Ark Server API (ASE) - Wiki
Loading...
Searching...
No Matches
Public Types | Public Member Functions | Static Public Member Functions | Public Attributes | Static Public Attributes | Protected Member Functions | Static Protected Member Functions | Private Member Functions | Static Private Member Functions | Private Attributes | Static Private Attributes | Friends | List of all members
Poco::Net::SSLManager Class Reference

#include <SSLManager.h>

+ Collaboration diagram for Poco::Net::SSLManager:

Public Types

using PrivateKeyPassphraseHandlerPtr = Poco::SharedPtr<PrivateKeyPassphraseHandler>
 
using InvalidCertificateHandlerPtr = Poco::SharedPtr<InvalidCertificateHandler>
 

Public Member Functions

void initializeServer (PrivateKeyPassphraseHandlerPtr ptrPassphraseHandler, InvalidCertificateHandlerPtr ptrCertificateHandler, Context::Ptr ptrContext)
 Returns the instance of the SSLManager singleton.
 
void initializeClient (PrivateKeyPassphraseHandlerPtr ptrPassphraseHandler, InvalidCertificateHandlerPtr ptrHandler, Context::Ptr ptrContext)
 
Context::Ptr defaultServerContext ()
 
Context::Ptr defaultClientContext ()
 
PrivateKeyPassphraseHandlerPtr serverPassphraseHandler ()
 
InvalidCertificateHandlerPtr serverCertificateHandler ()
 
PrivateKeyPassphraseHandlerPtr clientPassphraseHandler ()
 
InvalidCertificateHandlerPtr clientCertificateHandler ()
 
PrivateKeyFactoryMgrprivateKeyFactoryMgr ()
 
CertificateHandlerFactoryMgrcertificateHandlerFactoryMgr ()
 
void shutdown ()
 

Static Public Member Functions

static SSLManagerinstance ()
 
static bool isFIPSEnabled ()
 

Public Attributes

Poco::BasicEvent< VerificationErrorArgsServerVerificationError
 
Poco::BasicEvent< VerificationErrorArgsClientVerificationError
 Fired whenever a certificate verification error is detected by the server during a handshake.
 
Poco::BasicEvent< std::string > PrivateKeyPassphraseRequired
 Fired whenever a certificate verification error is detected by the client during a handshake.
 

Static Public Attributes

static const std::string CFG_SERVER_PREFIX
 
static const std::string CFG_CLIENT_PREFIX
 

Protected Member Functions

int contextIndex () const
 

Static Protected Member Functions

static int verifyClientCallback (int ok, X509_STORE_CTX *pStore)
 
static int verifyServerCallback (int ok, X509_STORE_CTX *pStore)
 
static int privateKeyPassphraseCallback (char *pBuf, int size, int flag, void *userData)
 
static int verifyOCSPResponseCallback (SSL *pSSL, void *arg)
 
static Poco::Util::AbstractConfigurationappConfig ()
 

Private Member Functions

 SSLManager ()
 
 ~SSLManager ()
 Creates the SSLManager.
 
void initDefaultContext (bool server)
 Destroys the SSLManager.
 
void initEvents (bool server)
 Inits the default context, the first time it is accessed.
 
void initPassphraseHandler (bool server)
 Registers delegates at the events according to the configuration.
 
void initCertificateHandler (bool server)
 Inits the passphrase handler.
 

Static Private Member Functions

static int verifyCallback (bool server, int ok, X509_STORE_CTX *pStore)
 Inits the certificate handler.
 

