18#include <openssl/opensslv.h>
21using namespace boost::asio::ssl;
22using namespace boost::system;
30TlsContext::TlsContext(
TlsRole role)
31 : TlsContextBase(role), cert_required_(true),
32#ifdef HAVE_GENERIC_TLS_METHOD
33 context_(context::method::tls)
35#ifdef HAVE_TLS_1_2_METHOD
36 context_(context::method::tlsv12)
38 context_(context::method::tlsv1)
43 setCertRequired(
true);
46boost::asio::ssl::context&
47TlsContext::getContext() {
52TlsContext::getNativeContext() {
53 return (context_.native_handle());
57TlsContext::setCertRequired(
bool cert_required) {
60 "'cert-required' parameter must be true for a TLS client");
62 cert_required_ = cert_required;
64 int mode = verify_peer | verify_fail_if_no_peer_cert;
65 if (!cert_required_) {
68 context_.set_verify_mode(mode, ec);
75TlsContext::getCertRequired()
const {
76 return (cert_required_);
80TlsContext::loadCaFile(
const std::string& ca_file) {
82 context_.load_verify_file(ca_file, ec);
89TlsContext::loadCaPath(
const std::string& ca_path) {
91 context_.add_verify_path(ca_path, ec);
98TlsContext::loadCertFile(
const std::string& cert_file) {
100 context_.use_certificate_chain_file(cert_file, ec);
107TlsContext::loadKeyFile(
const std::string& key_file) {
109 context_.use_private_key_file(key_file, context::file_format::pem, ec);
This exception is raised when a general error that was not specifically caught is thrown by the under...
#define isc_throw(type, stream)
A shortcut macro to insert known values into exception arguments.
A wrapper interface for the ASIO library.
TlsRole
Client and server roles.
Defines the logger used by the top-level component of kea-lfc.