Refactor: add typedef boost::asio::ssl::context SslContext;

Al2Klimov · Al2Klimov · commit 3b09e1ef6634 · 2024-01-03T18:53:13.000+01:00
diff --git a/lib/base/tlsstream.hpp b/lib/base/tlsstream.hpp
@@ -59,7 +59,7 @@ class SeenStream : public ARS
 struct UnbufferedAsioTlsStreamParams
 {
 	boost::asio::io_context& IoContext;
-	boost::asio::ssl::context& SslContext;
+	SslContext& SslContext;
 	const String& Hostname;
 };
 
@@ -108,7 +108,7 @@ class AsioTlsStream : public boost::asio::buffered_stream<UnbufferedAsioTlsStrea
 {
 public:
 	inline
-	AsioTlsStream(boost::asio::io_context& ioContext, boost::asio::ssl::context& sslContext, const String& hostname = String())
+	AsioTlsStream(boost::asio::io_context& ioContext, SslContext& sslContext, const String& hostname = String())
 		: AsioTlsStream(UnbufferedAsioTlsStreamParams{ioContext, sslContext, hostname})
 	{
 	}
diff --git a/lib/base/tlsutility.cpp b/lib/base/tlsutility.cpp
@@ -72,18 +72,18 @@ void InitializeOpenSSL()
 	l_SSLInitialized = true;
 }
 
-static void InitSslContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& pubkey, const String& privkey, const String& cakey)
+static void InitSslContext(const Shared<SslContext>::Ptr& context, const String& pubkey, const String& privkey, const String& cakey)
 {
 	char errbuf[256];
 
 	// Enforce TLS v1.2 as minimum
 	context->set_options(
-		boost::asio::ssl::context::default_workarounds |
-		boost::asio::ssl::context::no_compression |
-		boost::asio::ssl::context::no_sslv2 |
-		boost::asio::ssl::context::no_sslv3 |
-		boost::asio::ssl::context::no_tlsv1 |
-		boost::asio::ssl::context::no_tlsv1_1
+		SslContext::default_workarounds |
+		SslContext::no_compression |
+		SslContext::no_sslv2 |
+		SslContext::no_sslv3 |
+		SslContext::no_tlsv1 |
+		SslContext::no_tlsv1_1
 	);
 
 	// Custom TLS flags
@@ -202,13 +202,13 @@ static void InitSslContext(const Shared<boost::asio::ssl::context>::Ptr& context
  * @param cakey CA certificate chain file.
  * @returns An SSL context.
  */
-Shared<boost::asio::ssl::context>::Ptr MakeAsioSslContext(const String& pubkey, const String& privkey, const String& cakey)
+Shared<SslContext>::Ptr MakeAsioSslContext(const String& pubkey, const String& privkey, const String& cakey)
 {
 	namespace ssl = boost::asio::ssl;
 
 	InitializeOpenSSL();
 
-	auto context (Shared<ssl::context>::Make(ssl::context::tls));
+	auto context (Shared<SslContext>::Make(SslContext::tls));
 
 	InitSslContext(context, pubkey, privkey, cakey);
 
@@ -220,7 +220,7 @@ Shared<boost::asio::ssl::context>::Ptr MakeAsioSslContext(const String& pubkey,
  * @param context The ssl context.
  * @param cipherList The ciper list.
  **/
-void SetCipherListToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& cipherList)
+void SetCipherListToSSLContext(const Shared<SslContext>::Ptr& context, const String& cipherList)
 {
 	char errbuf[256];
 
@@ -278,12 +278,12 @@ int ResolveTlsProtocolVersion(const std::string& version) {
 	}
 }
 
-Shared<boost::asio::ssl::context>::Ptr SetupSslContext(String certPath, String keyPath,
+Shared<SslContext>::Ptr SetupSslContext(String certPath, String keyPath,
 	String caPath, String crlPath, String cipherList, String protocolmin, DebugInfo di)
 {
 	namespace ssl = boost::asio::ssl;
 