Private Attributes

PrivateKeyFactoryMgr _factoryMgr
 
CertificateHandlerFactoryMgr _certHandlerFactoryMgr
 
Context::Ptr _ptrDefaultServerContext
 
PrivateKeyPassphraseHandlerPtr _ptrServerPassphraseHandler
 
InvalidCertificateHandlerPtr _ptrServerCertificateHandler
 
Context::Ptr _ptrDefaultClientContext
 
PrivateKeyPassphraseHandlerPtr _ptrClientPassphraseHandler
 
InvalidCertificateHandlerPtr _ptrClientCertificateHandler
 
int _contextIndex
 
Poco::FastMutex _mutex
 

Static Private Attributes

static const std::string CFG_PRIV_KEY_FILE
 
static const std::string CFG_CERTIFICATE_FILE
 
static const std::string CFG_CA_LOCATION
 
static const std::string CFG_VER_MODE
 
static const Context::VerificationMode VAL_VER_MODE
 
static const std::string CFG_VER_DEPTH
 
static const int VAL_VER_DEPTH
 
static const std::string CFG_ENABLE_DEFAULT_CA
 
static const bool VAL_ENABLE_DEFAULT_CA
 
static const std::string CFG_CIPHER_LIST
 
static const std::string CFG_CYPHER_LIST
 
static const std::string VAL_CIPHER_LIST
 
static const std::string CFG_PREFER_SERVER_CIPHERS
 
static const std::string CFG_DELEGATE_HANDLER
 
static const std::string VAL_DELEGATE_HANDLER
 
static const std::string CFG_CERTIFICATE_HANDLER
 
static const std::string VAL_CERTIFICATE_HANDLER
 
static const std::string CFG_CACHE_SESSIONS
 
static const std::string CFG_SESSION_ID_CONTEXT
 
static const std::string CFG_SESSION_CACHE_SIZE
 
static const std::string CFG_SESSION_TIMEOUT
 
static const std::string CFG_EXTENDED_VERIFICATION
 
static const std::string CFG_REQUIRE_TLSV1
 
static const std::string CFG_REQUIRE_TLSV1_1
 
static const std::string CFG_REQUIRE_TLSV1_2
 
static const std::string CFG_REQUIRE_TLSV1_3
 
static const std::string CFG_DISABLE_PROTOCOLS
 
static const std::string CFG_DH_PARAMS_FILE
 
static const std::string CFG_ECDH_CURVE
 

Friends

class Poco::SingletonHolder< SSLManager >
 
class Context
 

Detailed Description

SSLManager is a singleton for holding the default server/client Context and handling callbacks for certificate verification errors and private key passphrases.

Proper initialization of SSLManager is critical.

SSLManager can be initialized manually, by calling initializeServer() and/or initializeClient(), or initialization can be automatic. In the latter case, a Poco::Util::Application instance must be available and the required configuration properties must be set (see below).

Note that manual initialization must happen very early in the application, before defaultClientContext() or defaultServerContext() are called.

If defaultClientContext() and defaultServerContext() are never called in an application, initialization of SSLManager can be omitted. However, in this case, delegates for the ServerVerificationError, ClientVerificationError and PrivateKeyPassphraseRequired events must be registered.

An exemplary documentation which sets either the server or client default context and creates a PrivateKeyPassphraseHandler that reads the password from the XML file looks like this:

<AppConfig> <openSSL> <server|client> <privateKeyFile>mycert.key</privateKeyFile> <certificateFile>mycert.crt</certificateFile> <caConfig>rootcert.pem</caConfig> <verificationMode>none|relaxed|strict|once</verificationMode> <verificationDepth>1..9</verificationDepth> <loadDefaultCAFile>true|false</loadDefaultCAFile> <cipherList>ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH</cipherList> <preferServerCiphers>true|false</preferServerCiphers> <privateKeyPassphraseHandler> <name>KeyFileHandler</name> <options> <password>test</password> </options> </privateKeyPassphraseHandler> <invalidCertificateHandler> <name>ConsoleCertificateHandler</name> </invalidCertificateHandler> <cacheSessions>true|false</cacheSessions> <sessionIdContext>someString</sessionIdContext> <sessionCacheSize>0..n</sessionCacheSize> <sessionTimeout>0..n</sessionTimeout> <extendedVerification>true|false</extendedVerification> <requireTLSv1>true|false</requireTLSv1> <requireTLSv1_1>true|false</requireTLSv1_1> <requireTLSv1_2>true|false</requireTLSv1_2> <requireTLSv1_3>true|false</requireTLSv1_3> <disableProtocols>sslv2,sslv3,tlsv1,tlsv1_1,tlsv1_2,tlsv1_3</disableProtocols> <dhParamsFile>dh.pem</dhParamsFile> <ecdhCurve>prime256v1</ecdhCurve> </server|client> <fips>false</fips> </openSSL> </AppConfig>

Following is a list of supported configuration properties. Property names must always be prefixed with openSSL.server or openSSL.client. Some properties are only supported for servers.

