From: Francis Dupont <fdupont@isc.org>
Date: Thu, 25 Feb 2021 10:49:25 +0000 (+0100)
Subject: [#1661] Revamped TLS headers
X-Git-Tag: Kea-1.9.6~108
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=11057ffe165e59f60c31597c32ef78f0e88bd431;p=thirdparty%2Fkea.git

[#1661] Revamped TLS headers
---

diff --git a/src/lib/asiolink/openssl_tls.h b/src/lib/asiolink/openssl_tls.h
index bf82f2bd9e..0d44c5a60c 100644
--- a/src/lib/asiolink/openssl_tls.h
+++ b/src/lib/asiolink/openssl_tls.h
@@ -236,13 +236,29 @@ typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> TlsStreamImpl;
 /// @brief The type of X509 certificates.
 typedef ::X509 TlsCertificate;
 
+/// @brief TlsStreamBase constructor.
+/// @brief TLS stream base class.
+///
+/// @param Callback The type of callbacks.
+/// @param TlsStreamImpl The type of underlying TLS streams.
+/// @param TlsCertificate The type of X509 certificates.
+template <typename Callback, typename TlsStreamImpl, typename TlsCertificate>
+TlsStreamBase<Callback, TlsStreamImpl, TlsCertificate>::
+TlsStreamBase(IOService& service, TlsContextPtr context)
+    : TlsStreamImpl(service.get_io_service(), context->getContext()),
+      role_(context->getRole()) {
+}
+
 /// @brief OpenSSL TLS stream.
 ///
 /// @param callback The callback.
 template <typename Callback>
-class TlsStream : public TlsStreamImpl {
+class TlsStream : public TlsStreamBase<Callback, TlsStreamImpl, TlsCertificate> {
 public:
 
+    /// @brief Type of the base.
+    typedef TlsStreamBase<Callback, TlsStreamImpl, TlsCertificate> Base;
+
     /// @brief Constructor.
     ///
     /// @param service I/O Service object used to manage the stream.
@@ -256,20 +272,15 @@ public:
     /// @brief Destructor.
     virtual ~TlsStream() { }
 
-    /// @brief Returns the role.
-    TlsRole getRole() const {
-        return (role_);
-    }
-
     /// @brief TLS Handshake.
     ///
     /// @param callback Callback object.
     virtual void handshake(Callback& callback) {
         using namespace boost::asio::ssl;
-        if (role_ == SERVER) {
-            async_handshake(stream_base::server, callback);
+        if (Base::getRole() == SERVER) {
+            Base::async_handshake(stream_base::server, callback);
         } else {
-            async_handshake(stream_base::client, callback);
+            Base::async_handshake(stream_base::client, callback);
         }
     }
 
@@ -277,7 +288,7 @@ public:
     ///
     /// @param callback Callback object.
     virtual void shutdown(Callback& callback) {
-        async_shutdown(callback);
+        Base::async_shutdown(callback);
     }
 
     /// @brief Clear the SSL object.
@@ -293,16 +304,13 @@ public:
         return (::SSL_get_peer_certificate(this->native_handle()));
     }
 
-    /// @brief The role i.e. client or server.
-    TlsRole role_;
-
     /// @break Return the commonName part of the subjectName of
     /// the peer certificate.
     ///
     /// First commonName when there are more than one, in UTF-8.
     ///
     /// @return The commonName part of the subjectName or the empty string.
-    std::string getSubject() {
+    virtual std::string getSubject() {
         TlsCertificate* cert = getPeerCert();
         if (!cert) {
             return ("");
@@ -332,7 +340,7 @@ public:
     /// First commonName when there are more than one, in UTF-8.
     ///
     /// @return The commonName part of the issuerName or the empty string.
-    std::string getIssuer() {
+    virtual std::string getIssuer() {
         TlsCertificate* cert = getPeerCert();
         if (!cert) {
             return ("");
diff --git a/src/lib/http/listener.h b/src/lib/http/listener.h
index 6379e632d7..51cb9eef90 100644
--- a/src/lib/http/listener.h
+++ b/src/lib/http/listener.h
@@ -10,8 +10,6 @@
 #include <asiolink/io_address.h>
 #include <asiolink/io_service.h>
 #include <asiolink/crypto_tls.h>
-#include <asiolink/openssl_tls.h>
-#include <asiolink/botan_tls.h>
 #include <exceptions/exceptions.h>
 #include <http/response_creator_factory.h>
 #include <boost/shared_ptr.hpp>