some TLS work.

TCPServer.h

@@ -19,7 +19,7 @@ namespace core {
    ///
    /// A list of connections is maintained in a vector object.
    ///
-   /// This object extends the BMACommand object as well so it can be added to a Console object and
+   /// This object extends the Command object as well so it can be added to a Console object and
    /// process commands to display status information.
    ///
    

TCPSocket.cpp

@@ -10,6 +10,8 @@ namespace core {
 
    TCPSocket::TCPSocket(EPoll &ePoll, std::string text) : Socket(ePoll, text) {}
 
+   TCPSocket::TCPSocket(EPoll &ePoll, TLSInfo *tlsInfo, std::string text) : Socket(ePoll, text), TLS(tlsInfo) {}
+
    TCPSocket::TCPSocket(EPoll &ePoll, SSL_CTX *ctx, std::string text) : Socket(ePoll, text), TLS(ctx) {}   
    
    TCPSocket::~TCPSocket() {}

TCPSocket.h

@@ -4,6 +4,7 @@
 
 #include "Socket.h"
 #include "TLS.h"
+#include "TLSInfo.h"
 #include "IPAddress.h"
 
 namespace core {
@@ -38,6 +39,12 @@ namespace core {
       ///
       ///
       
+      TCPSocket(EPoll &ePoll, TLSInfo *tlsInfo, std::string text);
+
+      ///
+      ///
+      ///
+      
       TCPSocket(EPoll &ePoll, SSL_CTX *ctx, std::string text);
 
       ///

TLS.cpp

@@ -47,25 +47,26 @@ namespace core {
 
    TLS::TLS() {} 
    
+   TLS::TLS(TLSInfo *tlsInfo) {
+      createContext(tlsInfo);
+   }
+
    TLS::TLS(SSL_CTX *ctx) : ctx(ctx) {}
    
    TLS::~TLS() {}
 
-   void TLS::createContext() {
+   void TLS::createContext(TLSInfo *tlsInfo) {
 
+      if(tlsInfo) {	         
 	 SSL_library_init();
 	 SSL_load_error_strings();
-      
 	 lockarray = (pthread_mutex_t *)OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
 	 for(int i = 0; i < CRYPTO_num_locks(); ++i) 
 	   pthread_mutex_init(&(lockarray[i]), NULL);	 
-      
 	 CRYPTO_set_id_callback((unsigned long (*)())thread_id);
 	 CRYPTO_set_locking_callback((void (*)(int, int, const char *, int))lock_callback);
-      
 	 SSLeay_add_ssl_algorithms();
 	 RAND_load_file("/dev/hwrng", 1024);   
-
 	 if(!(ctx = SSL_CTX_new(SSLv23_server_method()))) 
 	   throw coreutils::Exception("Error while setting server method SSLv23.");     
 	 SSL_CTX_set_mode(ctx, SSL_MODE_RELEASE_BUFFERS | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
@@ -73,19 +74,20 @@ namespace core {
 	 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER);
 	 //   SSL_CTX_set_generate_session_id(ctx, generate_session_id);
 	 SSL_CTX_set_cipher_list(ctx, "ECDH-ECDSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA");
-      if(SSL_CTX_use_certificate_file(ctx, sip_cert, SSL_FILETYPE_PEM) <= 0) 
+	 if(SSL_CTX_use_certificate_file(ctx, tlsInfo->certificate.c_str(), SSL_FILETYPE_PEM) <= 0) 
 	   throw coreutils::Exception("Error looking up certificate.");
-      if(SSL_CTX_use_PrivateKey_file(ctx, sip_key, SSL_FILETYPE_PEM) < 0)
+	 if(SSL_CTX_use_PrivateKey_file(ctx, tlsInfo->key.c_str(), SSL_FILETYPE_PEM) < 0)
 	   throw coreutils::Exception("Error with private key.");
 	 if(SSL_CTX_check_private_key(ctx) != 1)
 	   throw coreutils::Exception("Private key does not match certificate.");
 	 SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
 	 SSL_CTX_set_verify_depth(ctx, 1);
-      if(!SSL_CTX_load_verify_locations(ctx, sip_cacert, NULL))
+	 if(!SSL_CTX_load_verify_locations(ctx, tlsInfo->cACertificate.c_str(), NULL))
 	   throw coreutils::Exception("Cannot verify locations.");
-      SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(sip_cacert));       
+	 SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(tlsInfo->cACertificate.c_str()));       
 	 coreutils::Log(coreutils::LOG_DEBUG_1) << "Server key authenticated.";
       }      
+   }
       
    void TLS::registerSocket(int fd) {	
       initialized = true;

TLS.h

@@ -2,6 +2,7 @@
 #define __TLS_h__
 
 #include "ZString.h"
+#include "TLSInfo.h"
 #include <openssl/ssl.h>
 
 namespace core {
@@ -17,12 +18,18 @@ namespace core {
       
     public:
 
+      ///
+      ///
+      ///
+      
+      TLS();
+      
       ///
       /// Use this constructor when the SSL context needs to be created as when opening
       /// a server TCPSocket.
       ///
       
-      TLS();
+      TLS(TLSInfo *tlsInfo);
 
       ///
       /// Use this constructor on creation of a new TCPSocket that needs access to
@@ -37,7 +44,7 @@ namespace core {
       
       ~TLS();
 
-      void createContext();
+      void createContext(TLSInfo *tlsInfo);
 
       SSL_CTX *ctx;   
       

TLSInfo.h

@@ -0,0 +1,27 @@
+#ifndef __TLSInfo_h__
+#define __TLSInfo_h__
+
+#include "ZString.h"
+
+namespace core {
+   
+   ///
+   /// TLSInfo
+   ///
+   /// This object provides the support data to handle TLS on the server core and
+   /// session environment.
+   ///
+   
+   class TLSInfo {
+      
+    public:
+
+      coreutils::ZString cACertificate;
+      coreutils::ZString certificate;
+      coreutils::ZString key;
+            
+   };
+   
+}
+
+#endif

testing/main.cpp

@@ -10,18 +10,16 @@ int main(int argc, char **argv) {
 
    try {
 
-      coreutils::Log(new coreutils::File("/tmp/http.log", O_WRONLY | O_APPEND | O_CREAT, 0644));
+      coreutils::Log(new coreutils::File("/tmp/console.log", O_WRONLY | O_APPEND | O_CREAT, 0644));
-      coreutils::Log(coreutils::LOG_INFO) << "Terminal Server starting. Build " << __DATE__ << " " << __TIME__;
+      coreutils::Log(coreutils::LOG_INFO) << "Console Server starting. Build " << __DATE__ << " " << __TIME__;
 
       std::string ipAddress = "0.0.0.0";
 
       core::EPoll ePoll;
       
-      core::TerminalServer terminals(ePoll, core::IPAddress(ipAddress, 1026));
       core::ConsoleServer console(ePoll, core::IPAddress(ipAddress, 1027));
 
       console.commands.add(ePoll, "threads");
-      console.commands.add(httpSessions, "sessions");
       console.commands.add(console, "consoles");
       console.commands.add(console.commands, "help");
       ePoll.start(2, 1000);