Panda3D
|
Provides an interface wrapper around the OpenSSL library, to ensure that the library is properly initialized in the application, and to provide some hooks into global OpenSSL context data. More...
#include <pandadoc.hpp>
Public Member Functions | |
clearCertificates () | |
Removes all the certificates from the global store, including the compiled- in certificates loaded from ca_bundle_data.c. More... | |
X509STORE | getX509Store () |
Returns the global X509_STORE object. More... | |
int | loadCertificates (const Filename filename) |
Reads the PEM-formatted certificate(s) (delimited by --—BEGIN CERTIFICATE--— and --—END CERTIFICATE--—) from the indicated file and adds them to the global store object, retrieved via get_x509_store(). More... | |
int | loadCertificatesFromDerRam (str data) |
Reads a chain of trusted certificates from the indicated data buffer and adds them to the X509_STORE object. More... | |
int | loadCertificatesFromDerRam (str data, int data_size) |
Reads a chain of trusted certificates from the indicated data buffer and adds them to the X509_STORE object. More... | |
int | loadCertificatesFromPemRam (str data) |
Reads a chain of trusted certificates from the indicated data buffer and adds them to the X509_STORE object. More... | |
int | loadCertificatesFromPemRam (str data, int data_size) |
Reads a chain of trusted certificates from the indicated data buffer and adds them to the X509_STORE object. More... | |
notifyDebugSslErrors () | |
As notify_ssl_errors(), but sends the output to debug instead of warning. More... | |
notifySslErrors () | |
A convenience function that is itself a wrapper around the OpenSSL convenience function to output the recent OpenSSL errors. More... | |
Static Public Member Functions | |
static OpenSSLWrapper | getGlobalPtr () |
Provides an interface wrapper around the OpenSSL library, to ensure that the library is properly initialized in the application, and to provide some hooks into global OpenSSL context data.
clearCertificates | ( | ) |
Removes all the certificates from the global store, including the compiled- in certificates loaded from ca_bundle_data.c.
You can add new certificates by calling load_certificates().
|
static |
X509STORE getX509Store | ( | ) |
Returns the global X509_STORE object.
It has to be a global object, because OpenSSL seems to store some global pointers associated with this object whether you want it to or not, and keeping independent copies of a local X509_STORE object doesn't seem to work that well. So, we have one store that keeps all certificates the application might need.
int loadCertificates | ( | const Filename | filename | ) |
Reads the PEM-formatted certificate(s) (delimited by --—BEGIN CERTIFICATE--— and --—END CERTIFICATE--—) from the indicated file and adds them to the global store object, retrieved via get_x509_store().
Returns the number of certificates read on success, or 0 on failure.
You should call this only with trusted, locally-stored certificates; not with certificates received from an untrusted source.
int loadCertificatesFromDerRam | ( | str | data | ) |
Reads a chain of trusted certificates from the indicated data buffer and adds them to the X509_STORE object.
The data buffer should be DER- formatted. Returns the number of certificates read on success, or 0 on failure.
You should call this only with trusted, locally-stored certificates; not with certificates received from an untrusted source.
int loadCertificatesFromDerRam | ( | str | data, |
int | data_size | ||
) |
Reads a chain of trusted certificates from the indicated data buffer and adds them to the X509_STORE object.
The data buffer should be DER- formatted. Returns the number of certificates read on success, or 0 on failure.
You should call this only with trusted, locally-stored certificates; not with certificates received from an untrusted source.
int loadCertificatesFromPemRam | ( | str | data | ) |
Reads a chain of trusted certificates from the indicated data buffer and adds them to the X509_STORE object.
The data buffer should be PEM- formatted. Returns the number of certificates read on success, or 0 on failure.
You should call this only with trusted, locally-stored certificates; not with certificates received from an untrusted source.
int loadCertificatesFromPemRam | ( | str | data, |
int | data_size | ||
) |
Reads a chain of trusted certificates from the indicated data buffer and adds them to the X509_STORE object.
The data buffer should be PEM- formatted. Returns the number of certificates read on success, or 0 on failure.
You should call this only with trusted, locally-stored certificates; not with certificates received from an untrusted source.
notifyDebugSslErrors | ( | ) |
As notify_ssl_errors(), but sends the output to debug instead of warning.
notifySslErrors | ( | ) |
A convenience function that is itself a wrapper around the OpenSSL convenience function to output the recent OpenSSL errors.
This function sends the error string to express_cat.warning(). If REPORT_OPENSSL_ERRORS is not defined, the function does nothing.