SSL cleanup: moving some OpenSSL definitions to new dir folly/io/async/ssl

[folly.git] / folly / io / async / AsyncSSLSocket.h

diff --git a/folly/io/async/AsyncSSLSocket.h b/folly/io/async/AsyncSSLSocket.h
index 4ab048603ada9f546b69e43d898e2e1b42ad5bf6..2e4d5bacbeee648cb9725bb8bb37e5cf2d1dc1c0 100644 (file)
--- a/folly/io/async/AsyncSSLSocket.h
+++ b/folly/io/async/AsyncSSLSocket.h
@@ -22,10 +22,12 @@
 #include <folly/Optional.h>
 #include <folly/String.h>
 #include <folly/io/async/AsyncSocket.h>
-#include <folly/io/async/SSLContext.h>
 #include <folly/io/async/AsyncTimeout.h>
-#include <folly/io/async/OpenSSLPtrTypes.h>
+#include <folly/io/async/SSLContext.h>
 #include <folly/io/async/TimeoutManager.h>
+#include <folly/io/async/ssl/OpenSSLPtrTypes.h>
+#include <folly/io/async/ssl/OpenSSLUtils.h>
+#include <folly/io/async/ssl/TLSDefinitions.h>
 
 #include <folly/Bits.h>
 #include <folly/io/IOBuf.h>
@@ -652,68 +654,8 @@ class AsyncSSLSocket : public virtual AsyncSocket {
       int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
   static const char* getSSLServerNameFromSSL(SSL* ssl);
 
-  // http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
-  enum class TLSExtension: uint16_t {
-    SERVER_NAME = 0,
-    MAX_FRAGMENT_LENGTH = 1,
-    CLIENT_CERTIFICATE_URL = 2,
-    TRUSTED_CA_KEYS = 3,
-    TRUNCATED_HMAC = 4,
-    STATUS_REQUEST = 5,
-    USER_MAPPING = 6,
-    CLIENT_AUTHZ = 7,
-    SERVER_AUTHZ = 8,
-    CERT_TYPE = 9,
-    SUPPORTED_GROUPS = 10,
-    EC_POINT_FORMATS = 11,
-    SRP = 12,
-    SIGNATURE_ALGORITHMS = 13,
-    USE_SRTP = 14,
-    HEARTBEAT = 15,
-    APPLICATION_LAYER_PROTOCOL_NEGOTIATION = 16,
-    STATUS_REQUEST_V2 = 17,
-    SIGNED_CERTIFICATE_TIMESTAMP = 18,
-    CLIENT_CERTIFICATE_TYPE = 19,
-    SERVER_CERTIFICATE_TYPE = 20,
-    PADDING = 21,
-    ENCRYPT_THEN_MAC = 22,
-    EXTENDED_MASTER_SECRET = 23,
-    SESSION_TICKET = 35,
-    RENEGOTIATION_INFO = 65281
-  };
-
-  // http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-18
-  enum class HashAlgorithm: uint8_t {
-    NONE = 0,
-    MD5 = 1,
-    SHA1 = 2,
-    SHA224 = 3,
-    SHA256 = 4,
-    SHA384 = 5,
-    SHA512 = 6
-  };
-
-  // http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-16
-  enum class SignatureAlgorithm: uint8_t {
-    ANONYMOUS = 0,
-    RSA = 1,
-    DSA = 2,
-    ECDSA = 3
-  };
-
-  struct ClientHelloInfo {
-    folly::IOBufQueue clientHelloBuf_;
-    uint8_t clientHelloMajorVersion_;
-    uint8_t clientHelloMinorVersion_;
-    std::vector<uint16_t> clientHelloCipherSuites_;
-    std::vector<uint8_t> clientHelloCompressionMethods_;
-    std::vector<TLSExtension> clientHelloExtensions_;
-    std::vector<
-      std::pair<HashAlgorithm, SignatureAlgorithm>> clientHelloSigAlgs_;
-  };
-
   // For unit-tests
-  ClientHelloInfo* getClientHelloInfo() const {
+  ssl::ClientHelloInfo* getClientHelloInfo() const {
     return clientHelloInfo_.get();
   }
 
@@ -737,13 +679,13 @@ class AsyncSSLSocket : public virtual AsyncSocket {
   /**
    * Returns the peer certificate, or nullptr if no peer certificate received.
    */
-  virtual X509_UniquePtr getPeerCert() const override {
+  virtual ssl::X509UniquePtr getPeerCert() const override {
     if (!ssl_) {
       return nullptr;
     }
 
     X509* cert = SSL_get_peer_certificate(ssl_);
-    return X509_UniquePtr(cert);
+    return ssl::X509UniquePtr(cert);
   }
 
   /**
@@ -886,7 +828,7 @@ class AsyncSSLSocket : public virtual AsyncSocket {
 
   bool parseClientHello_{false};
   bool cacheAddrOnFailure_{false};
-  std::unique_ptr<ClientHelloInfo> clientHelloInfo_;
+  std::unique_ptr<ssl::ClientHelloInfo> clientHelloInfo_;
 
   // Time taken to complete the ssl handshake.
   std::chrono::steady_clock::time_point handshakeStartTime_;