XrdTlsTempCA Class Reference

#include <XrdTlsTempCA.hh>

Collaboration diagram for XrdTlsTempCA:

Classes
class	TempCAGuard

Public Member Functions
	XrdTlsTempCA (XrdSysError *log, std::string ca_dir)
	~XrdTlsTempCA ()
bool	IsValid () const
std::string	CAFilename () const
std::string	CRLFilename () const
bool	atLeastOneValidCRLFound () const

Private Member Functions
bool	Maintenance ()

Static Private Member Functions
static void *	MaintenanceThread (void *myself_raw)

Private Attributes
int	m_maintenance_pipe_r {-1}
int	m_maintenance_pipe_w {-1}
int	m_maintenance_thread_pipe_r {-1}
int	m_maintenance_thread_pipe_w {-1}
XrdSysError &	m_log
const std::string	m_ca_dir
std::shared_ptr< std::string >	m_ca_file
std::shared_ptr< std::string >	m_crl_file
bool	m_atLeastOneCRLFound = false

Static Private Attributes
static constexpr unsigned	m_update_interval = 900
static constexpr unsigned	m_update_interval_failure = 10

Detailed Description

This class provides manages a "CA file" that is a concatenation of all the CAs in a given CA directory. This is useful in TLS contexts where, instead of loading all CAs for each connection, we only want to load a single file.

This will hand out the CA file directly, allowing external libraries (such as libcurl) do the loading of CAs directly.

Constructor & Destructor Documentation

XrdTlsTempCA()

XrdTlsTempCA::XrdTlsTempCA	(	XrdSysError *	log,
		std::string	ca_dir
	)

~XrdTlsTempCA()

XrdTlsTempCA::~XrdTlsTempCA

(

)

Member Function Documentation

atLeastOneValidCRLFound()

bool XrdTlsTempCA::atLeastOneValidCRLFound ( ) const

inline

Returns true if a valid CRL file has been found during the Maintenance thread execution false otherwise

References m_atLeastOneCRLFound.

CAFilename()

std::string XrdTlsTempCA::CAFilename ( ) const

inline

Returns the current location of the CA temp file.

References m_ca_file.

CRLFilename()

std::string XrdTlsTempCA::CRLFilename ( ) const

inline

Returns the current location of the CA temp file.

References m_crl_file.

IsValid()

bool XrdTlsTempCA::IsValid ( ) const

inline

Returns true if object is valid.

References m_ca_file, and m_crl_file.

Maintenance()

bool XrdTlsTempCA::Maintenance ( )

private

Run the CA maintenance routines. This will go through the CA directory, concatenate the CA contents into a single PEM file, and delete the prior copy of the concatenated CA certs.

MaintenanceThread()

static void * XrdTlsTempCA::MaintenanceThread ( void *  myself_raw )

staticprivate

Thread managing the invocation of the CA maintenance routines

Member Data Documentation

m_atLeastOneCRLFound

bool XrdTlsTempCA::m_atLeastOneCRLFound = false

private

Referenced by atLeastOneValidCRLFound().

m_ca_dir

const std::string XrdTlsTempCA::m_ca_dir

private

m_ca_file

std::shared_ptr<std::string> XrdTlsTempCA::m_ca_file

private

Referenced by CAFilename(), and IsValid().

m_crl_file

std::shared_ptr<std::string> XrdTlsTempCA::m_crl_file

private

Referenced by CRLFilename(), and IsValid().

m_log

XrdSysError& XrdTlsTempCA::m_log

private

m_maintenance_pipe_r

int XrdTlsTempCA::m_maintenance_pipe_r {-1}

private

Read and write ends of a pipe to communicate between the parent object and the maintenance thread.

m_maintenance_pipe_w

int XrdTlsTempCA::m_maintenance_pipe_w {-1}

private

m_maintenance_thread_pipe_r

int XrdTlsTempCA::m_maintenance_thread_pipe_r {-1}

private

m_maintenance_thread_pipe_w

int XrdTlsTempCA::m_maintenance_thread_pipe_w {-1}

private

m_update_interval

constexpr unsigned XrdTlsTempCA::m_update_interval = 900

staticconstexprprivate

m_update_interval_failure

constexpr unsigned XrdTlsTempCA::m_update_interval_failure = 10

staticconstexprprivate

---

The documentation for this class was generated from the following file:

• XrdTlsTempCA.hh