-	Shared<ssl::context>::Ptr context;
+	Shared<SslContext>::Ptr context;
 
 	try {
 		context = MakeAsioSslContext(certPath, keyPath, caPath);
@@ -327,7 +327,7 @@ Shared<boost::asio::ssl::context>::Ptr SetupSslContext(String certPath, String k
  * @param context The ssl context.
  * @param tlsProtocolmin The minimum TLS protocol version.
  */
-void SetTlsProtocolminToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& tlsProtocolmin)
+void SetTlsProtocolminToSSLContext(const Shared<SslContext>::Ptr& context, const String& tlsProtocolmin)
 {
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
 	int ret = SSL_CTX_set_min_proto_version(context->native_handle(), ResolveTlsProtocolVersion(tlsProtocolmin));
@@ -355,7 +355,7 @@ void SetTlsProtocolminToSSLContext(const Shared<boost::asio::ssl::context>::Ptr&
  * @param context The SSL context.
  * @param crlPath The path to the CRL file.
  */
-void AddCRLToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& crlPath)
+void AddCRLToSSLContext(const Shared<SslContext>::Ptr& context, const String& crlPath)
 {
 	X509_STORE *x509_store = SSL_CTX_get_cert_store(context->native_handle());
 	AddCRLToSSLContext(x509_store, crlPath);
diff --git a/lib/base/tlsutility.hpp b/lib/base/tlsutility.hpp
@@ -38,18 +38,20 @@ const auto LEAF_VALID_FOR  = 60 * 60 * 24 * 397;
 const auto RENEW_THRESHOLD = 60 * 60 * 24 * 30;
 const auto RENEW_INTERVAL  = 60 * 60 * 24;
 
+typedef boost::asio::ssl::context SslContext;
+
 void InitializeOpenSSL();
 
 String GetOpenSSLVersion();
 
-Shared<boost::asio::ssl::context>::Ptr MakeAsioSslContext(const String& pubkey = String(), const String& privkey = String(), const String& cakey = String());
-void AddCRLToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& crlPath);
+Shared<SslContext>::Ptr MakeAsioSslContext(const String& pubkey = String(), const String& privkey = String(), const String& cakey = String());
+void AddCRLToSSLContext(const Shared<SslContext>::Ptr& context, const String& crlPath);
 void AddCRLToSSLContext(X509_STORE *x509_store, const String& crlPath);
-void SetCipherListToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& cipherList);
-void SetTlsProtocolminToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& tlsProtocolmin);
+void SetCipherListToSSLContext(const Shared<SslContext>::Ptr& context, const String& cipherList);
+void SetTlsProtocolminToSSLContext(const Shared<SslContext>::Ptr& context, const String& tlsProtocolmin);
 int ResolveTlsProtocolVersion(const std::string& version);
 
-Shared<boost::asio::ssl::context>::Ptr SetupSslContext(String certPath, String keyPath,
+Shared<SslContext>::Ptr SetupSslContext(String certPath, String keyPath,
 	String caPath, String crlPath, String cipherList, String protocolmin, DebugInfo di);
 
 String GetCertificateCN(const std::shared_ptr<X509>& certificate);
diff --git a/lib/cli/consolecommand.cpp b/lib/cli/consolecommand.cpp
@@ -524,7 +524,7 @@ int ConsoleCommand::RunScriptConsole(ScriptFrame& scriptFrame, const String& con
  */
 Shared<AsioTlsStream>::Ptr ConsoleCommand::Connect()
 {
-	Shared<boost::asio::ssl::context>::Ptr sslContext;
+	Shared<SslContext>::Ptr sslContext;
 
 	try {
 		sslContext = MakeAsioSslContext(Empty, Empty, Empty); //TODO: Add support for cert, key, ca parameters
diff --git a/lib/icingadb/redisconnection.hpp b/lib/icingadb/redisconnection.hpp
@@ -183,7 +183,7 @@ namespace icinga
 		typedef boost::asio::buffered_stream<Tcp::socket> TcpConn;
 		typedef boost::asio::buffered_stream<Unix::socket> UnixConn;
 
