This file is indexed.

/usr/include/sipxtapi/os/OsSSLConnectionSocket.h is in libsipxtapi-dev 3.3.0~test17-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
//
// Copyright (C) 2004-2006 SIPfoundry Inc.
// Licensed by SIPfoundry under the LGPL license.
//
// Copyright (C) 2004-2006 Pingtel Corp.  All rights reserved.
// Licensed to SIPfoundry under a Contributor Agreement.
//
// $$
///////////////////////////////////////////////////////////////////////////////

#ifndef _OsSSLConnectionSocket_h_
#define _OsSSLConnectionSocket_h_

#ifdef HAVE_SSL

// SYSTEM INCLUDES
//#include <...>

// APPLICATION INCLUDES                      
#include <utl/UtlSList.h>
#include <utl/UtlString.h>
#include <os/OsConnectionSocket.h>

#include <openssl/crypto.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/ssl.h>
#include <openssl/err.h>

// DEFINES
// MACROS
// EXTERNAL FUNCTIONS                                       
// EXTERNAL VARIABLES
// CONSTANTS
// STRUCTS
// TYPEDEFS
// FORWARD DECLARATIONS

/// Implements TLS version of OsSocket
class OsSSLConnectionSocket : public OsConnectionSocket
{
/* //////////////////////////// PUBLIC //////////////////////////////////// */
public:

/* ============================ CREATORS ================================== */

   OsSSLConnectionSocket(int         remoteHostPort,
                         const char* remoteHostName,
                         long        timeoutInSecs = 0
                         );

   OsSSLConnectionSocket(int connectedSocketDescriptor, long timeoutInSecs = 0); 

   OsSSLConnectionSocket(SSL *s, int connectedSocketDescriptor);

  virtual
   ~OsSSLConnectionSocket();
     //:Destructor

/* ============================ MANIPULATORS ============================== */
 
   virtual UtlBoolean reconnect();
   //: Sets up the connection again, assuming the connection failed

   virtual int write(const char* buffer, int bufferLength);
   //:Blocking write to the socket
   // Write the characters in the given buffer to the socket.
   // This method will block until all of the bytes are written.
   //!param: buffer - The bytes to be written to the socket.
   //!param: bufferLength - The number of bytes contained in buffer.
   //!returns: The number of bytes actually written to the socket.
   //!returns: <br>Note: This does not necessarily mean that the bytes were 
   //!returns: actually received on the other end.

   virtual int write(const char* buffer, int bufferLength, long waitMilliseconds);
   //:Non-blocking or limited blocking write to socket
   // Same as blocking version except that this write will block
   // for no more than the specified length of time.
   //!param: waitMilliseconds - The maximum number of milliseconds to block. This may be set to zero, in which case it does not block.

   virtual int read(char* buffer, int bufferLength);
   //:Blocking read from the socket
   // Read bytes into the buffer from the socket up to a maximum of 
   // bufferLength bytes.  This method will block until there is
   // something to read from the socket.
   //!param: buffer - Place to put bytes read from the socket.
   //!param: bufferLength - The maximum number of bytes buffer will hold.
   //!returns: The number of bytes actually read.

   virtual int read(char* buffer, int bufferLength, 
                    UtlString* ipAddress, int* port);
   //:Blocking read from the socket
   // Read bytes into the buffer from the socket up to a maximum of 
   // bufferLength bytes.  This method will block until there is
   // something to read from the socket.
   //!param: buffer - Place to put bytes read from the socket.
   //!param: bufferLength - The maximum number of bytes buffer will hold.
   //!param: ipAddress - The address of the socket that sent the bytes read.
   //!param: port - The port of the socket that sent the bytes read.
   //!returns: The number of bytes actually read.

   virtual int read(char* buffer, int bufferLength, long waitMilliseconds);
   //: Non-blocking or limited blocking read from socket
   // Same as blocking version except that this read will block
   // for no more than the specified length of time.
   //!param: waitMilliseconds - The maximum number of milliseconds to block. This may be set to zero in which case it does not block.

/* ============================ ACCESSORS ================================= */

   virtual void close();
   //: Closes the SSL socket

/* ============================ INQUIRY =================================== */

   virtual OsSocket::IpProtocolSocketType getIpProtocol() const;
   //: Returns the protocol type of this socket

   /// Is this connection encrypted using TLS/SSL?
   virtual bool isEncrypted() const;
   
   /// Get any authenticated peer host names.
   virtual bool peerIdentity( UtlSList* altNames /**< UtlStrings for verfied subjectAltNames
                                                  *   are added to this - caller must free them.
                                                  */
                             ,UtlString* commonName ///< the Subject name is returned here
                             ) const;
   /**<
    * Usually, the names in the altNames will be easier to parse and use than commonName
    * Either or both of altNames or commonName may be NULL, in which case no names are returned;
    * the return value still indicates the trust relationship with the peer certificate.
    * @returns
    * - true if the connection is TLS/SSL and the peer has presented
    *        a certificate signed by a trusted certificate authority
    * - false if not
    */

/* //////////////////////////// PROTECTED ///////////////////////////////// */
protected:

/* //////////////////////////// PRIVATE /////////////////////////////////// */
private:
   SSL*     mSSL;

   // cached copies of peer information - parsing the cert is expensive
   mutable enum 
   {
      NOT_IDENTIFIED,
      TRUSTED,
      UNTRUSTED
   }         mPeerIdentity;
   mutable UtlSList  mAltNames;
   mutable UtlString mCommonName;

   UtlBoolean mbExternalSSLSocket;
     //:Should this object clean up SSL when shutdown.
     //:It shouldn't if SSL is managed by a parent class
   void SSLInitSocket(int socket, long timeoutInSecs);

   OsSSLConnectionSocket(const OsSSLConnectionSocket& rOsSSLConnectionSocket);
     //:Disable copy constructor

   OsSSLConnectionSocket();
     //:Disable default constructor

   OsSSLConnectionSocket& operator=(const OsSSLConnectionSocket& rhs);
     //:Disable Assignment operator
};

/* ============================ INLINE METHODS ============================ */

#endif // HAVE_SSL

#endif  // _OsSSLConnectionSocket_h_