  • privateKeyFile (string): The path to the file containing the private key for the certificate in PEM format (or containing both the private key and the certificate).
  • certificateFile (string): The Path to the file containing the server's or client's certificate in PEM format. Can be omitted if the the file given in privateKeyFile contains the certificate as well.
  • caConfig (string): The path to the file or directory containing the trusted root certificates.
  • verificationMode (string): Specifies whether and how peer certificates are validated (see the Context class for details). Valid values are none, relaxed, strict, once.
  • verificationDepth (integer, 1-9): Sets the upper limit for verification chain sizes. Verification will fail if a certificate chain larger than this is encountered.
  • loadDefaultCAFile (boolean): Specifies whether the builtin CA certificates from OpenSSL are used.
  • cipherList (string): Specifies the supported ciphers in OpenSSL notation (e.g. "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH").
  • preferServerCiphers (bool): When choosing a cipher, use the server's preferences instead of the client preferences. When not called, the SSL server will always follow the clients preferences. When called, the SSL/TLS server will choose following its own preferences.
  • privateKeyPassphraseHandler.name (string): The name of the class (subclass of PrivateKeyPassphraseHandler) used for obtaining the passphrase for accessing the private key.
  • privateKeyPassphraseHandler.options.password (string): The password to be used by KeyFileHandler.
  • invalidCertificateHandler.name: The name of the class (subclass of CertificateHandler) used for confirming invalid certificates.
  • cacheSessions (boolean): Enables or disables session caching.
  • sessionIdContext (string): contains the application's unique session ID context, which becomes part of each session identifier generated by the server. Can be an arbitrary sequence of bytes with a maximum length of SSL_MAX_SSL_SESSION_ID_LENGTH. Should be specified for a server to enable session caching. Should be specified even if session caching is disabled to avoid problems with clients that request session caching (e.g. Firefox 3.6). If not specified, defaults to ${application.name}.
  • sessionCacheSize (integer): Sets the maximum size of the server session cache, in number of sessions. The default size (according to OpenSSL documentation) is 1024*20, which may be too large for many applications, especially on embedded platforms with limited memory. Specifying a size of 0 will set an unlimited cache size.
  • sessionTimeout (integer): Sets the timeout (in seconds) of cached sessions on the server.
  • extendedVerification (boolean): Enable or disable the automatic post-connection extended certificate verification.
  • requireTLSv1 (boolean): Require a TLSv1 connection.
  • requireTLSv1_1 (boolean): Require a TLSv1.1 connection.
  • requireTLSv1_2 (boolean): Require a TLSv1.2 connection.
  • requireTLSv1_3 (boolean): Require a TLSv1.3 connection
  • disableProtocols (string): A comma-separated list of protocols that should be disabled. Valid protocol names are sslv2, sslv3, tlsv1, tlsv1_1, tlsv1_2, tlsv1_3.
  • dhParamsFile (string): Specifies a file containing Diffie-Hellman parameters. If not specified or empty, the default parameters are used.
  • ecdhCurve (string): Specifies the name of the curve to use for ECDH, based on the curve names specified in RFC 4492. Defaults to "prime256v1".
  • fips: Enable or disable OpenSSL FIPS mode. Only supported if the OpenSSL version that this library is built against supports FIPS mode.

Please see the Context class documentation regarding TLSv1.3 support.

Definition at line 44 of file SSLManager.h.

Member Typedef Documentation

◆ InvalidCertificateHandlerPtr

using Poco::Net::SSLManager::InvalidCertificateHandlerPtr = Poco::SharedPtr<InvalidCertificateHandler>

Definition at line 161 of file SSLManager.h.

◆ PrivateKeyPassphraseHandlerPtr

using Poco::Net::SSLManager::PrivateKeyPassphraseHandlerPtr = Poco::SharedPtr<PrivateKeyPassphraseHandler>

Definition at line 160 of file SSLManager.h.

Constructor & Destructor Documentation

◆ SSLManager()

Poco::Net::SSLManager::SSLManager ( )
private

Returns the index for SSL_CTX_set_ex_data() and SSL_CTX_get_ex_data() to store the Context* in the underlying SSL_CTX.

◆ ~SSLManager()

Poco::Net::SSLManager::~SSLManager ( )
private

Creates the SSLManager.