-		Shared<boost::asio::ssl::context>::Ptr m_TLSContext;
+		Shared<SslContext>::Ptr m_TLSContext;
 
 		template<class AsyncReadStream>
 		static Value ReadRESP(AsyncReadStream& stream, boost::asio::yield_context& yc);
diff --git a/lib/methods/ifwapichecktask.cpp b/lib/methods/ifwapichecktask.cpp
@@ -497,7 +497,7 @@ void IfwApiCheckTask::ScriptFunc(const Checkable::Ptr& checkable, const CheckRes
 
 	auto& io (IoEngine::Get().GetIoContext());
 	auto strand (Shared<asio::io_context::strand>::Make(io));
-	Shared<asio::ssl::context>::Ptr ctx;
+	Shared<SslContext>::Ptr ctx;
 	double start = Utility::GetTime();
 
 	try {
diff --git a/lib/perfdata/elasticsearchwriter.cpp b/lib/perfdata/elasticsearchwriter.cpp
@@ -602,7 +602,7 @@ OptionalTlsStream ElasticsearchWriter::Connect()
 	bool tls = GetEnableTls();
 
 	if (tls) {
-		Shared<boost::asio::ssl::context>::Ptr sslContext;
+		Shared<SslContext>::Ptr sslContext;
 
 		try {
 			sslContext = MakeAsioSslContext(GetCertPath(), GetKeyPath(), GetCaPath());
diff --git a/lib/perfdata/gelfwriter.cpp b/lib/perfdata/gelfwriter.cpp
@@ -174,7 +174,7 @@ void GelfWriter::ReconnectInternal()
 	bool ssl = GetEnableTls();
 
 	if (ssl) {
-		Shared<boost::asio::ssl::context>::Ptr sslContext;
+		Shared<SslContext>::Ptr sslContext;
 
 		try {
 			sslContext = MakeAsioSslContext(GetCertPath(), GetKeyPath(), GetCaPath());
diff --git a/lib/perfdata/influxdbcommonwriter.cpp b/lib/perfdata/influxdbcommonwriter.cpp
@@ -149,7 +149,7 @@ OptionalTlsStream InfluxdbCommonWriter::Connect()
 	bool ssl = GetSslEnable();
 
 	if (ssl) {
-		Shared<boost::asio::ssl::context>::Ptr sslContext;
+		Shared<SslContext>::Ptr sslContext;
 
 		try {
 			sslContext = MakeAsioSslContext(GetSslCert(), GetSslKey(), GetSslCaCert());
diff --git a/lib/remote/apilistener.hpp b/lib/remote/apilistener.hpp
@@ -161,7 +161,7 @@ class ApiListener final : public ObjectImpl<ApiListener>
 	void ValidateTlsHandshakeTimeout(const Lazy<double>& lvalue, const ValidationUtils& utils) override;
 
 private:
-	Shared<boost::asio::ssl::context>::Ptr m_SSLContext;
+	Shared<SslContext>::Ptr m_SSLContext;
 	boost::shared_mutex m_SSLContextMutex;
 
 	mutable std::mutex m_AnonymousClientsLock;
diff --git a/lib/remote/pkiutility.cpp b/lib/remote/pkiutility.cpp
@@ -83,7 +83,7 @@ int PkiUtility::SignCsr(const String& csrfile, const String& certfile)
 
 std::shared_ptr<X509> PkiUtility::FetchCert(const String& host, const String& port)
 {
-	Shared<boost::asio::ssl::context>::Ptr sslContext;
+	Shared<SslContext>::Ptr sslContext;
 
 	try {
 		sslContext = MakeAsioSslContext();
@@ -151,7 +151,7 @@ int PkiUtility::GenTicket(const String& cn, const String& salt, std::ostream& ti
 int PkiUtility::RequestCertificate(const String& host, const String& port, const String& keyfile,
 	const String& certfile, const String& cafile, const std::shared_ptr<X509>& trustedCert, const String& ticket)
 {
-	Shared<boost::asio::ssl::context>::Ptr sslContext;
+	Shared<SslContext>::Ptr sslContext;
 
 	try {
 		sslContext = MakeAsioSslContext(certfile, keyfile);
diff --git a/plugins/check_nscp_api.cpp b/plugins/check_nscp_api.cpp
@@ -176,7 +176,7 @@ static int FormatOutput(const Dictionary::Ptr& result)
  */
 static Shared<AsioTlsStream>::Ptr Connect(const String& host, const String& port)
 {
-	Shared<boost::asio::ssl::context>::Ptr sslContext;
+	Shared<SslContext>::Ptr sslContext;
 
 	try {
 		sslContext = MakeAsioSslContext(Empty, Empty, Empty); //TODO: Add support for cert, key, ca parameters

