28#ifndef QB_IO_TCP_SSL_LISTENER_H_
29#define QB_IO_TCP_SSL_LISTENER_H_
31namespace qb::io::tcp::ssl {
44 std::unique_ptr<SSL_CTX, void (*)(SSL_CTX *)>
46 mutable std::vector<unsigned char> _alpn_wire;
49 constexpr static bool is_secure() noexcept {
return true; }
87 void init(SSL_CTX *ctx) noexcept;
162 bool configure_mtls(const std::
string &client_ca_file_path,
int verification_mode = SSL_VERIFY_PEER);
291 bool set_msg_callback(
void (*callback)(
int write_p,
int version,
int content_type, const
void *buf,
size_t len, SSL *ssl,
void *arg),
void *arg);
Class implementing a TCP listener for accepting incoming connections.
Definition listener.h:42
listener() noexcept
Default constructor.
int get_verify_depth() const
Gets the current peer certificate verification depth.
bool configure_mtls(const std::string &client_ca_file_path, int verification_mode=SSL_VERIFY_PEER)
Configure client certificate authentication (mTLS) for this listener.
bool enable_session_caching(long cache_size=SSL_SESSION_CACHE_MAX_SIZE_DEFAULT)
Enable and configure server-side SSL session caching for this listener.
bool set_tls_protocol_versions(int min_version, int max_version)
Set the minimum and maximum TLS protocol versions for this listener's context.
bool enable_post_handshake_auth()
Enable server-side support for TLS 1.3 Post-Handshake Authentication.
int get_min_protocol_version() const
Gets the minimum configured TLS protocol version.
bool set_ocsp_stapling_responder_callback(int(*callback)(SSL *s, void *arg), void *arg)
Set a callback for this listener's server to provide an OCSP response to be stapled.
long set_session_timeout(long seconds)
Set the session timeout for the listener's SSL_CTX.
static constexpr bool is_secure() noexcept
Indicates that this socket implementation is secure.
Definition listener.h:49
bool load_ca_directory_for_client_auth(const std::string &ca_dir_path)
Load CA certificates from a directory for client peer verification (mTLS).
SSL_CTX * ssl_handle() const noexcept
Get the raw OpenSSL SSL_CTX handle.
ssl::socket accept() const noexcept
Accept a new secure connection and return it as a new ssl::socket.
long set_options(long options_to_set)
Set specific SSL options on the listener's context.
long get_session_cache_mode() const
Gets the SSL session cache mode.
int get_verify_mode() const
Gets the current peer verification mode.
bool configure_ecdh_curves(const std::string &curve_names_list)
Configure preferred ECDH curves for this listener's context.
bool set_ciphersuites_tls13(const std::string &ciphersuites)
Set the preferred cipher suites for TLS 1.3 for this listener's context.
bool set_cipher_list(const std::string &ciphers)
Set the preferred cipher suites for TLS 1.2 and earlier for this listener's context.
int get_max_protocol_version() const
Gets the maximum configured TLS protocol version.
bool set_msg_callback(void(*callback)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg), void *arg)
Set a message callback for the listener's SSL_CTX for detailed protocol tracing.
bool set_keylog_callback(SSL_CTX_keylog_cb_func callback)
Set the SSL/TLS key log callback function for debugging.
long clear_options(long options_to_clear)
Clear specific SSL options on the listener's context.
bool set_sni_selection_callback(int(*callback)(SSL *s, int *al, void *arg), void *arg)
Set a callback for server-side SNI (Server Name Indication) handling.
bool load_ca_certificates_for_client_auth(const std::string &ca_file_path)
Load CA certificates from a file for client peer verification (mTLS).
bool configure_dh_parameters(const std::string &dh_param_file_path)
Configure Diffie-Hellman parameters for this listener's context.
bool set_custom_client_verify_callback(int(*callback)(int, X509_STORE_CTX *), int verification_mode)
Set a custom callback for X.509 client certificate verification.
void init(SSL_CTX *ctx) noexcept
Initialize the listener with a pre-configured SSL context.
bool set_supported_alpn_protocols(const std::vector< std::string > &protocols)
Set the list of ALPN protocols supported by the server listener.
bool set_info_callback(void(*callback)(const SSL *ssl, int type, int val))
Set an informational callback for the listener's SSL_CTX.
bool set_alpn_selection_callback(SSL_CTX_alpn_select_cb_func callback, void *arg)
Set the ALPN selection callback for this listener's context.
~listener() noexcept
Destructor.
long get_session_cache_size() const
Gets the SSL session cache size.
Class implementing secure SSL/TLS TCP socket functionality.
Definition socket.h:320
Template struct used for type identification in the event system.
Definition Event.h:53
Implementation of a TCP listener for the QB IO library.
Implementation of SSL/TLS sockets for secure TCP communication in the QB IO library.
1.14.0 