aboutsummaryrefslogtreecommitdiffstats
path: root/src/ssl
diff options
context:
space:
mode:
Diffstat (limited to 'src/ssl')
-rw-r--r--src/ssl/tls_client.cpp40
-rw-r--r--src/ssl/tls_client.h31
2 files changed, 28 insertions, 43 deletions
diff --git a/src/ssl/tls_client.cpp b/src/ssl/tls_client.cpp
index 8c3d4db99..505b2c22a 100644
--- a/src/ssl/tls_client.cpp
+++ b/src/ssl/tls_client.cpp
@@ -81,34 +81,22 @@ void client_check_state(Handshake_Type new_msg, Handshake_State* state)
/**
* TLS Client Constructor
*/
-TLS_Client::TLS_Client(const TLS_Policy& pol,
- RandomNumberGenerator& r,
- Socket& sock) :
- policy(pol),
- rng(r),
- peer(sock),
- writer(std::tr1::bind(&Socket::write, std::tr1::ref(peer), _1, _2))
+TLS_Client::TLS_Client(std::tr1::function<size_t (byte[], size_t)> input_fn,
+ std::tr1::function<void (const byte[], size_t)> output_fn,
+ const TLS_Policy& policy,
+ RandomNumberGenerator& rng) :
+ input_fn(input_fn),
+ policy(policy),
+ rng(rng),
+ writer(output_fn)
{
initialize();
}
-/**
-* TLS Client Constructor
-*/
-TLS_Client::TLS_Client(const TLS_Policy& pol,
- RandomNumberGenerator& r,
- Socket& sock,
- const X509_Certificate& cert,
- const Private_Key& key) :
- policy(pol),
- rng(r),
- peer(sock),
- writer(std::tr1::bind(&Socket::write, std::tr1::ref(peer), _1, _2))
+void TLS_Client::add_client_cert(const X509_Certificate& cert,
+ Private_Key* cert_key)
{
- certs.push_back(cert);
- keys.push_back(PKCS8::copy_key(key, rng));
-
- initialize();
+ certs.push_back(std::make_pair(cert, cert_key));
}
/**
@@ -117,8 +105,8 @@ TLS_Client::TLS_Client(const TLS_Policy& pol,
TLS_Client::~TLS_Client()
{
close();
- for(size_t i = 0; i != keys.size(); i++)
- delete keys[i];
+ for(size_t i = 0; i != certs.size(); i++)
+ delete certs[i].second;
delete state;
}
@@ -258,7 +246,7 @@ void TLS_Client::state_machine()
while(bytes_needed)
{
size_t to_get = std::min<size_t>(record.size(), bytes_needed);
- size_t got = peer.read(&record[0], to_get);
+ size_t got = input_fn(&record[0], to_get);
if(got == 0)
{
diff --git a/src/ssl/tls_client.h b/src/ssl/tls_client.h
index 1b9c361fe..913a87e50 100644
--- a/src/ssl/tls_client.h
+++ b/src/ssl/tls_client.h
@@ -11,7 +11,6 @@
#include <botan/tls_connection.h>
#include <botan/tls_policy.h>
#include <botan/tls_record.h>
-#include <botan/socket.h>
#include <vector>
#include <string>
@@ -20,34 +19,31 @@ namespace Botan {
/**
* TLS Client
*/
-
-// FIXME: much of this can probably be moved up to TLS_Connection
class BOTAN_DLL TLS_Client : public TLS_Connection
{
public:
size_t read(byte buf[], size_t buf_len);
void write(const byte buf[], size_t buf_len);
- std::vector<X509_Certificate> peer_cert_chain() const;
-
void close();
bool is_closed() const;
- TLS_Client(const TLS_Policy& policy,
- RandomNumberGenerator& rng,
- Socket& peer);
+ std::vector<X509_Certificate> peer_cert_chain() const;
- // FIXME: support multiple/arbitrary # of cert/key pairs
- TLS_Client(const TLS_Policy& policy,
- RandomNumberGenerator& rng,
- Socket& peer,
- const X509_Certificate& cert,
- const Private_Key& cert_key);
+ void add_client_cert(const X509_Certificate& cert,
+ Private_Key* cert_key);
+
+ TLS_Client(std::tr1::function<size_t (byte[], size_t)> input_fn,
+ std::tr1::function<void (const byte[], size_t)> output_fn,
+ const TLS_Policy& policy,
+ RandomNumberGenerator& rng);
~TLS_Client();
private:
void close(Alert_Level, Alert_Type);
+ size_t get_pending_socket_input(byte output[], size_t length);
+
void initialize();
void do_handshake();
@@ -55,15 +51,16 @@ class BOTAN_DLL TLS_Client : public TLS_Connection
void read_handshake(byte, const MemoryRegion<byte>&);
void process_handshake_msg(Handshake_Type, const MemoryRegion<byte>&);
+ std::tr1::function<size_t (byte[], size_t)> input_fn;
+
const TLS_Policy& policy;
RandomNumberGenerator& rng;
- Socket& peer;
Record_Writer writer;
Record_Reader reader;
- std::vector<X509_Certificate> certs, peer_certs;
- std::vector<Private_Key*> keys;
+ std::vector<X509_Certificate> peer_certs;
+ std::vector<std::pair<X509_Certificate, Private_Key*> > certs;
class Handshake_State* state;
SecureVector<byte> session_id;