lib/net: Pass connection security level to within socket classes

2021-11-01 04:50:13 +02:00 · 2021-11-01 04:50:13 +02:00 · 57769cffda
parent 5c7d7194d5
commit 57769cffda
5 changed files with 31 additions and 28 deletions
--- a/src/lib/net/SecureListenSocket.cpp
+++ b/src/lib/net/SecureListenSocket.cpp
@ -25,11 +25,11 @@
 #include "common/DataDirectories.h"
 #include "base/String.h"

-SecureListenSocket::SecureListenSocket(
-        IEventQueue* events,
-        SocketMultiplexer* socketMultiplexer,
-        IArchNetwork::EAddressFamily family) :
-    TCPListenSocket(events, socketMultiplexer, family)
+SecureListenSocket::SecureListenSocket(IEventQueue* events, SocketMultiplexer* socketMultiplexer,
+                                       IArchNetwork::EAddressFamily family,
+                                       ConnectionSecurityLevel security_level) :
+    TCPListenSocket(events, socketMultiplexer, family),
+    security_level_{security_level}
 {
 }

@ -38,10 +38,8 @@ SecureListenSocket::accept()
 {
    SecureSocket* socket = NULL;
    try {
-        socket = new SecureSocket(
-                        m_events,
-                        m_socketMultiplexer,
-                        ARCH->acceptSocket(m_socket, NULL));
+        socket = new SecureSocket(m_events, m_socketMultiplexer,
+                                  ARCH->acceptSocket(m_socket, NULL), security_level_);
        socket->initSsl(true);

        if (socket != NULL) {
--- a/src/lib/net/SecureListenSocket.h
+++ b/src/lib/net/SecureListenSocket.h
@ -19,6 +19,7 @@

 #include "net/TCPListenSocket.h"
 #include "common/stdset.h"
+#include "ConnectionSecurityLevel.h"

 class IEventQueue;
 class SocketMultiplexer;
@ -26,11 +27,13 @@ class IDataSocket;

 class SecureListenSocket : public TCPListenSocket {
 public:
-    SecureListenSocket(IEventQueue* events,
-        SocketMultiplexer* socketMultiplexer,
-        IArchNetwork::EAddressFamily family);
+    SecureListenSocket(IEventQueue* events, SocketMultiplexer* socketMultiplexer,
+                       IArchNetwork::EAddressFamily family,
+                       ConnectionSecurityLevel security_level);

    // IListenSocket overrides
    virtual IDataSocket*
                        accept();
+private:
+    ConnectionSecurityLevel security_level_;
 };
--- a/src/lib/net/SecureSocket.cpp
+++ b/src/lib/net/SecureSocket.cpp
@ -54,25 +54,24 @@ struct Ssl {
    SSL*        m_ssl;
 };

-SecureSocket::SecureSocket(
-        IEventQueue* events,
-        SocketMultiplexer* socketMultiplexer,
-        IArchNetwork::EAddressFamily family) :
+SecureSocket::SecureSocket(IEventQueue* events, SocketMultiplexer* socketMultiplexer,
+                           IArchNetwork::EAddressFamily family,
+                           ConnectionSecurityLevel security_level) :
    TCPSocket(events, socketMultiplexer, family),
    m_ssl(nullptr),
    m_secureReady(false),
-    m_fatal(false)
+    m_fatal(false),
+    security_level_{security_level}
 {
 }

-SecureSocket::SecureSocket(
-        IEventQueue* events,
-        SocketMultiplexer* socketMultiplexer,
-        ArchSocket socket) :
+SecureSocket::SecureSocket(IEventQueue* events, SocketMultiplexer* socketMultiplexer,
+                           ArchSocket socket, ConnectionSecurityLevel security_level) :
    TCPSocket(events, socketMultiplexer, socket),
    m_ssl(nullptr),
    m_secureReady(false),
-    m_fatal(false)
+    m_fatal(false),
+    security_level_{security_level}
 {
 }

--- a/src/lib/net/SecureSocket.h
+++ b/src/lib/net/SecureSocket.h
@ -17,6 +17,7 @@

 #pragma once

+#include "ConnectionSecurityLevel.h"
 #include "net/TCPSocket.h"
 #include "net/XSocket.h"
 #include "io/filesystem.h"
@ -33,10 +34,10 @@ A secure socket using SSL.
 */
 class SecureSocket : public TCPSocket {
 public:
-    SecureSocket(IEventQueue* events, SocketMultiplexer* socketMultiplexer, IArchNetwork::EAddressFamily family);
-    SecureSocket(IEventQueue* events,
-        SocketMultiplexer* socketMultiplexer,
-        ArchSocket socket);
+    SecureSocket(IEventQueue* events, SocketMultiplexer* socketMultiplexer,
+                 IArchNetwork::EAddressFamily family, ConnectionSecurityLevel security_level);
+    SecureSocket(IEventQueue* events, SocketMultiplexer* socketMultiplexer,
+                 ArchSocket socket, ConnectionSecurityLevel security_level);
    ~SecureSocket();

    // ISocket overrides
@ -86,4 +87,5 @@ private:
    Ssl*                m_ssl;
    bool                m_secureReady;
    bool                m_fatal;
+    ConnectionSecurityLevel security_level_ = ConnectionSecurityLevel::ENCRYPTED;
 };
--- a/src/lib/net/TCPSocketFactory.cpp
+++ b/src/lib/net/TCPSocketFactory.cpp
@ -44,7 +44,8 @@ IDataSocket* TCPSocketFactory::create(IArchNetwork::EAddressFamily family,
                                      ConnectionSecurityLevel security_level) const
 {
    if (security_level != ConnectionSecurityLevel::PLAINTEXT) {
-        SecureSocket* secureSocket = new SecureSocket(m_events, m_socketMultiplexer, family);
+        SecureSocket* secureSocket = new SecureSocket(m_events, m_socketMultiplexer, family,
+                                                      security_level);
        secureSocket->initSsl (false);
        return secureSocket;
    }
@ -58,7 +59,7 @@ IListenSocket* TCPSocketFactory::createListen(IArchNetwork::EAddressFamily famil
 {
    IListenSocket* socket = NULL;
    if (security_level != ConnectionSecurityLevel::PLAINTEXT) {
-        socket = new SecureListenSocket(m_events, m_socketMultiplexer, family);
+        socket = new SecureListenSocket(m_events, m_socketMultiplexer, family, security_level);
    }
    else {
        socket = new TCPListenSocket(m_events, m_socketMultiplexer, family);