xrootd
|
#include <XrdTlsTempCA.hh>
Classes | |
class | TempCAGuard |
Public Member Functions | |
XrdTlsTempCA (XrdSysError *log, std::string ca_dir) | |
~XrdTlsTempCA () | |
bool | IsValid () const |
std::string | CAFilename () const |
std::string | CRLFilename () const |
bool | atLeastOneValidCRLFound () const |
Private Member Functions | |
bool | Maintenance () |
Static Private Member Functions | |
static void * | MaintenanceThread (void *myself_raw) |
Private Attributes | |
int | m_maintenance_pipe_r {-1} |
int | m_maintenance_pipe_w {-1} |
int | m_maintenance_thread_pipe_r {-1} |
int | m_maintenance_thread_pipe_w {-1} |
XrdSysError & | m_log |
const std::string | m_ca_dir |
std::shared_ptr< std::string > | m_ca_file |
std::shared_ptr< std::string > | m_crl_file |
bool | m_atLeastOneCRLFound = false |
Static Private Attributes | |
static constexpr unsigned | m_update_interval = 900 |
static constexpr unsigned | m_update_interval_failure = 10 |
This class provides manages a "CA file" that is a concatenation of all the CAs in a given CA directory. This is useful in TLS contexts where, instead of loading all CAs for each connection, we only want to load a single file.
This will hand out the CA file directly, allowing external libraries (such as libcurl) do the loading of CAs directly.
XrdTlsTempCA::XrdTlsTempCA | ( | XrdSysError * | log, |
std::string | ca_dir | ||
) |
XrdTlsTempCA::~XrdTlsTempCA | ( | ) |
|
inline |
Returns true if a valid CRL file has been found during the Maintenance thread execution false otherwise
References m_atLeastOneCRLFound.
|
inline |
Returns the current location of the CA temp file.
References m_ca_file.
|
inline |
Returns the current location of the CA temp file.
References m_crl_file.
|
inline |
Returns true if object is valid.
References m_ca_file, and m_crl_file.
|
private |
Run the CA maintenance routines. This will go through the CA directory, concatenate the CA contents into a single PEM file, and delete the prior copy of the concatenated CA certs.
|
staticprivate |
Thread managing the invocation of the CA maintenance routines
|
private |
Referenced by atLeastOneValidCRLFound().
|
private |
|
private |
Referenced by CAFilename(), and IsValid().
|
private |
Referenced by CRLFilename(), and IsValid().
|
private |
|
private |
Read and write ends of a pipe to communicate between the parent object and the maintenance thread.
|
private |
|
private |
|
private |
|
staticconstexprprivate |
|
staticconstexprprivate |