Original file line number	Diff line number	Diff line change
`@@ -59,7 +59,7 @@ class SeenStream : public ARS`
`59`	`59`	`struct UnbufferedAsioTlsStreamParams`
`60`	`60`	`{`
`61`	`61`	`boost::asio::io_context& IoContext;`
`62`		`- boost::asio::ssl::context& SslContext;`
	`62`	`+ SslContext& SslContext;`
`63`	`63`	`const String& Hostname;`
`64`	`64`	`};`
`65`	`65`
`@@ -108,7 +108,7 @@ class AsioTlsStream : public boost::asio::buffered_stream<UnbufferedAsioTlsStrea`
`108`	`108`	`{`
`109`	`109`	`public:`
`110`	`110`	`inline`
`111`		`- AsioTlsStream(boost::asio::io_context& ioContext, boost::asio::ssl::context& sslContext, const String& hostname = String())`
	`111`	`+ AsioTlsStream(boost::asio::io_context& ioContext, SslContext& sslContext, const String& hostname = String())`
`112`	`112`	`: AsioTlsStream(UnbufferedAsioTlsStreamParams{ioContext, sslContext, hostname})`
`113`	`113`	`{`
`114`	`114`	`}`
Original file line number	Diff line number	Diff line change
`@@ -524,7 +524,7 @@ int ConsoleCommand::RunScriptConsole(ScriptFrame& scriptFrame, const String& con`
`524`	`524`	`*/`
`525`	`525`	`Shared<AsioTlsStream>::Ptr ConsoleCommand::Connect()`
`526`	`526`	`{`
`527`		`- Shared<boost::asio::ssl::context>::Ptr sslContext;`
	`527`	`+ Shared<SslContext>::Ptr sslContext;`
`528`	`528`
`529`	`529`	`try {`
`530`	`530`	`sslContext = MakeAsioSslContext(Empty, Empty, Empty); //TODO: Add support for cert, key, ca parameters`
Original file line number	Diff line number	Diff line change
`@@ -83,7 +83,7 @@ int PkiUtility::SignCsr(const String& csrfile, const String& certfile)`
`83`	`83`
`84`	`84`	`std::shared_ptr<X509> PkiUtility::FetchCert(const String& host, const String& port)`
`85`	`85`	`{`
`86`		`- Shared<boost::asio::ssl::context>::Ptr sslContext;`
	`86`	`+ Shared<SslContext>::Ptr sslContext;`
`87`	`87`
`88`	`88`	`try {`
`89`	`89`	`sslContext = MakeAsioSslContext();`
`@@ -151,7 +151,7 @@ int PkiUtility::GenTicket(const String& cn, const String& salt, std::ostream& ti`
`151`	`151`	`int PkiUtility::RequestCertificate(const String& host, const String& port, const String& keyfile,`
`152`	`152`	`const String& certfile, const String& cafile, const std::shared_ptr<X509>& trustedCert, const String& ticket)`
`153`	`153`	`{`
`154`		`- Shared<boost::asio::ssl::context>::Ptr sslContext;`
	`154`	`+ Shared<SslContext>::Ptr sslContext;`
`155`	`155`
`156`	`156`	`try {`
`157`	`157`	`sslContext = MakeAsioSslContext(certfile, keyfile);`
Original file line number	Diff line number	Diff line change
`@@ -176,7 +176,7 @@ static int FormatOutput(const Dictionary::Ptr& result)`
`176`	`176`	`*/`
`177`	`177`	`static Shared<AsioTlsStream>::Ptr Connect(const String& host, const String& port)`
`178`	`178`	`{`
`179`		`- Shared<boost::asio::ssl::context>::Ptr sslContext;`
	`179`	`+ Shared<SslContext>::Ptr sslContext;`
`180`	`180`
`181`	`181`	`try {`
`182`	`182`	`sslContext = MakeAsioSslContext(Empty, Empty, Empty); //TODO: Add support for cert, key, ca parameters`