TlsConfig Class Reference

Detailed Description

TlsConfig provides an interface for setting TLS configuration options.

There is a single instance of this class, which you get by calling the static member function Instance().

TlsConfig provides abstraction from the underlying TLS implementation. In the current library version, the only underlying implementation supported is OpenSSL. In later versions, Hunny Software may support other implementations, such as Microsoft's SChannel implementation.

When OpenSSL is used as the underlying implementation, you must set certain TLS configuration options before you create a TLS connection. You must set either OPENSSL_CA_FILE or OPENSSL_CA_DIR so that the implementation can verify the CA's signature on the server's certificate. Other options are optional.

The options are listed here:

OPENSSL_CA_FILE: value is the pathname of a file that contains CA certificates in PEM format. These are the CA certificates that the implementation uses to verify the CA signature on the server's certificate.
OPENSSL_CA_DIR: value is the pathname of a directory that contains CA certificates.
OPENSSL_VERIFY_DEPTH: value is the maximum length of a certificate chain. Certificate verification fails if the certificate chain is greater than the specified value. value must be a string that contains the decimal digits of the value.
OPENSSL_CIPHER_LIST: value is a string that indicates the allowed or not-allowed cipher suites. The format of the string, which is peculiar to OpenSSL, is described in the OpenSSL documentation.
OPENSSL_RANDOM_BYTES: value is a string that contains random bytes. Since random bytes may contain the NUL byte, it is a good idea to convert the random bytes to a hexadecimal string to use as the function argument. The string must be NUL-terminated. Note that it is possible to set up OpenSSL to automatically seed the pseudo random number generator, so that this option is not necessary.

Public Member Functions

virtual ~TlsConfig ()

Destructor.

virtual int SetOption (Option option, const char *value)=0

Sets a TLS configuration option.

Static Public Member Functions

TlsConfig * Instance ()

Gets the singleton instance.

void Release ()

Frees the TlsConfig object.

Constructor & Destructor Documentation

~TlsConfig ( ) [virtual]

Destructor


Public Member Functions
virtual	~TlsConfig ()
	Destructor.
virtual int	SetOption (Option option, const char *value)=0
	Sets a TLS configuration option.
Static Public Member Functions
TlsConfig *	Instance ()
	Gets the singleton instance.
void	Release ()
	Frees the TlsConfig object.