Implement TLS on streams
We need to support TLS sockets. A socket layer should be able to upgrade a connection (STARTTLS
) and should default to TLS socket option and fall back to a TLS library (openssl or something) if it fails to do so. Furthermore it should support to fall back directly to user land libraries if the user desires to do so.
We should implement a wrapper class similar to connection_line_buffer
that passes data along unencrypted until the start of TLS is triggered (which might be at setup time). The initialization of TLS can be implemented by worker classes that either enable the socket option or change the function pointers to a wrapper around user space encryption libraries. These classes are supposed to be queued by priority and if the first one fails to set up, the next ones tries to do so. This list is supposed to be configurable by the user at runtime.
The corresponding files should reside within rmrf::net::crypto
.