SSLSocket

SSLSocket

#include <icy/net/sslsocket.h>

Inherits: TCPSocket

SSL socket implementation.

Public Methods

SSLSocket

SSLSocket(uv::Loop * loop)

Constructs an SSLSocket that acquires its context from SSLManager on first use.

Parameters

• loop Event loop to use; defaults to the default loop.

SSLSocket

SSLSocket(SSLContext::Ptr sslContext, uv::Loop * loop)

Constructs an SSLSocket with an explicit SSL context.

Parameters

• sslContext The SSL context to use for this connection.

• loop Event loop to use; defaults to the default loop.

SSLSocket

SSLSocket(SSLContext::Ptr sslContext, SSLSession::Ptr session, uv::Loop * loop)

Constructs an SSLSocket with an explicit context and a prior session for resumption.

Parameters

• sslContext The SSL context to use for this connection.

• session A previously saved session to attempt resumption with.

• loop Event loop to use; defaults to the default loop.

connect

virtual

virtual void connect(const Address & peerAddress)

Initialize the SSLSocket with the given SSLContext.

Initiates a secure connection to the peer at the given address.

The SSL handshake begins automatically once the TCP connection is established.

Parameters

• peerAddress The remote address to connect to.

connect

virtual

virtual void connect(std::string_view host, uint16_t port)

Resolves host and initiates a secure connection.

Sets the hostname on the SSL adapter for SNI and certificate verification before resolving and connecting.

Parameters

• host Hostname or IP address string.

• port Destination port.

bind

virtual

virtual void bind(const net::Address & address, unsigned flags)

Binds the socket to address for server-side use. Throws std::logic_error if the context is not a server context.

Parameters

• address Local address to bind to.

• flags Optional bind flags (passed to uv_tcp_bind).

listen

virtual

virtual void listen(int backlog)

Starts listening for incoming connections. Throws std::logic_error if the context is not a server context.

Parameters

• backlog Maximum number of pending connections.

shutdown

virtual

virtual bool shutdown()

Shuts down the connection by attempting an orderly SSL shutdown, then actually shutting down the TCP connection.

close

virtual

virtual void close()

Closes the socket forcefully.

send

virtual

virtual ssize_t send(const char * data, size_t len, int flags)

Encrypts and sends len bytes to the connected peer.

Parameters

• data Pointer to the plaintext payload.

• len Number of bytes to send.

• flags Reserved; currently unused.

Returns

Number of plaintext bytes accepted, or -1 on error.

sendOwned

virtual

virtual ssize_t sendOwned(Buffer && buffer, int flags)

Sends an owned payload buffer to the connected peer.

send

virtual

virtual ssize_t send(const char * data, size_t len, const net::Address & peerAddress, int flags)

Encrypts and sends len bytes, ignoring peerAddress (TCP is connected).

Parameters

• data Pointer to the plaintext payload.

• len Number of bytes to send.

• peerAddress Ignored for SSL/TCP; present for interface conformance.

• flags Reserved; currently unused.

Returns

Number of plaintext bytes accepted, or -1 on error.

sendOwned

virtual

virtual ssize_t sendOwned(Buffer && buffer, const net::Address & peerAddress, int flags)

setHostname

void setHostname(std::string_view hostname)

Set the expected peer hostname for certificate verification and SNI. Must be called before connect() to enable hostname verification.

useContext

void useContext(SSLContext::Ptr context)

Use the given SSL context for this socket.

context

const

SSLContext::Ptr context() const

Returns the SSL context used for this socket.

useSession

void useSession(SSLSession::Ptr session)

Sets the SSL session to use for the next connection. Setting a previously saved Session object is necessary to enable session caching.

To remove the currently set session, a nullptr pointer can be given.

Must be called before connect() to be effective.

currentSession

SSLSession::Ptr currentSession()

Returns the SSL session of the current connection, for reuse in a future connection (if session caching is enabled).

If no connection is established, returns nullptr.

sessionWasReused

bool sessionWasReused()

Returns true if a reused session was negotiated during the handshake.

available

const

int available() const

Returns the number of bytes available from the SSL buffer for immediate reading.

peerCertificate

const

X509 * peerCertificate() const

Returns the peer's X.509 certificate, or nullptr if no certificate was presented.

transport

virtual const

virtual net::TransportType transport() const

Returns the SSLTCP transport protocol identifier.

acceptConnection

virtual

virtual void acceptConnection()

Accepts a pending client connection, initializes the server-side SSL context on the new socket, and fires the AcceptConnection signal.

onConnect

virtual

virtual void onConnect()

Called when the TCP connection is established; starts reading and initiates the client-side SSL handshake.

onRead

virtual

virtual void onRead(const char * data, size_t len)

Feeds raw encrypted bytes from the network into the SSL adapter. Called by the stream layer when ciphertext arrives from the peer.

Parameters

• data Pointer to the encrypted bytes.

• len Number of bytes received.

Protected Attributes

_sslContext

net::SSLContext::Ptr _sslContext

_sslSession

net::SSLSession::Ptr _sslSession

_sslAdapter

net::SSLAdapter _sslAdapter

Public Types

Ptr

std::shared_ptr< SSLSocket > Ptr()

Vec

std::vector< Ptr > Vec()