diff options
author | Anas Nashif <anas.nashif@intel.com> | 2012-10-30 12:57:26 -0700 |
---|---|---|
committer | Anas Nashif <anas.nashif@intel.com> | 2012-10-30 12:57:26 -0700 |
commit | 1a78a62555be32868418fe52f8e330c9d0f95d5a (patch) | |
tree | d3765a80e7d3b9640ec2e930743630cd6b9fce2b /boost/asio/ssl/impl | |
download | boost-1a78a62555be32868418fe52f8e330c9d0f95d5a.tar.gz boost-1a78a62555be32868418fe52f8e330c9d0f95d5a.tar.bz2 boost-1a78a62555be32868418fe52f8e330c9d0f95d5a.zip |
Imported Upstream version 1.49.0upstream/1.49.0
Diffstat (limited to 'boost/asio/ssl/impl')
-rw-r--r-- | boost/asio/ssl/impl/context.hpp | 73 | ||||
-rw-r--r-- | boost/asio/ssl/impl/context.ipp | 527 | ||||
-rw-r--r-- | boost/asio/ssl/impl/error.ipp | 59 | ||||
-rw-r--r-- | boost/asio/ssl/impl/rfc2818_verification.ipp | 158 | ||||
-rw-r--r-- | boost/asio/ssl/impl/src.hpp | 28 |
5 files changed, 845 insertions, 0 deletions
diff --git a/boost/asio/ssl/impl/context.hpp b/boost/asio/ssl/impl/context.hpp new file mode 100644 index 0000000000..1ab03b91cf --- /dev/null +++ b/boost/asio/ssl/impl/context.hpp @@ -0,0 +1,73 @@ +// +// ssl/impl/context.hpp +// ~~~~~~~~~~~~~~~~~~~~ +// +// Copyright (c) 2005 Voipster / Indrek dot Juhani at voipster dot com +// Copyright (c) 2005-2012 Christopher M. Kohlhoff (chris at kohlhoff dot com) +// +// Distributed under the Boost Software License, Version 1.0. (See accompanying +// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) +// + +#ifndef BOOST_ASIO_SSL_IMPL_CONTEXT_HPP +#define BOOST_ASIO_SSL_IMPL_CONTEXT_HPP + +#if defined(_MSC_VER) && (_MSC_VER >= 1200) +# pragma once +#endif // defined(_MSC_VER) && (_MSC_VER >= 1200) + +#include <boost/asio/detail/config.hpp> + +#if !defined(BOOST_ASIO_ENABLE_OLD_SSL) +# include <boost/asio/detail/throw_error.hpp> +#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL) + +#include <boost/asio/detail/push_options.hpp> + +namespace boost { +namespace asio { +namespace ssl { + +#if !defined(BOOST_ASIO_ENABLE_OLD_SSL) + +template <typename VerifyCallback> +void context::set_verify_callback(VerifyCallback callback) +{ + boost::system::error_code ec; + this->set_verify_callback(callback, ec); + boost::asio::detail::throw_error(ec, "set_verify_callback"); +} + +template <typename VerifyCallback> +boost::system::error_code context::set_verify_callback( + VerifyCallback callback, boost::system::error_code& ec) +{ + return do_set_verify_callback( + new detail::verify_callback<VerifyCallback>(callback), ec); +} + +template <typename PasswordCallback> +void context::set_password_callback(PasswordCallback callback) +{ + boost::system::error_code ec; + this->set_password_callback(callback, ec); + boost::asio::detail::throw_error(ec, "set_password_callback"); +} + +template <typename PasswordCallback> +boost::system::error_code context::set_password_callback( + PasswordCallback callback, boost::system::error_code& ec) +{ + return do_set_password_callback( + new detail::password_callback<PasswordCallback>(callback), ec); +} + +#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL) + +} // namespace ssl +} // namespace asio +} // namespace boost + +#include <boost/asio/detail/pop_options.hpp> + +#endif // BOOST_ASIO_SSL_IMPL_CONTEXT_HPP diff --git a/boost/asio/ssl/impl/context.ipp b/boost/asio/ssl/impl/context.ipp new file mode 100644 index 0000000000..54f4fd15d1 --- /dev/null +++ b/boost/asio/ssl/impl/context.ipp @@ -0,0 +1,527 @@ +// +// ssl/impl/context.ipp +// ~~~~~~~~~~~~~~~~~~~~ +// +// Copyright (c) 2005 Voipster / Indrek dot Juhani at voipster dot com +// Copyright (c) 2005-2012 Christopher M. Kohlhoff (chris at kohlhoff dot com) +// +// Distributed under the Boost Software License, Version 1.0. (See accompanying +// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) +// + +#ifndef BOOST_ASIO_SSL_IMPL_CONTEXT_IPP +#define BOOST_ASIO_SSL_IMPL_CONTEXT_IPP + +#if defined(_MSC_VER) && (_MSC_VER >= 1200) +# pragma once +#endif // defined(_MSC_VER) && (_MSC_VER >= 1200) + +#include <boost/asio/detail/config.hpp> + +#if !defined(BOOST_ASIO_ENABLE_OLD_SSL) +# include <cstring> +# include <boost/asio/detail/throw_error.hpp> +# include <boost/asio/error.hpp> +# include <boost/asio/ssl/context.hpp> +# include <boost/asio/ssl/error.hpp> +#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL) + +#include <boost/asio/detail/push_options.hpp> + +namespace boost { +namespace asio { +namespace ssl { + +#if !defined(BOOST_ASIO_ENABLE_OLD_SSL) + +context::context(context::method m) + : handle_(0) +{ + switch (m) + { +#if defined(OPENSSL_NO_SSL2) + case context::sslv2: + case context::sslv2_client: + case context::sslv2_server: + boost::asio::detail::throw_error( + boost::asio::error::invalid_argument, "context"); + break; +#else // defined(OPENSSL_NO_SSL2) + case context::sslv2: + handle_ = ::SSL_CTX_new(::SSLv2_method()); + break; + case context::sslv2_client: + handle_ = ::SSL_CTX_new(::SSLv2_client_method()); + break; + case context::sslv2_server: + handle_ = ::SSL_CTX_new(::SSLv2_server_method()); + break; +#endif // defined(OPENSSL_NO_SSL2) + case context::sslv3: + handle_ = ::SSL_CTX_new(::SSLv3_method()); + break; + case context::sslv3_client: + handle_ = ::SSL_CTX_new(::SSLv3_client_method()); + break; + case context::sslv3_server: + handle_ = ::SSL_CTX_new(::SSLv3_server_method()); + break; + case context::tlsv1: + handle_ = ::SSL_CTX_new(::TLSv1_method()); + break; + case context::tlsv1_client: + handle_ = ::SSL_CTX_new(::TLSv1_client_method()); + break; + case context::tlsv1_server: + handle_ = ::SSL_CTX_new(::TLSv1_server_method()); + break; + case context::sslv23: + handle_ = ::SSL_CTX_new(::SSLv23_method()); + break; + case context::sslv23_client: + handle_ = ::SSL_CTX_new(::SSLv23_client_method()); + break; + case context::sslv23_server: + handle_ = ::SSL_CTX_new(::SSLv23_server_method()); + break; + default: + handle_ = ::SSL_CTX_new(0); + break; + } + + if (handle_ == 0) + { + boost::system::error_code ec(::ERR_get_error(), + boost::asio::error::get_ssl_category()); + boost::asio::detail::throw_error(ec, "context"); + } +} + +context::context(boost::asio::io_service&, context::method m) + : handle_(0) +{ + context tmp(m); + handle_ = tmp.handle_; + tmp.handle_ = 0; +} + +#if defined(BOOST_ASIO_HAS_MOVE) || defined(GENERATING_DOCUMENTATION) +context::context(context&& other) +{ + handle_ = other.handle_; + other.handle_ = 0; +} + +context& context::operator=(context&& other) +{ + context tmp(BOOST_ASIO_MOVE_CAST(context)(*this)); + handle_ = other.handle_; + other.handle_ = 0; + return *this; +} +#endif // defined(BOOST_ASIO_HAS_MOVE) || defined(GENERATING_DOCUMENTATION) + +context::~context() +{ + if (handle_) + { + if (handle_->default_passwd_callback_userdata) + { + detail::password_callback_base* callback = + static_cast<detail::password_callback_base*>( + handle_->default_passwd_callback_userdata); + delete callback; + handle_->default_passwd_callback_userdata = 0; + } + + if (SSL_CTX_get_app_data(handle_)) + { + detail::verify_callback_base* callback = + static_cast<detail::verify_callback_base*>( + SSL_CTX_get_app_data(handle_)); + delete callback; + SSL_CTX_set_app_data(handle_, 0); + } + + ::SSL_CTX_free(handle_); + } +} + +context::native_handle_type