Member Function Documentation

◆ appConfig()

static Poco::Util::AbstractConfiguration & Poco::Net::SSLManager::appConfig ( )
staticprotected

The return value of this method defines how errors in verification are handled. Return 0 to terminate the handshake, or 1 to continue despite the error.

◆ certificateHandlerFactoryMgr()

CertificateHandlerFactoryMgr & Poco::Net::SSLManager::certificateHandlerFactoryMgr ( )
inline

Returns the private key factory manager which stores the factories for the different registered passphrase handlers for private keys.

Definition at line 374 of file SSLManager.h.

◆ clientCertificateHandler()

InvalidCertificateHandlerPtr Poco::Net::SSLManager::clientCertificateHandler ( )

Returns the configured passphrase handler of the client. If none is set, the method will create a default one from an application configuration.

◆ clientPassphraseHandler()

PrivateKeyPassphraseHandlerPtr Poco::Net::SSLManager::clientPassphraseHandler ( )

Returns an initialized certificate handler (used by the server to verify client cert) which determines how invalid certificates are treated. If none is set, it will try to auto-initialize one from an application configuration.

◆ contextIndex()

int Poco::Net::SSLManager::contextIndex ( ) const
inlineprotected

Returns the application configuration.

Throws a InvalidStateException if not application instance is available.

Definition at line 402 of file SSLManager.h.

◆ defaultClientContext()

Context::Ptr Poco::Net::SSLManager::defaultClientContext ( )

Returns the default Context used by the server.

Unless initializeServer() has been called, the first call to this method initializes the default Context from the application configuration.

◆ defaultServerContext()

Context::Ptr Poco::Net::SSLManager::defaultServerContext ( )

Initializes the client side of the SSLManager with a default passphrase handler, a default invalid certificate handler and a default context. If this method is never called the SSLmanager will try to initialize its members from an application configuration.

PtrPassphraseHandler and ptrCertificateHandler can be 0. However, in this case, event delegates must be registered with the ClientVerificationError and PrivateKeyPassphraseRequired events.

Note: Always create the handlers (or register the corresponding event delegates) before creating the Context, as during creation of the Context the passphrase for the private key might be needed.

Valid initialization code would be: SharedPtr<PrivateKeyPassphraseHandler> pConsoleHandler = new KeyConsoleHandler; SharedPtr<InvalidCertificateHandler> pInvalidCertHandler = new ConsoleCertificateHandler; Context::Ptr pContext = new Context(Context::CLIENT_USE, "", "", "rootcert.pem", Context::VERIFY_RELAXED, 9, false, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"); SSLManager::instance().initializeClient(pConsoleHandler, pInvalidCertHandler, pContext);

◆ initCertificateHandler()

void Poco::Net::SSLManager::initCertificateHandler ( bool server)
private

Inits the passphrase handler.

◆ initDefaultContext()

void Poco::Net::SSLManager::initDefaultContext ( bool server)
private

Destroys the SSLManager.

◆ initEvents()

void Poco::Net::SSLManager::initEvents ( bool server)
private

Inits the default context, the first time it is accessed.

◆ initializeClient()

void Poco::Net::SSLManager::initializeClient ( PrivateKeyPassphraseHandlerPtr ptrPassphraseHandler,
InvalidCertificateHandlerPtr ptrHandler,
Context::Ptr ptrContext )

Initializes the server side of the SSLManager with a default passphrase handler, a default invalid certificate handler and a default context. If this method is never called the SSLmanager will try to initialize its members from an application configuration.

PtrPassphraseHandler and ptrCertificateHandler can be 0. However, in this case, event delegates must be registered with the ServerVerificationError and PrivateKeyPassphraseRequired events.

Note: Always create the handlers (or register the corresponding event delegates) before creating the Context, as during creation of the Context the passphrase for the private key might be needed.

Valid initialization code would be: SharedPtr<PrivateKeyPassphraseHandler> pConsoleHandler = new KeyConsoleHandler; SharedPtr<InvalidCertificateHandler> pInvalidCertHandler = new ConsoleCertificateHandler; Context::Ptr pContext = new Context(Context::SERVER_USE, "any.pem", "any.pem", "rootcert.pem", Context::VERIFY_RELAXED, 9, false, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"); SSLManager::instance().initializeServer(pConsoleHandler, pInvalidCertHandler, pContext);

◆ initializeServer()

void Poco::Net::SSLManager::initializeServer ( PrivateKeyPassphraseHandlerPtr ptrPassphraseHandler,
InvalidCertificateHandlerPtr ptrCertificateHandler,
Context::Ptr ptrContext )

Returns the instance of the SSLManager singleton.

