aboutsummaryrefslogtreecommitdiffstats
path: root/library/cpp/openssl/io/stream.h
blob: be1837618c3dcb98ee73f10db9103eb8594507cf (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

#pragma once 
 
#include <util/generic/maybe.h>
#include <util/generic/ptr.h> 
#include <util/stream/input.h>
#include <util/stream/output.h>
 
class TOpenSslClientIO: public IInputStream, public IOutputStream {
public: 
    struct TOptions { 
        struct TVerifyCert {
            // Uses builtin certs.
            // Also uses default CA path /etc/ssl/certs/ - can be provided with debian package: ca-certificates.deb.
            // It can be expanded with ENV: SSL_CERT_DIR.
            TString Hostname_;
        };
        struct TClientCert {
            TString CertificateFile_;
            TString PrivateKeyFile_;
            TString PrivateKeyPassword_;
        };

        TMaybe<TVerifyCert> VerifyCert_;
        TMaybe<TClientCert> ClientCert_;
        // TODO - keys, cyphers, etc 
    }; 
 
    TOpenSslClientIO(IInputStream* in, IOutputStream* out);
    TOpenSslClientIO(IInputStream* in, IOutputStream* out, const TOptions& options);
    ~TOpenSslClientIO() override;
 
private: 
    void DoWrite(const void* buf, size_t len) override;
    size_t DoRead(void* buf, size_t len) override;
 
private: 
    struct TImpl; 
    THolder<TImpl> Impl_; 
}; 

struct x509_store_st;

namespace NPrivate {
    struct TSslDestroy {
        static void Destroy(x509_store_st* x509) noexcept;
    };
}

using TOpenSslX509StorePtr = THolder<x509_store_st, NPrivate::TSslDestroy>;
TOpenSslX509StorePtr GetBuiltinOpenSslX509Store();
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 00:46:34 +0000