context::native_handle() +{ + return handle_; +} + +context::impl_type context::impl() +{ + return handle_; +} + +void context::set_options(context::options o) +{ + boost::system::error_code ec; + set_options(o, ec); + boost::asio::detail::throw_error(ec, "set_options"); +} + +boost::system::error_code context::set_options( + context::options o, boost::system::error_code& ec) +{ + ::SSL_CTX_set_options(handle_, o); + + ec = boost::system::error_code(); + return ec; +} + +void context::set_verify_mode(verify_mode v) +{ + boost::system::error_code ec; + set_verify_mode(v, ec); + boost::asio::detail::throw_error(ec, "set_verify_mode"); +} + +boost::system::error_code context::set_verify_mode( + verify_mode v, boost::system::error_code& ec) +{ + ::SSL_CTX_set_verify(handle_, v, ::SSL_CTX_get_verify_callback(handle_)); + + ec = boost::system::error_code(); + return ec; +} + +void context::load_verify_file(const std::string& filename) +{ + boost::system::error_code ec; + load_verify_file(filename, ec); + boost::asio::detail::throw_error(ec, "load_verify_file"); +} + +boost::system::error_code context::load_verify_file( + const std::string& filename, boost::system::error_code& ec) +{ + if (::SSL_CTX_load_verify_locations(handle_, filename.c_str(), 0) != 1) + { + ec = boost::system::error_code(::ERR_get_error(), + boost::asio::error::get_ssl_category()); + return ec; + } + + ec = boost::system::error_code(); + return ec; +} + +void context::set_default_verify_paths() +{ + boost::system::error_code ec; + set_default_verify_paths(ec); + boost::asio::detail::throw_error(ec, "set_default_verify_paths"); +} + +boost::system::error_code context::set_default_verify_paths( + boost::system::error_code& ec) +{ + if (::SSL_CTX_set_default_verify_paths(handle_) != 1) + { + ec = boost::system::error_code(::ERR_get_error(), + boost::asio::error::get_ssl_category()); + return ec; + } + + ec = boost::system::error_code(); + return ec; +} + +void context::add_verify_path(const std::string& path) +{ + boost::system::error_code ec; + add_verify_path(path, ec); + boost::asio::detail::throw_error(ec, "add_verify_path"); +} + +boost::system::error_code context::add_verify_path( + const std::string& path, boost::system::error_code& ec) +{ + if (::SSL_CTX_load_verify_locations(handle_, 0, path.c_str()) != 1) + { + ec = boost::system::error_code(::ERR_get_error(), + boost::asio::error::get_ssl_category()); + return ec; + } + + ec = boost::system::error_code(); + return ec; +} + +void context::use_certificate_file( + const std::string& filename, file_format format) +{ + boost::system::error_code ec; + use_certificate_file(filename, format, ec); + boost::asio::detail::throw_error(ec, "use_certificate_file"); +} + +boost::system::error_code context::use_certificate_file( + const std::string& filename, file_format format, + boost::system::error_code& ec) +{ + int file_type; + switch (format) + { + case context_base::asn1: + file_type = SSL_FILETYPE_ASN1; + break; + case context_base::pem: + file_type = SSL_FILETYPE_PEM; + break; + default: + { + ec = boost::asio::error::invalid_argument; + return ec; + } + } + + if (::SSL_CTX_use_certificate_file(handle_, filename.c_str(), file_type) != 1) + { + ec = boost::system::error_code(::ERR_get_error(), + boost::asio::error::get_ssl_category()); + return ec; + } + + ec = boost::system::error_code(); + return ec; +} + +void context::use_certificate_chain_file(const std::string& filename) +{ + boost::system::error_code ec; + use_certificate_chain_file(filename, ec); + boost::asio::detail::throw_error(ec, "use_certificate_chain_file"); +} + +boost::system::error_code