◆ initPassphraseHandler()

void Poco::Net::SSLManager::initPassphraseHandler ( bool server)
private

Registers delegates at the events according to the configuration.

◆ instance()

static SSLManager & Poco::Net::SSLManager::instance ( )
static

Fired when a encrypted certificate is loaded. Not setting the password in the event parameter will result in a failure to load the certificate.

◆ isFIPSEnabled()

bool Poco::Net::SSLManager::isFIPSEnabled ( )
inlinestatic

Returns the CertificateHandlerFactoryMgr which stores the factories for the different registered certificate handlers.

Definition at line 380 of file SSLManager.h.

◆ privateKeyFactoryMgr()

PrivateKeyFactoryMgr & Poco::Net::SSLManager::privateKeyFactoryMgr ( )
inline

Returns an initialized certificate handler (used by the client to verify server cert) which determines how invalid certificates are treated. If none is set, it will try to auto-initialize one from an application configuration.

Definition at line 368 of file SSLManager.h.

◆ privateKeyPassphraseCallback()

static int Poco::Net::SSLManager::privateKeyPassphraseCallback ( char * pBuf,
int size,
int flag,
void * userData )
staticprotected

The return value of this method defines how errors in verification are handled. Return 0 to terminate the handshake, or 1 to continue despite the error.

◆ serverCertificateHandler()

InvalidCertificateHandlerPtr Poco::Net::SSLManager::serverCertificateHandler ( )

Returns the configured passphrase handler of the server. If none is set, the method will create a default one from an application configuration.

◆ serverPassphraseHandler()

PrivateKeyPassphraseHandlerPtr Poco::Net::SSLManager::serverPassphraseHandler ( )

Returns the default Context used by the client.

Unless initializeClient() has been called, the first call to this method initializes the default Context from the application configuration.

◆ shutdown()

void Poco::Net::SSLManager::shutdown ( )

◆ verifyCallback()

static int Poco::Net::SSLManager::verifyCallback ( bool server,
int ok,
X509_STORE_CTX * pStore )
staticprivate

Inits the certificate handler.

+ Here is the caller graph for this function:

◆ verifyClientCallback()

int Poco::Net::SSLManager::verifyClientCallback ( int ok,
X509_STORE_CTX * pStore )
inlinestaticprotected

Definition at line 396 of file SSLManager.h.

+ Here is the call graph for this function:

◆ verifyOCSPResponseCallback()

static int Poco::Net::SSLManager::verifyOCSPResponseCallback ( SSL * pSSL,
void * arg )
staticprotected

Method is invoked by OpenSSL to retrieve a passwd for an encrypted certificate. The request is delegated to the PrivatekeyPassword event. This method returns the length of the password.

◆ verifyServerCallback()

int Poco::Net::SSLManager::verifyServerCallback ( int ok,
X509_STORE_CTX * pStore )
inlinestaticprotected

The return value of this method defines how errors in verification are handled. Return 0 to terminate the handshake, or 1 to continue despite the error.

Definition at line 390 of file SSLManager.h.

+ Here is the call graph for this function:

Friends And Related Symbol Documentation

◆ Context

friend class Context
friend

Definition at line 361 of file SSLManager.h.

◆ Poco::SingletonHolder< SSLManager >

friend class Poco::SingletonHolder< SSLManager >
friend

Definition at line 353 of file SSLManager.h.

Member Data Documentation

◆ _certHandlerFactoryMgr

CertificateHandlerFactoryMgr Poco::Net::SSLManager::_certHandlerFactoryMgr
private

Definition at line 315 of file SSLManager.h.

◆ _contextIndex

int Poco::Net::SSLManager::_contextIndex
private

Definition at line 322 of file SSLManager.h.

◆ _factoryMgr

PrivateKeyFactoryMgr Poco::Net::SSLManager::_factoryMgr
private

The return value of this method defines how errors in verification are handled. Return 0 to terminate the handshake, or 1 to continue despite the error.

