if (ssl) {
|
if (ssl) {
|
||||||
std::shared_ptr<boost::asio::ssl::context> sslContext;
|
Shared<boost::asio::ssl::context>::Ptr sslContext;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
sslContext = MakeAsioSslContext(GetCertPath(), GetKeyPath(), GetCaPath());
|
sslContext = MakeAsioSslContext(GetCertPath(), GetKeyPath(), GetCaPath());
|
||||||
|
|
|
@ -177,7 +177,7 @@ OptionalTlsStream InfluxdbWriter::Connect()
|
||||||
bool ssl = GetSslEnable();
|
bool ssl = GetSslEnable();
|
||||||
|
|
||||||
if (ssl) {
|
if (ssl) {
|
||||||
std::shared_ptr<boost::asio::ssl::context> sslContext;
|
Shared<boost::asio::ssl::context>::Ptr sslContext;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
sslContext = MakeAsioSslContext(GetSslCert(), GetSslKey(), GetSslCaCert());
|
sslContext = MakeAsioSslContext(GetSslCert(), GetSslKey(), GetSslCaCert());
|
||||||
|
|
|
@ -178,7 +178,7 @@ void ApiListener::UpdateSSLContext()
|
||||||
{
|
{
|
||||||
namespace ssl = boost::asio::ssl;
|
namespace ssl = boost::asio::ssl;
|
||||||
|
|
||||||
std::shared_ptr<ssl::context> context;
|
Shared<ssl::context>::Ptr context;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
context = MakeAsioSslContext(GetDefaultCertPath(), GetDefaultKeyPath(), GetDefaultCaPath());
|
context = MakeAsioSslContext(GetDefaultCertPath(), GetDefaultKeyPath(), GetDefaultCaPath());
|
||||||
|
@ -423,7 +423,7 @@ bool ApiListener::AddListener(const String& node, const String& service)
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
void ApiListener::ListenerCoroutineProc(boost::asio::yield_context yc, const Shared<boost::asio::ip::tcp::acceptor>::Ptr& server, const std::shared_ptr<boost::asio::ssl::context>& sslContext)
|
void ApiListener::ListenerCoroutineProc(boost::asio::yield_context yc, const Shared<boost::asio::ip::tcp::acceptor>::Ptr& server, const Shared<boost::asio::ssl::context>::Ptr& sslContext)
|
||||||
{
|
{
|
||||||
namespace asio = boost::asio;
|
namespace asio = boost::asio;
|
||||||
|
|
||||||
|
|
|
@ -125,7 +125,7 @@ protected:
|
||||||
void ValidateTlsHandshakeTimeout(const Lazy<double>& lvalue, const ValidationUtils& utils) override;
|
void ValidateTlsHandshakeTimeout(const Lazy<double>& lvalue, const ValidationUtils& utils) override;
|
||||||
|
|
||||||
private:
|
private:
|
||||||
std::shared_ptr<boost::asio::ssl::context> m_SSLContext;
|
Shared<boost::asio::ssl::context>::Ptr m_SSLContext;
|
||||||
|
|
||||||
mutable boost::mutex m_AnonymousClientsLock;
|
mutable boost::mutex m_AnonymousClientsLock;
|
||||||
mutable boost::mutex m_HttpClientsLock;
|
mutable boost::mutex m_HttpClientsLock;
|
||||||
|
@ -153,7 +153,7 @@ private:
|
||||||
|
|
||||||
void NewClientHandler(boost::asio::yield_context yc, const Shared<AsioTlsStream>::Ptr& client, const String& hostname, ConnectionRole role);
|
void NewClientHandler(boost::asio::yield_context yc, const Shared<AsioTlsStream>::Ptr& client, const String& hostname, ConnectionRole role);
|
||||||
void NewClientHandlerInternal(boost::asio::yield_context yc, const Shared<AsioTlsStream>::Ptr& client, const String& hostname, ConnectionRole role);
|
void NewClientHandlerInternal(boost::asio::yield_context yc, const Shared<AsioTlsStream>::Ptr& client, const String& hostname, ConnectionRole role);
|
||||||
void ListenerCoroutineProc(boost::asio::yield_context yc, const Shared<boost::asio::ip::tcp::acceptor>::Ptr& server, const std::shared_ptr<boost::asio::ssl::context>& sslContext);
|
void ListenerCoroutineProc(boost::asio::yield_context yc, const Shared<boost::asio::ip::tcp::acceptor>::Ptr& server, const Shared<boost::asio::ssl::context>::Ptr& sslContext);
|
||||||
|
|
||||||
WorkQueue m_RelayQueue;
|
WorkQueue m_RelayQueue;
|
||||||
WorkQueue m_SyncQueue{0, 4};
|
WorkQueue m_SyncQueue{0, 4};
|
||||||
|
|
|
@ -81,7 +81,7 @@ int PkiUtility::SignCsr(const String& csrfile, const String& certfile)
|
||||||
|
|
||||||
std::shared_ptr<X509> PkiUtility::FetchCert(const String& host, const String& port)
|
std::shared_ptr<X509> PkiUtility::FetchCert(const String& host, const String& port)
|
||||||
{
|
{
|
||||||
std::shared_ptr<boost::asio::ssl::context> sslContext;
|
Shared<boost::asio::ssl::context>::Ptr sslContext;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
sslContext = MakeAsioSslContext();
|
sslContext = MakeAsioSslContext();
|
||||||
|
@ -149,7 +149,7 @@ int PkiUtility::GenTicket(const String& cn, const String& salt, std::ostream& ti
|
||||||
int PkiUtility::RequestCertificate(const String& host, const String& port, const String& keyfile,
|
int PkiUtility::RequestCertificate(const String& host, const String& port, const String& keyfile,
|
||||||
const String& certfile, const String& cafile, const std::shared_ptr<X509>& trustedCert, const String& ticket)
|
const String& certfile, const String& cafile, const std::shared_ptr<X509>& trustedCert, const String& ticket)
|
||||||
{
|
{
|
||||||
std::shared_ptr<boost::asio::ssl::context> sslContext;
|
Shared<boost::asio::ssl::context>::Ptr sslContext;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
sslContext = MakeAsioSslContext(certfile, keyfile);
|
sslContext = MakeAsioSslContext(certfile, keyfile);
|
||||||
|
|
|
@ -176,7 +176,7 @@ static int FormatOutput(const Dictionary::Ptr& result)
|
||||||
*/
|
*/
|
||||||
static Shared<AsioTlsStream>::Ptr Connect(const String& host, const String& port)
|
static Shared<AsioTlsStream>::Ptr Connect(const String& host, const String& port)
|
||||||
{
|
{
|
||||||
std::shared_ptr<boost::asio::ssl::context> sslContext;
|
Shared<boost::asio::ssl::context>::Ptr sslContext;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
sslContext = MakeAsioSslContext(Empty, Empty, Empty); //TODO: Add support for cert, key, ca parameters
|
sslContext = MakeAsioSslContext(Empty, Empty, Empty); //TODO: Add support for cert, key, ca parameters
|
||||||
|
|
Loading…
Reference in New Issue