context::use_certificate_chain_file( + const std::string& filename, boost::system::error_code& ec) +{ + if (::SSL_CTX_use_certificate_chain_file(handle_, filename.c_str()) != 1) + { + ec = boost::system::error_code(::ERR_get_error(), + boost::asio::error::get_ssl_category()); + return ec; + } + + ec = boost::system::error_code(); + return ec; +} + +void context::use_private_key_file( + const std::string& filename, context::file_format format) +{ + boost::system::error_code ec; + use_private_key_file(filename, format, ec); + boost::asio::detail::throw_error(ec, "use_private_key_file"); +} + +boost::system::error_code context::use_private_key_file( + const std::string& filename, context::file_format format, + boost::system::error_code& ec) +{ + int file_type; + switch (format) + { + case context_base::asn1: + file_type = SSL_FILETYPE_ASN1; + break; + case context_base::pem: + file_type = SSL_FILETYPE_PEM; + break; + default: + { + ec = boost::asio::error::invalid_argument; + return ec; + } + } + + if (::SSL_CTX_use_PrivateKey_file(handle_, filename.c_str(), file_type) != 1) + { + ec = boost::system::error_code(::ERR_get_error(), + boost::asio::error::get_ssl_category()); + return ec; + } + + ec = boost::system::error_code(); + return ec; +} + +void context::use_rsa_private_key_file( + const std::string& filename, context::file_format format) +{ + boost::system::error_code ec; + use_rsa_private_key_file(filename, format, ec); + boost::asio::detail::throw_error(ec, "use_rsa_private_key_file"); +} + +boost::system::error_code context::use_rsa_private_key_file( + const std::string& filename, context::file_format format, + boost::system::error_code& ec) +{ + int file_type; + switch (format) + { + case context_base::asn1: + file_type = SSL_FILETYPE_ASN1; + break; + case context_base::pem: + file_type = SSL_FILETYPE_PEM; + break; + default: + { + ec = boost::asio::error::invalid_argument; + return ec; + } + } + + if (::SSL_CTX_use_RSAPrivateKey_file( + handle_, filename.c_str(), file_type) != 1) + { + ec = boost::system::error_code(::ERR_get_error(), + boost::asio::error::get_ssl_category()); + return ec; + } + + ec = boost::system::error_code(); + return ec; +} + +void context::use_tmp_dh_file(const std::string& filename) +{ + boost::system::error_code ec; + use_tmp_dh_file(filename, ec); + boost::asio::detail::throw_error(ec, "use_tmp_dh_file"); +} + +boost::system::error_code context::use_tmp_dh_file( + const std::string& filename, boost::system::error_code& ec) +{ + ::BIO* bio = ::BIO_new_file(filename.c_str(), "r"); + if (!bio) + { + ec = boost::asio::error::invalid_argument; + return ec; + } + + ::DH* dh = ::PEM_read_bio_DHparams(bio, 0, 0, 0); + if (!dh) + { + ::BIO_free(bio); + ec = boost::asio::error::invalid_argument; + return ec; + } + + ::BIO_free(bio); + int result = ::SSL_CTX_set_tmp_dh(handle_, dh); + ::DH_free(dh); + if (result != 1) + { + ec = boost::system::error_code(::ERR_get_error(), + boost::asio::error::get_ssl_category()); + return ec; + } + + ec = boost::system::error_code(); + return ec; +} + +boost::system::error_code context::do_set_verify_callback( + detail::verify_callback_base* callback, boost::system::error_code& ec) +{ + if (SSL_CTX_get_app_data(handle_)) + { + delete static_cast<detail::verify_callback_base*>( + SSL_CTX_get_app_data(handle_)); + } + + SSL_CTX_set_app_data(handle_, callback); + + ::SSL_CTX_set_verify(handle_, + ::SSL_CTX_get_verify_mode(handle_), + &context::verify_callback_function); + + ec = boost::system::error_code(); + return ec; +} + +int context::verify_callback_function(int preverified, X509_STORE_CTX* ctx) +{ + if (ctx) + { + if (SSL* ssl = static_cast<SSL*>( + ::X509_STORE_CTX_get_ex_data( + ctx, ::SSL_get_ex_data_X509_STORE_CTX_idx()))) + { + if (SSL_CTX* handle = ::SSL_get_SSL_CTX(ssl)) + { + if (SSL_CTX_get_app_data(handle)) + { + detail::verify_callback_base* callback = + static_cast<detail::verify_callback_base*>( + SSL_CTX_get_app_data(handle)); + + verify_context verify_ctx(ctx); + return callback->call(preverified != 0, verify_ctx) ? 