Definition at line 314 of file SSLManager.h.

◆ _mutex

Poco::FastMutex Poco::Net::SSLManager::_mutex
private

Definition at line 323 of file SSLManager.h.

◆ _ptrClientCertificateHandler

InvalidCertificateHandlerPtr Poco::Net::SSLManager::_ptrClientCertificateHandler
private

Definition at line 321 of file SSLManager.h.

◆ _ptrClientPassphraseHandler

PrivateKeyPassphraseHandlerPtr Poco::Net::SSLManager::_ptrClientPassphraseHandler
private

Definition at line 320 of file SSLManager.h.

◆ _ptrDefaultClientContext

Context::Ptr Poco::Net::SSLManager::_ptrDefaultClientContext
private

Definition at line 319 of file SSLManager.h.

◆ _ptrDefaultServerContext

Context::Ptr Poco::Net::SSLManager::_ptrDefaultServerContext
private

Definition at line 316 of file SSLManager.h.

◆ _ptrServerCertificateHandler

InvalidCertificateHandlerPtr Poco::Net::SSLManager::_ptrServerCertificateHandler
private

Definition at line 318 of file SSLManager.h.

◆ _ptrServerPassphraseHandler

PrivateKeyPassphraseHandlerPtr Poco::Net::SSLManager::_ptrServerPassphraseHandler
private

Definition at line 317 of file SSLManager.h.

◆ CFG_CA_LOCATION

const std::string Poco::Net::SSLManager::CFG_CA_LOCATION
staticprivate

Definition at line 327 of file SSLManager.h.

◆ CFG_CACHE_SESSIONS

const std::string Poco::Net::SSLManager::CFG_CACHE_SESSIONS
staticprivate

Definition at line 342 of file SSLManager.h.

◆ CFG_CERTIFICATE_FILE

const std::string Poco::Net::SSLManager::CFG_CERTIFICATE_FILE
staticprivate

Definition at line 326 of file SSLManager.h.

◆ CFG_CERTIFICATE_HANDLER

const std::string Poco::Net::SSLManager::CFG_CERTIFICATE_HANDLER
staticprivate

Definition at line 340 of file SSLManager.h.

◆ CFG_CIPHER_LIST

const std::string Poco::Net::SSLManager::CFG_CIPHER_LIST
staticprivate

Definition at line 334 of file SSLManager.h.

◆ CFG_CLIENT_PREFIX

const std::string Poco::Net::SSLManager::CFG_CLIENT_PREFIX
static

Definition at line 257 of file SSLManager.h.

◆ CFG_CYPHER_LIST

const std::string Poco::Net::SSLManager::CFG_CYPHER_LIST
staticprivate

Definition at line 335 of file SSLManager.h.

◆ CFG_DELEGATE_HANDLER

const std::string Poco::Net::SSLManager::CFG_DELEGATE_HANDLER
staticprivate

Definition at line 338 of file SSLManager.h.

◆ CFG_DH_PARAMS_FILE

const std::string Poco::Net::SSLManager::CFG_DH_PARAMS_FILE
staticprivate

Definition at line 352 of file SSLManager.h.

◆ CFG_DISABLE_PROTOCOLS

const std::string Poco::Net::SSLManager::CFG_DISABLE_PROTOCOLS
staticprivate

Definition at line 351 of file SSLManager.h.

◆ CFG_ECDH_CURVE

const std::string Poco::Net::SSLManager::CFG_ECDH_CURVE
staticprivate

Definition at line 353 of file SSLManager.h.

◆ CFG_ENABLE_DEFAULT_CA

const std::string Poco::Net::SSLManager::CFG_ENABLE_DEFAULT_CA
staticprivate

Definition at line 332 of file SSLManager.h.

◆ CFG_EXTENDED_VERIFICATION

const std::string Poco::Net::SSLManager::CFG_EXTENDED_VERIFICATION
staticprivate

Definition at line 346 of file SSLManager.h.

◆ CFG_PREFER_SERVER_CIPHERS

const std::string Poco::Net::SSLManager::CFG_PREFER_SERVER_CIPHERS
staticprivate

Definition at line 337 of file SSLManager.h.

