qb  2.0.0.0
C++17 Actor Framework
qb Issue Watch Star Fork Follow @isndev
Loading...
Searching...
No Matches
socket.h File Reference
QB Actor Framework » IO System » Networking Utilities » Secure Sockets Layer (SSL/TLS)

Implementation of SSL/TLS sockets for secure TCP communication in the QB IO library. More...

#include <filesystem>
#include <openssl/ssl.h>
#include "../socket.h"
Include dependency graph for socket.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  qb::io::ssl::Certificate
 Structure to hold essential SSL certificate information. More...
struct  qb::io::ssl::Session
 Opaque wrapper for an OpenSSL SSL_SESSION object. More...
class  qb::io::tcp::ssl::socket
 Class implementing secure SSL/TLS TCP socket functionality. More...

Functions

Certificate qb::io::ssl::get_certificate (SSL *ssl)
 Extract certificate information from an active SSL connection.
SSL_CTX * qb::io::ssl::create_client_context (const SSL_METHOD *method)
 Create an SSL context (SSL_CTX) configured for client-side SSL/TLS operations.
SSL_CTX * qb::io::ssl::create_server_context (const SSL_METHOD *method, std::filesystem::path cert_path, std::filesystem::path key_path)
 Create an SSL context (SSL_CTX) configured for server-side SSL/TLS operations.
bool qb::io::ssl::load_ca_certificates (SSL_CTX *ctx, const std::string &ca_file_path)
 Load CA certificates from a file for peer verification.
bool qb::io::ssl::load_ca_directory (SSL_CTX *ctx, const std::string &ca_dir_path)
 Load CA certificates from a directory for peer verification.
bool qb::io::ssl::set_cipher_list (SSL_CTX *ctx, const std::string &ciphers)
 Set the preferred cipher suites for TLS 1.2 and earlier.
bool qb::io::ssl::set_ciphersuites_tls13 (SSL_CTX *ctx, const std::string &ciphersuites)
 Set the preferred cipher suites for TLS 1.3.
bool qb::io::ssl::set_tls_protocol_versions (SSL_CTX *ctx, int min_version, int max_version)
 Set the minimum and maximum TLS protocol versions.
bool qb::io::ssl::configure_mtls_server_context (SSL_CTX *ctx, const std::string &client_ca_file_path, int verification_mode=SSL_VERIFY_PEER)
 Configure client certificate authentication (mTLS) for a server SSL_CTX.
bool qb::io::ssl::configure_client_certificate (SSL_CTX *ctx, const std::string &client_cert_path, const std::string &client_key_path)
 Configure a client SSL_CTX to use a specific client certificate and private key.
bool qb::io::ssl::set_alpn_protos_client (SSL_CTX *ctx, const std::vector< std::string > &protocols)
 Set the ALPN protocols for a client SSL_CTX to offer during handshake.
bool qb::io::ssl::set_alpn_selection_callback_server (SSL_CTX *ctx, SSL_CTX_alpn_select_cb_func callback, void *arg)
 Set the ALPN selection callback for a server SSL_CTX.
bool qb::io::ssl::enable_server_session_caching (SSL_CTX *ctx, long cache_size)
 Enable and configure server-side SSL session caching.
bool qb::io::ssl::disable_client_session_cache (SSL_CTX *ctx)
 Disable client-side SSL session caching for an SSL_CTX.
bool qb::io::ssl::set_custom_verify_callback (SSL_CTX *ctx, int(*callback)(int, X509_STORE_CTX *), int verification_mode)
 Set a custom callback for X.509 certificate verification.
bool qb::io::ssl::set_ocsp_stapling_client_callback (SSL_CTX *ctx, int(*callback)(SSL *s, void *arg), void *arg)
 Set a callback for the client to handle stapled OCSP responses from the server.
bool qb::io::ssl::set_ocsp_stapling_responder_server (SSL_CTX *ctx, int(*callback)(SSL *s, void *arg), void *arg)
 Set a callback for the server to provide an OCSP response to be stapled.
bool qb::io::ssl::set_sni_hostname_selection_callback_server (SSL_CTX *ctx, int(*callback)(SSL *s, int *al, void *arg), void *arg)
 Set a callback for server-side SNI (Server Name Indication) handling.
bool qb::io::ssl::set_keylog_callback (SSL_CTX *ctx, SSL_CTX_keylog_cb_func callback)
 Set the SSL/TLS key log callback function.
bool qb::io::ssl::configure_dh_parameters_server (SSL_CTX *ctx, const std::string &dh_param_file_path)
 Configure Diffie-Hellman parameters for a server SSL_CTX.
bool qb::io::ssl::configure_ecdh_curves_server (SSL_CTX *ctx, const std::string &curve_names_list)
 Configure preferred ECDH curves for a server SSL_CTX.
void qb::io::ssl::free_session (Session &session)
 Frees an SSL_SESSION object held by qb::io::ssl::Session.
bool qb::io::ssl::enable_post_handshake_auth_server (SSL_CTX *ctx)
 Enable server-side support for TLS 1.3 Post-Handshake Authentication (PHA).

Detailed Description

Implementation of SSL/TLS sockets for secure TCP communication in the QB IO library.

This file provides the implementation of secure TCP sockets using OpenSSL for encrypted communications, supporting both client and server-side SSL/TLS. Requires OpenSSL to be linked and QB_IO_WITH_SSL to be defined.

Author
qb - C++ Actor Framework
Copyright
Copyright (c) 2011-2025 qb - isndev (cpp.actor) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 
    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.