1 /*
2    BAREOS® - Backup Archiving REcovery Open Sourced
3 
4    Copyright (C) 2018-2018 Bareos GmbH & Co. KG
5 
6    This program is Free Software; you can redistribute it and/or
7    modify it under the terms of version three of the GNU Affero General Public
8    License as published by the Free Software Foundation and included
9    in the file LICENSE.
10 
11    This program is distributed in the hope that it will be useful, but
12    WITHOUT ANY WARRANTY; without even the implied warranty of
13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14    Affero General Public License for more details.
15 
16    You should have received a copy of the GNU Affero General Public License
17    along with this program; if not, write to the Free Software
18    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19    02110-1301, USA.
20 */
21 #ifndef BAREOS_LIB_TLS_OPENSSL_H_
22 #define BAREOS_LIB_TLS_OPENSSL_H_
23 
24 #include "lib/tls.h"
25 
26 #include "include/bareos.h"
27 #include <memory>
28 
29 class TlsOpenSslPrivate;
30 
31 class TlsOpenSsl : public Tls {
32  public:
33   TlsOpenSsl();
34   virtual ~TlsOpenSsl();
35   TlsOpenSsl(TlsOpenSsl &other) = delete;
36 
37   bool init() override;
38 
39   bool TlsPostconnectVerifyHost(JobControlRecord *jcr, const char *host) override;
40   bool TlsPostconnectVerifyCn(JobControlRecord *jcr,
41                                           const std::vector<std::string> &verify_list) override;
42 
43   bool TlsBsockAccept(BareosSocket *bsock) override;
44   int TlsBsockWriten(BareosSocket *bsock, char *ptr, int32_t nbytes) override;
45   int TlsBsockReadn(BareosSocket *bsock, char *ptr, int32_t nbytes) override;
46   bool TlsBsockConnect(BareosSocket *bsock) override;
47   void TlsBsockShutdown(BareosSocket *bsock) override;
48 
49   std::string TlsCipherGetName() const override;
50   void SetCipherList(const std::string &cipherlist) override;
51   void TlsLogConninfo(JobControlRecord *jcr,
52                                   const char *host,
53                                   int port,
54                                   const char *who) const override;
55   void SetTlsPskClientContext(const PskCredentials &credentials) override;
56   void SetTlsPskServerContext(ConfigurationParser *config,
57                                           GetTlsPskByFullyQualifiedResourceNameCb_t cb) override;
58 
59   void Setca_certfile_(const std::string &ca_certfile) override;
60   void SetCaCertdir(const std::string &ca_certdir) override;
61   void SetCrlfile(const std::string &crlfile_) override;
62   void SetCertfile(const std::string &certfile_) override;
63   void SetKeyfile(const std::string &keyfile_) override;
64   void SetPemCallback(CRYPTO_PEM_PASSWD_CB pem_callback) override;
65   void SetPemUserdata(void *pem_userdata) override;
66   void SetDhFile(const std::string &dhfile_) override;
67   void SetVerifyPeer(const bool &verify_peer) override;
68   void SetTcpFileDescriptor(const int &fd) override;
69 
70  private:
71   std::unique_ptr<TlsOpenSslPrivate> d_; /* private data */
72 };
73 #endif  // BAREOS_LIB_TLS_OPENSSL_H_
74