1 /* <!-- copyright */
2 /*
3  * aria2 - The high speed download utility
4  *
5  * Copyright (C) 2006 Tatsuhiro Tsujikawa
6  *
7  * This program is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 2 of the License, or
10  * (at your option) any later version.
11  *
12  * This program is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
20  *
21  * In addition, as a special exception, the copyright holders give
22  * permission to link the code of portions of this program with the
23  * OpenSSL library under certain conditions as described in each
24  * individual source file, and distribute linked combinations
25  * including the two.
26  * You must obey the GNU General Public License in all respects
27  * for all of the code used other than OpenSSL.  If you modify
28  * file(s) with this exception, you may extend this exception to your
29  * version of the file(s), but you are not obligated to do so.  If you
30  * do not wish to do so, delete this exception statement from your
31  * version.  If you delete this exception statement from all source
32  * files in the program, then also delete it here.
33  */
34 /* copyright --> */
35 #ifndef D_LIBGNUTLS_TLS_CONTEXT_H
36 #define D_LIBGNUTLS_TLS_CONTEXT_H
37 
38 #include "common.h"
39 
40 #include <gnutls/gnutls.h>
41 
42 #include "TLSContext.h"
43 #include "DlAbortEx.h"
44 
45 namespace aria2 {
46 
47 class GnuTLSContext : public TLSContext {
48 public:
49   GnuTLSContext(TLSSessionSide side, TLSVersion ver);
50 
51   virtual ~GnuTLSContext();
52 
53   // private key `keyfile' must be decrypted.
54   virtual bool addCredentialFile(const std::string& certfile,
55                                  const std::string& keyfile) CXX11_OVERRIDE;
56   bool addP12CredentialFile(const std::string& p12file);
57 
58   virtual bool addSystemTrustedCACerts() CXX11_OVERRIDE;
59 
60   // certfile can contain multiple certificates.
61   virtual bool addTrustedCACertFile(const std::string& certfile) CXX11_OVERRIDE;
62 
63   virtual bool good() const CXX11_OVERRIDE;
64 
getSide()65   virtual TLSSessionSide getSide() const CXX11_OVERRIDE { return side_; }
66 
getVerifyPeer()67   virtual bool getVerifyPeer() const CXX11_OVERRIDE { return verifyPeer_; }
setVerifyPeer(bool verify)68   virtual void setVerifyPeer(bool verify) CXX11_OVERRIDE
69   {
70     verifyPeer_ = verify;
71   }
72 
73   gnutls_certificate_credentials_t getCertCred() const;
74 
getMinTLSVersion()75   TLSVersion getMinTLSVersion() const { return minTLSVer_; }
76 
77 private:
78   gnutls_certificate_credentials_t certCred_;
79   TLSSessionSide side_;
80   TLSVersion minTLSVer_;
81   bool good_;
82   bool verifyPeer_;
83 };
84 
85 } // namespace aria2
86 
87 #endif // D_LIBGNUTLS_TLS_CONTEXT_H
88