libs/corosio/src/corosio/src/tls/detail/context_impl.hpp

Line	Hits	Source Code
1		//
2		// Copyright (c) 2025 Vinnie Falco (vinnie dot falco at gmail dot com)
3		//
4		// Distributed under the Boost Software License, Version 1.0. (See accompanying
5		// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
6		//
7		// Official repository: https://github.com/cppalliance/corosio
8		//
9
10		#ifndef SRC_TLS_DETAIL_CONTEXT_IMPL_HPP
11		#define SRC_TLS_DETAIL_CONTEXT_IMPL_HPP
12
13		#include <boost/corosio/tls_context.hpp>
14
15		#include <functional>
16		#include <mutex>
17		#include <string>
18		#include <vector>
19
20		namespace boost::corosio {
21
22		namespace detail {
23
24		/** Abstract base for cached native SSL contexts.
25
26		Stored in context::impl as an intrusive linked list.
27		Each TLS backend derives from this to cache its native
28		context handle ( WOLFSSL_CTX, SSL_CTX, etc. ).
29		*/
30		class native_context_base
31		{
32		public:
33		native_context_base* next_ = nullptr;
34		void const* service_ = nullptr;
35
36		virtual ~native_context_base() = default;
37		};
38
39		struct tls_context_data
40		{
41		//--------------------------------------------
42		// Credentials
43
44		std::string entity_certificate;
45		tls_file_format entity_cert_format = tls_file_format::pem;
46		std::string certificate_chain;
47		std::string private_key;
48		tls_file_format private_key_format = tls_file_format::pem;
49
50		//--------------------------------------------
51		// Trust anchors
52
53		std::vector<std::string> ca_certificates;
54		std::vector<std::string> verify_paths;
55		bool use_default_verify_paths = false;
56
57		//--------------------------------------------
58		// Protocol settings
59
60		tls_version min_version = tls_version::tls_1_2;
61		tls_version max_version = tls_version::tls_1_3;
62		std::string ciphersuites;
63		std::vector<std::string> alpn_protocols;
64
65		//--------------------------------------------
66		// Verification
67
68		tls_verify_mode verification_mode = tls_verify_mode::none;
69		int verify_depth = 100;
70		std::string hostname;
71		std::function<bool( bool, void* )> verify_callback;
72
73		//--------------------------------------------
74		// SNI (Server Name Indication)
75
76		std::function<bool( std::string_view )> servername_callback;
77
78		//--------------------------------------------
79		// Revocation
80
81		std::vector<std::string> crls;
82		std::string ocsp_staple;
83		bool require_ocsp_staple = false;
84		tls_revocation_policy revocation = tls_revocation_policy::disabled;
85
86		//--------------------------------------------
87		// Password
88
89		std::function<std::string( std::size_t, tls_password_purpose )> password_callback;
90
91		//--------------------------------------------
92		// Cached native contexts (intrusive list)
93
94		mutable std::mutex native_contexts_mutex_;
95		mutable native_context_base* native_contexts_ = nullptr;
96
97		/** Find or insert a cached native context.
98
99		@param service The unique key for the backend.
100		@param create Factory function called if not found.
101
102		@return Pointer to the cached native context.
103		*/
104		template<typename Factory>
105		native_context_base*
106		find( void const* service, Factory&& create ) const
107		{
108		std::lock_guard<std::mutex> lock( native_contexts_mutex_ );
109
110		for( auto* p = native_contexts_; p; p = p->next_ )
111		if( p->service_ == service )
112		return p;
113
114		// Not found - create and prepend
115		auto* ctx = create();
116		ctx->service_ = service;
117		ctx->next_ = native_contexts_;
118		native_contexts_ = ctx;
119		return ctx;
120		}
121
122	✗	~tls_context_data()
123		{
124		// Clean up cached native contexts (no lock needed - destructor)
125	✗	while( native_contexts_ )
126		{
127	✗	auto* next = native_contexts_->next_;
128	✗	delete native_contexts_;
129	✗	native_contexts_ = next;
130		}
131	✗	}
132		};
133
134		} // namespace detail
135
136		//------------------------------------------------------------------------------
137
138		/** Implementation of tls_context.
139
140		Contains all portable TLS configuration data plus
141		cached native SSL contexts as an intrusive list.
142		*/
143		struct tls_context::impl : detail::tls_context_data
144		{
145		};
146
147		//------------------------------------------------------------------------------
148
149		namespace detail {
150
151		/** Return the TLS context data.
152
153		Provides read-only access to the portable configuration
154		stored in the context.
155
156		@param ctx The TLS context.
157
158		@return Reference to the context implementation.
159		*/
160		inline tls_context_data const&
161		get_tls_context_data( tls_context const& ctx ) noexcept
162		{
163		return *ctx.impl_;
164		}
165
166		} // namespace detail
167
168		} // namespace boost::corosio
169
170		#endif
171

