Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implemented OpenSSL providers support #517

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

Implemented OpenSSL providers support #517

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 28 additions & 2 deletions include/mqtt/ssl_options.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,10 @@ class ssl_options
/** ALPN protocol list, in wire format */
std::basic_string<unsigned char> protos_;

/** OpenSSL provider name to be used if enabled. */
string providerName_;


/** Callbacks from the C library */
static int on_error(const char* str, size_t len, void* context);
static unsigned on_psk(
Expand Down Expand Up @@ -150,12 +154,14 @@ class ssl_options
* @param enableServerCertAuth True/False option to enable verification of
* the server certificate
* @param alpnProtos The ALPN protocols to try.
* @param providerName Name of the OpenSSL provider to use.
*/
ssl_options(
const string& trustStore, const string& keyStore, const string& privateKey,
const string& privateKeyPassword, const string& enabledCipherSuites,
bool enableServerCertAuth,
const std::vector<string> alpnProtos = std::vector<string>()
const std::vector<string> alpnProtos = std::vector<string>(),
const string& providerName = ""
);
/**
* Argument constructor.
Expand All @@ -174,12 +180,14 @@ class ssl_options
* @param enableServerCertAuth True/False option to enable verification
* of the server certificate
* @param alpnProtos The ALPN protocols to try.
* @param providerName Name of the OpenSSL provider to use.
*/
ssl_options(
const string& trustStore, const string& keyStore, const string& privateKey,
const string& privateKeyPassword, const string& caPath,
const string& enabledCipherSuites, bool enableServerCertAuth,
const std::vector<string> alpnProtos = std::vector<string>()
const std::vector<string> alpnProtos = std::vector<string>(),
const string& providerName = ""
);
/**
* Copy constructor.
Expand Down Expand Up @@ -360,6 +368,16 @@ class ssl_options
* @param protos The list of ALPN protocols to be negotiated.
*/
void set_alpn_protos(const std::vector<string>& protos);
/*
* Returns current provider name which is in use.
* @return string containing provider name.
*/
string get_provider_name() const { return providerName_; }
/**
* Sets the provider name to be used.
* @param name provider name to use
*/
void set_provider_name(const string& name);
};

/**
Expand Down Expand Up @@ -507,6 +525,14 @@ class ssl_options_builder
opts_.set_alpn_protos(protos);
return *this;
}
/**
* Sets the provider name
* @param name provider name
*/
auto provider_name(const string& name) -> self& {
opts_.set_provider_name(name);
return *this;
}
/**
* Finish building the options and return them.
* @return The option struct as built.
Expand Down
31 changes: 25 additions & 6 deletions src/ssl_options.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,13 +28,15 @@ namespace mqtt {
ssl_options::ssl_options(
const string& trustStore, const string& keyStore, const string& privateKey,
const string& privateKeyPassword, const string& enabledCipherSuites,
bool enableServerCertAuth, const std::vector<string> alpnProtos /*=std::vector<string>()*/
bool enableServerCertAuth, const std::vector<string> alpnProtos, /*=std::vector<string>()*/
const string& providerName
)
: trustStore_(trustStore),
keyStore_(keyStore),
privateKey_(privateKey),
privateKeyPassword_(privateKeyPassword),
enabledCipherSuites_(enabledCipherSuites)
enabledCipherSuites_(enabledCipherSuites),
providerName_(providerName)
{
set_alpn_protos(alpnProtos);
update_c_struct();
Expand All @@ -44,14 +46,16 @@ ssl_options::ssl_options(
ssl_options::ssl_options(
const string& trustStore, const string& keyStore, const string& privateKey,
const string& privateKeyPassword, const string& caPath, const string& enabledCipherSuites,
bool enableServerCertAuth, const std::vector<string> alpnProtos /*=std::vector<string>()*/
bool enableServerCertAuth, const std::vector<string> alpnProtos, /*=std::vector<string>()*/
const string& providerName
)
: trustStore_(trustStore),
keyStore_(keyStore),
privateKey_(privateKey),
privateKeyPassword_(privateKeyPassword),
caPath_(caPath),
enabledCipherSuites_(enabledCipherSuites)
enabledCipherSuites_(enabledCipherSuites),
providerName_(providerName)
{
set_alpn_protos(alpnProtos);
update_c_struct();
Expand All @@ -68,7 +72,8 @@ ssl_options::ssl_options(const ssl_options& other)
enabledCipherSuites_(other.enabledCipherSuites_),
errHandler_(other.errHandler_),
pskHandler_(other.pskHandler_),
protos_(other.protos_)
protos_(other.protos_),
providerName_(other.providerName_)
{
update_c_struct();
}
Expand All @@ -83,7 +88,8 @@ ssl_options::ssl_options(ssl_options&& other)
enabledCipherSuites_(std::move(other.enabledCipherSuites_)),
errHandler_(std::move(other.errHandler_)),
pskHandler_(std::move(other.pskHandler_)),
protos_(std::move(other.protos_))
protos_(std::move(other.protos_)),
providerName_(std::move(other.providerName_))
{
update_c_struct();
}
Expand Down Expand Up @@ -123,6 +129,11 @@ void ssl_options::update_c_struct()
opts_.protos = nullptr;
opts_.protos_len = 0;
}
if (!providerName_.empty()) {
opts_.providerName = c_str(providerName_);
} else {
opts_.providerName = nullptr;
}
}

// --------------------------------------------------------------------------
Expand Down Expand Up @@ -195,6 +206,7 @@ ssl_options& ssl_options::operator=(const ssl_options& rhs)
pskHandler_ = rhs.pskHandler_;

protos_ = rhs.protos_;
providerName_ = rhs.providerName_;

update_c_struct();
return *this;
Expand All @@ -218,6 +230,7 @@ ssl_options& ssl_options::operator=(ssl_options&& rhs)
pskHandler_ = std::move(rhs.pskHandler_);

protos_ = std::move(rhs.protos_);
providerName_ = std::move(rhs.providerName_);

update_c_struct();
return *this;
Expand Down Expand Up @@ -341,5 +354,11 @@ void ssl_options::set_alpn_protos(const std::vector<string>& protos)
}
}

void ssl_options::set_provider_name(const string& name)
{
providerName_ = name;
opts_.providerName = c_str(providerName_);
}

/////////////////////////////////////////////////////////////////////////////
} // namespace mqtt