ouch/inspircd
2
0
Fork 0
mirror of https://github.com/inspircd/inspircd.git synced 2025-03-12 03:59:03 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add comments to document this header

Browse Source 
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@5132 e03df62e-2008-0410-955e-edbf42e46eb7
This commit is contained in:
brain 2006-09-03 21:55:20 +00:00
parent db7cd348e2
commit c922c2a276
1 changed files with 51 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
src/modules/extra/ssl_cert.h
View File

@ -4,20 +4,43 @@
#include <map> #include <map>
#include <string> #include <string>
/** A generic container for certificate data
*/
typedef std::map<std::string,std::string> ssl_data; typedef std::map<std::string,std::string> ssl_data;
/** A shorthand way of representing an iterator into ssl_data
*/
typedef ssl_data::iterator ssl_data_iter; typedef ssl_data::iterator ssl_data_iter;
/** ssl_cert is a class which abstracts SSL certificate
* and key information.
*
* Because gnutls and openssl represent key information in
* wildly different ways, this class allows it to be accessed
* in a unified manner. These classes are attached to ssl-
* connected local users using Extensible::Extend() and the
* key 'ssl_cert'.
*/
class ssl_cert class ssl_cert
{ {
/** Always contains an empty string
*/
const std::string empty; const std::string empty;
public: public:
/** The data for this certificate
*/
ssl_data data; ssl_data data;
/** Default constructor, initializes 'empty'
*/
ssl_cert() : empty("") ssl_cert() : empty("")
{ {
} }
/** Get certificate distinguished name
* @return Certificate DN
*/
const std::string& GetDN() const std::string& GetDN()
{ {
ssl_data_iter ssldi = data.find("dn"); ssl_data_iter ssldi = data.find("dn");
@ -28,6 +51,9 @@ class ssl_cert
return empty; return empty;
} }
/** Get Certificate issuer
* @return Certificate issuer
*/
const std::string& GetIssuer() const std::string& GetIssuer()
{ {
ssl_data_iter ssldi = data.find("issuer"); ssl_data_iter ssldi = data.find("issuer");
@ -38,6 +64,10 @@ class ssl_cert
return empty; return empty;
} }
/** Get error string if an error has occured
* @return The error associated with this users certificate,
* or an empty string if there is no error.
*/
const std::string& GetError() const std::string& GetError()
{ {
ssl_data_iter ssldi = data.find("error"); ssl_data_iter ssldi = data.find("error");
@ -48,6 +78,9 @@ class ssl_cert
return empty; return empty;
} }
/** Get key fingerprint.
* @return The key fingerprint as a hex string.
*/
const std::string& GetFingerprint() const std::string& GetFingerprint()
{ {
ssl_data_iter ssldi = data.find("fingerprint"); ssl_data_iter ssldi = data.find("fingerprint");
@ -58,6 +91,10 @@ class ssl_cert
return empty; return empty;
} }
/** Get trust status
* @return True if this is a trusted certificate
* (the certificate chain validates)
*/
bool IsTrusted() bool IsTrusted()
{ {
ssl_data_iter ssldi = data.find("trusted"); ssl_data_iter ssldi = data.find("trusted");
@ -68,6 +105,10 @@ class ssl_cert
return false; return false;
} }
/** Get validity status
* @return True if the certificate itself is
* correctly formed.
*/
bool IsInvalid() bool IsInvalid()
{ {
ssl_data_iter ssldi = data.find("invalid"); ssl_data_iter ssldi = data.find("invalid");
@ -78,6 +119,10 @@ class ssl_cert
return false; return false;
} }
/** Get signer status
* @return True if the certificate appears to be
* self-signed.
*/
bool IsUnknownSigner() bool IsUnknownSigner()
{ {
ssl_data_iter ssldi = data.find("unknownsigner"); ssl_data_iter ssldi = data.find("unknownsigner");
@ -88,6 +133,11 @@ class ssl_cert
return false; return false;
} }
/** Get revokation status.
* @return True if the certificate is revoked.
* Note that this only works properly for GnuTLS
* right now.
*/
bool IsRevoked() bool IsRevoked()
{ {
ssl_data_iter ssldi = data.find("revoked"); ssl_data_iter ssldi = data.find("revoked");