1

//

2

3

//

4

// Distributed under the Boost Software License, Version 1.0. (See accompanying

5

// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)

6

//

7

// Official repository: https://github.com/cppalliance/corosio

8

//

9

10

#ifndef SRC_TLS_DETAIL_CONTEXT_IMPL_HPP

11

#define SRC_TLS_DETAIL_CONTEXT_IMPL_HPP

12

13

#include <boost/corosio/tls_context.hpp>

14

15

#include <functional>

16

#include <mutex>

17

#include <string>

18

#include <vector>

19

20

namespace boost::corosio {

21

22

namespace detail {

23

24

/** Abstract base for cached native SSL contexts.

25

26

Stored in context::impl as an intrusive linked list.

27

Each TLS backend derives from this to cache its native

28

context handle ( WOLFSSL_CTX*, SSL_CTX*, etc. ).

29

*/

30

class native_context_base

31

{

32

public:

33

native_context_base* next_ = nullptr;

34

void const* service_ = nullptr;

35

36

virtual ~native_context_base() = default;

37

};

38

39

struct tls_context_data

40

{

41

//--------------------------------------------

42

// Credentials

43

44

std::string entity_certificate;

45

tls_file_format entity_cert_format = tls_file_format::pem;

46

std::string certificate_chain;

47

std::string private_key;

48

tls_file_format private_key_format = tls_file_format::pem;

49

50

//--------------------------------------------

51

// Trust anchors

52

53

std::vector<std::string> ca_certificates;

54

std::vector<std::string> verify_paths;

55

bool use_default_verify_paths = false;

56

57

//--------------------------------------------

58

// Protocol settings

59

60

tls_version min_version = tls_version::tls_1_2;

61

tls_version max_version = tls_version::tls_1_3;

62

std::string ciphersuites;

63

std::vector<std::string> alpn_protocols;

64

65

//--------------------------------------------

66

// Verification

67

68

tls_verify_mode verification_mode = tls_verify_mode::none;

69

int verify_depth = 100;

70

std::string hostname;

71

std::function<bool( bool, void* )> verify_callback;

72

73

//--------------------------------------------

74

// SNI (Server Name Indication)

75

76

std::function<bool( std::string_view )> servername_callback;

77

78

//--------------------------------------------

79

// Revocation

80

81

std::vector<std::string> crls;

82

std::string ocsp_staple;

83

bool require_ocsp_staple = false;

84

tls_revocation_policy revocation = tls_revocation_policy::disabled;

85

86

//--------------------------------------------

87

// Password

88

89

std::function<std::string( std::size_t, tls_password_purpose )> password_callback;

90

91

//--------------------------------------------

92

// Cached native contexts (intrusive list)

93

94

mutable std::mutex native_contexts_mutex_;

95

mutable native_context_base* native_contexts_ = nullptr;

96

97

/** Find or insert a cached native context.

98

99

@param service The unique key for the backend.

100

@param create Factory function called if not found.

101

102

@return Pointer to the cached native context.

103

*/

104

template<typename Factory>

105

native_context_base*

106

find( void const* service, Factory&& create ) const

107

{

108

std::lock_guard<std::mutex> lock( native_contexts_mutex_ );

109

110

for( auto* p = native_contexts_; p; p = p->next_ )

111

if( p->service_ == service )

112

return p;

113

114

// Not found - create and prepend

115

auto* ctx = create();

116

ctx->service_ = service;

117

ctx->next_ = native_contexts_;

118

native_contexts_ = ctx;

119

return ctx;

120

}

121

122

✗

~tls_context_data()

123

{

124

// Clean up cached native contexts (no lock needed - destructor)

125

✗

while( native_contexts_ )

126

{

127

✗

auto* next = native_contexts_->next_;

128

✗

delete native_contexts_;

129

✗

native_contexts_ = next;

130

}

131

✗

}

132

};

133

134

} // namespace detail

135

136

//------------------------------------------------------------------------------

137

138

/** Implementation of tls_context.

139

140

Contains all portable TLS configuration data plus

141

cached native SSL contexts as an intrusive list.

142

*/

143

struct tls_context::impl : detail::tls_context_data

144

{

145

};

146

147

//------------------------------------------------------------------------------

148

149

namespace detail {

150

151

/** Return the TLS context data.

152

153

Provides read-only access to the portable configuration

154

stored in the context.

155

156

@param ctx The TLS context.

157

158

@return Reference to the context implementation.

159

*/

160

inline tls_context_data const&

161

get_tls_context_data( tls_context const& ctx ) noexcept

162

{

163

return *ctx.impl_;

164

}

165

166

} // namespace detail

167

168

} // namespace boost::corosio

169

170

#endif

171