◆ CFG_PRIV_KEY_FILE

const std::string Poco::Net::SSLManager::CFG_PRIV_KEY_FILE
staticprivate

Definition at line 325 of file SSLManager.h.

◆ CFG_REQUIRE_TLSV1

const std::string Poco::Net::SSLManager::CFG_REQUIRE_TLSV1
staticprivate

Definition at line 347 of file SSLManager.h.

◆ CFG_REQUIRE_TLSV1_1

const std::string Poco::Net::SSLManager::CFG_REQUIRE_TLSV1_1
staticprivate

Definition at line 348 of file SSLManager.h.

◆ CFG_REQUIRE_TLSV1_2

const std::string Poco::Net::SSLManager::CFG_REQUIRE_TLSV1_2
staticprivate

Definition at line 349 of file SSLManager.h.

◆ CFG_REQUIRE_TLSV1_3

const std::string Poco::Net::SSLManager::CFG_REQUIRE_TLSV1_3
staticprivate

Definition at line 350 of file SSLManager.h.

◆ CFG_SERVER_PREFIX

const std::string Poco::Net::SSLManager::CFG_SERVER_PREFIX
static

Shuts down the SSLManager and releases the default Context objects. After a call to shutdown(), the SSLManager can no longer be used.

Normally, it's not necessary to call this method directly, as this will be called either by uninitializeSSL(), or when the SSLManager instance is destroyed.

Definition at line 256 of file SSLManager.h.

◆ CFG_SESSION_CACHE_SIZE

const std::string Poco::Net::SSLManager::CFG_SESSION_CACHE_SIZE
staticprivate

Definition at line 344 of file SSLManager.h.

◆ CFG_SESSION_ID_CONTEXT

const std::string Poco::Net::SSLManager::CFG_SESSION_ID_CONTEXT
staticprivate

Definition at line 343 of file SSLManager.h.

◆ CFG_SESSION_TIMEOUT

const std::string Poco::Net::SSLManager::CFG_SESSION_TIMEOUT
staticprivate

Definition at line 345 of file SSLManager.h.

◆ CFG_VER_DEPTH

const std::string Poco::Net::SSLManager::CFG_VER_DEPTH
staticprivate

Definition at line 330 of file SSLManager.h.

◆ CFG_VER_MODE

const std::string Poco::Net::SSLManager::CFG_VER_MODE
staticprivate

Definition at line 328 of file SSLManager.h.

◆ ClientVerificationError

Poco::BasicEvent<VerificationErrorArgs> Poco::Net::SSLManager::ClientVerificationError

Fired whenever a certificate verification error is detected by the server during a handshake.

Definition at line 166 of file SSLManager.h.

◆ PrivateKeyPassphraseRequired

Poco::BasicEvent<std::string> Poco::Net::SSLManager::PrivateKeyPassphraseRequired

Fired whenever a certificate verification error is detected by the client during a handshake.

Definition at line 169 of file SSLManager.h.

◆ ServerVerificationError

Poco::BasicEvent<VerificationErrorArgs> Poco::Net::SSLManager::ServerVerificationError

Definition at line 163 of file SSLManager.h.

◆ VAL_CERTIFICATE_HANDLER

const std::string Poco::Net::SSLManager::VAL_CERTIFICATE_HANDLER
staticprivate

Definition at line 341 of file SSLManager.h.

◆ VAL_CIPHER_LIST

const std::string Poco::Net::SSLManager::VAL_CIPHER_LIST
staticprivate

Definition at line 336 of file SSLManager.h.

◆ VAL_DELEGATE_HANDLER

const std::string Poco::Net::SSLManager::VAL_DELEGATE_HANDLER
staticprivate

Definition at line 339 of file SSLManager.h.

◆ VAL_ENABLE_DEFAULT_CA

const bool Poco::Net::SSLManager::VAL_ENABLE_DEFAULT_CA
staticprivate

Definition at line 333 of file SSLManager.h.

◆ VAL_VER_DEPTH

const int Poco::Net::SSLManager::VAL_VER_DEPTH
staticprivate

Definition at line 331 of file SSLManager.h.

◆ VAL_VER_MODE

const Context::VerificationMode Poco::Net::SSLManager::VAL_VER_MODE
staticprivate

Definition at line 329 of file SSLManager.h.

The documentation for this class was generated from the following file: