Library: NetSSL_OpenSSL
Package: SSLSockets
Header: Poco/Net/SecureSocketImpl.h
The SocketImpl for SecureStreamSocket.
Member Functions: abort, acceptConnection, acceptSSL, available, bind, close, completeHandshake, connect, connectNB, connectSSL, context, currentSession, getPeerHostName, handleError, isLocalHost, listen, peerCertificate, receiveBytes, reset, sendBytes, sessionWasReused, setPeerHostName, shutdown, sockfd, useSession, verifyPeerCertificate, verifyPeerCertificateImpl
SecureSocketImpl(
Poco::AutoPtr < SocketImpl > pSocketImpl,
Context::Ptr pContext
);
Creates the SecureSocketImpl using an already connected stream socket.
virtual ~SecureSocketImpl();
Destroys the SecureSocketImpl.
void abort();
Aborts the connection by closing the underlying TCP connection. No orderly SSL shutdown is performed.
SocketImpl * acceptConnection(
SocketAddress & clientAddr
);
Get the next completed connection from the socket's completed connection queue.
If the queue is empty, waits until a connection request completes.
Returns a new SSL socket for the connection with the client.
The client socket's address is returned in clientAddr.
int available() const;
Returns the number of bytes available from the SSL buffer for immediate reading.
void bind(
const SocketAddress & address,
bool reuseAddress = false
);
Bind a local address to the socket.
This is usually only done when establishing a server socket. SSL clients should not bind a socket to a specific address.
If reuseAddress is true, sets the SO_REUSEADDR socket option.
void close();
Close the socket.
int completeHandshake();
Completes the SSL handshake.
If the SSL connection was the result of an accept(), the server-side handshake is completed, otherwise a client-side handshake is performed.
void connect(
const SocketAddress & address,
bool performHandshake
);
Initializes the socket and establishes a secure connection to the TCP server at the given address.
If performHandshake is true, the SSL handshake is performed immediately after establishing the connection. Otherwise, the handshake is performed the first time sendBytes(), receiveBytes() or completeHandshake() is called.
void connect(
const SocketAddress & address,
const Poco::Timespan & timeout,
bool performHandshake
);
Initializes the socket, sets the socket timeout and establishes a secure connection to the TCP server at the given address.
If performHandshake is true, the SSL handshake is performed immediately after establishing the connection. Otherwise, the handshake is performed the first time sendBytes(), receiveBytes() or completeHandshake() is called.
void connectNB(
const SocketAddress & address
);
Initializes the socket and establishes a secure connection to the TCP server at the given address. Prior to opening the connection the socket is set to nonblocking mode.
Context::Ptr context() const;
Returns the SSL context used for this socket.
Session::Ptr currentSession();
Returns the SSL session of the current connection, for reuse in a future connection (if session caching is enabled).
If no connection is established, returns null.
const std::string & getPeerHostName() const;
Returns the peer host name.
void listen(
int backlog = 64
);
Puts the socket into listening state.
The socket becomes a passive socket that can accept incoming connection requests.
The backlog argument specifies the maximum number of connections that can be queued for this socket.
X509 * peerCertificate() const;
Returns the peer's certificate.
int receiveBytes(
void * buffer,
int length,
int flags = 0
);
Receives data from the socket and stores it in buffer. Up to length bytes are received.
Returns the number of bytes received.
int sendBytes(
const void * buffer,
int length,
int flags = 0
);
Sends the contents of the given buffer through the socket. Any specified flags are ignored.
Returns the number of bytes sent, which may be less than the number of bytes specified.
bool sessionWasReused();
Returns true if and only if a reused session was negotiated during the handshake.
void setPeerHostName(
const std::string & hostName
);
Sets the peer host name for certificate validation purposes.
void shutdown();
Shuts down the connection by attempting an orderly SSL shutdown, then actually shutting down the TCP connection.
int sockfd();
Returns the underlying socket descriptor.
void useSession(
Session::Ptr pSession
);
Sets the SSL session to use for the next connection. Setting a previously saved Session object is necessary to enable session caching.
To remove the currently set session, a null pointer can be given.
Must be called before connect() to be effective.
void verifyPeerCertificate();
Performs post-connect (or post-accept) peer certificate validation, using the peer host name set with setPeerHostName(), or the peer's IP address string if no peer host name has been set.
void verifyPeerCertificate(
const std::string & hostName
);
Performs post-connect (or post-accept) peer certificate validation using the given peer host name.
void acceptSSL();
Performs a server-side SSL handshake and certificate verification.
void connectSSL(
bool performHandshake
);
Performs a client-side SSL handshake and establishes a secure connection over an already existing TCP connection.
int handleError(
int rc
);
Handles an SSL error by throwing an appropriate exception.
static bool isLocalHost(
const std::string & hostName
);
Returns true if and only if the given host name is the local host (either "localhost" or "127.0.0.1").
void reset();
Prepares the socket for re-use.
After closing and resetting a socket, the socket can be used for a new connection.
Note that simply closing a socket is not sufficient to be able to re-use it again.
long verifyPeerCertificateImpl(
const std::string & hostName
);
Performs post-connect (or post-accept) peer certificate validation.