1 : 0; + } + } + } + } + + return 0; +} + +boost::system::error_code context::do_set_password_callback( + detail::password_callback_base* callback, boost::system::error_code& ec) +{ + if (handle_->default_passwd_callback_userdata) + delete static_cast<detail::password_callback_base*>( + handle_->default_passwd_callback_userdata); + + handle_->default_passwd_callback_userdata = callback; + + SSL_CTX_set_default_passwd_cb(handle_, &context::password_callback_function); + + ec = boost::system::error_code(); + return ec; +} + +int context::password_callback_function( + char* buf, int size, int purpose, void* data) +{ + using namespace std; // For strncat and strlen. + + if (data) + { + detail::password_callback_base* callback = + static_cast<detail::password_callback_base*>(data); + + std::string passwd = callback->call(static_cast<std::size_t>(size), + purpose ? context_base::for_writing : context_base::for_reading); + +#if BOOST_WORKAROUND(BOOST_MSVC, >= 1400) && !defined(UNDER_CE) + strcpy_s(buf, size, passwd.c_str()); +#else + *buf = '\0'; + strncat(buf, passwd.c_str(), size); +#endif + + return strlen(buf); + } + + return 0; +} + +#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL) + +} // namespace ssl +} // namespace asio +} // namespace boost + +#include <boost/asio/detail/pop_options.hpp> + +#endif // BOOST_ASIO_SSL_IMPL_CONTEXT_IPP diff --git a/boost/asio/ssl/impl/error.ipp b/boost/asio/ssl/impl/error.ipp new file mode 100644 index 0000000000..6d462352a2 --- /dev/null +++ b/boost/asio/ssl/impl/error.ipp @@ -0,0 +1,59 @@ +// +// ssl/impl/error.ipp +// ~~~~~~~~~~~~~~~~~~ +// +// Copyright (c) 2003-2012 Christopher M. Kohlhoff (chris at kohlhoff dot com) +// +// Distributed under the Boost Software License, Version 1.0. (See accompanying +// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) +// + +#ifndef BOOST_ASIO_SSL_IMPL_ERROR_IPP +#define BOOST_ASIO_SSL_IMPL_ERROR_IPP + +#if defined(_MSC_VER) && (_MSC_VER >= 1200) +# pragma once +#endif // defined(_MSC_VER) && (_MSC_VER >= 1200) + +#include <boost/asio/detail/config.hpp> +#include <boost/asio/ssl/error.hpp> +#include <boost/asio/ssl/detail/openssl_init.hpp> + +#include <boost/asio/detail/push_options.hpp> + +namespace boost { +namespace asio { +namespace error { + +namespace detail { + +class ssl_category : public boost::system::error_category +{ +public: + const char* name() const + { + return "asio.ssl"; + } + + std::string message(int value) const + { + const char* s = ::ERR_reason_error_string(value); + return s ? s : "asio.ssl error"; + } +}; + +} // namespace detail + +const boost::system::error_category& get_ssl_category() +{ + static detail::ssl_category instance; + return instance; +} + +} // namespace error +} // namespace asio +} // namespace boost + +#include <boost/asio/detail/pop_options.hpp> + +#endif // BOOST_ASIO_SSL_IMPL_ERROR_IPP diff --git a/boost/asio/ssl/impl/rfc2818_verification.ipp b/boost/asio/ssl/impl/rfc2818_verification.ipp new file mode 100644 index 0000000000..8d577b83aa --- /dev/null +++ b/boost/asio/ssl/impl/rfc2818_verification.ipp @@ -0,0 +1,158 @@ +// +// ssl/impl/rfc2818_verification.ipp +// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +// +// Copyright (c) 2003-2012 Christopher M. Kohlhoff (chris at kohlhoff dot com) +// +// Distributed under the Boost Software License, Version 1.0. (See accompanying +// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) +// + +#ifndef BOOST_ASIO_SSL_IMPL_RFC2818_VERIFICATION_IPP +#define BOOST_ASIO_SSL_IMPL_RFC2818_VERIFICATION_IPP + +#if defined(_MSC_VER) && (_MSC_VER >= 1200) +# pragma once +#endif // defined(_MSC_VER) && (_MSC_VER >= 1200) + +#include <boost/asio/detail/config.hpp> + +#if !defined(BOOST_ASIO_ENABLE_OLD_SSL) +# include <cctype> +# include <cstring> +# include <boost/asio/ip/address.hpp> +# include <boost/asio/ssl/rfc2818_verification.hpp> +# include <boost/asio/ssl/detail/openssl_types.hpp> +#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL) + +#include <boost/asio/detail/push_options.hpp> + +namespace boost { +namespace asio { +namespace ssl { + +#if !defined(BOOST_ASIO_ENABLE_OLD_SSL) + +bool rfc2818_verification::operator()( + bool preverified, verify_context& ctx) const +{ + using namespace std; // For memcmp. + + // Don't bother looking at certificates that have failed pre-verification. + if (!preverified) + return false; + + // We're only interested in checking the certificate at the end of the chain. + int depth = X509_STORE_CTX_get_error_depth(ctx.native_handle()); + if (depth > 0) + return true; + + // Try converting the host name to an address. If it is an address then we + // need to look for an IP address in the certificate rather than a host name. + boost::system::error_code ec; + ip::address address = ip::address::from_string(host_, ec); + bool is_address = !ec; + + X509* cert = X509_STORE_CTX_get_current_cert(ctx.native_handle()); + + // Go through the alternate names in the certificate looking for matching DNS + // or IP address entries. + GENERAL_NAMES* gens = static_cast<GENERAL_NAMES*>( + X509_get_ext_d2i(cert, NID_subject_alt_name, 0, 0)); + for (int i = 0; i < sk_GENERAL_NAME_num(gens); ++i) + { + GENERAL_NAME* gen = sk_GENERAL_NAME_value(gens, i); + if (gen->type == GEN_DNS && !is_address) + { + ASN1_IA5STRING* domain = gen->d.dNSName; + if (domain->type == V_ASN1_IA5STRING && domain->data && domain->length) + { + const char* pattern = reinterpret_cast<const char*>(domain->data); + std::size_t pattern_length = domain->length; + if (match_pattern(pattern, pattern_length, host_.c_str())) + return true; + } + } + else if (gen->type == GEN_IPADD && is_address) + { + ASN1_OCTET_STRING* ip_address = gen->d.iPAddress; + if (ip_address->type == V_ASN1_OCTET_STRING && ip_address->data) + { + if (address.is_v4() && ip_address->length == 4) + { + ip::address_v4::bytes_type bytes = address.to_v4().to_bytes(); + if (memcmp(bytes.data(), ip_address->data, 4) == 0) + return true; + } + else if (address.is_v6() && ip_address->length == 16) + { + ip::address_v6::bytes_type bytes = address.to_v6().to_bytes(); + if (memcmp(bytes.data(), ip_address->data, 16) == 0) + return true; + } + } + } + } + + // No match in the alternate names, so try the common names. We should only + // use the "most specific" common name, which is the last one in the list. + X509_NAME* name = X509_get_subject_name(cert); + int i = -1; + ASN1_STRING* common_name = 0; + while ((i = X509_NAME_get_index_by_NID(name, NID_commonName, i)) >= 0) + { + X509_NAME_ENTRY* name_entry = X509_NAME_get_entry(name, i); + common_name = X509_NAME_ENTRY_get_data(name_entry); + } + if (common_name && common_name->data && common_name->length) + { + const char* pattern = reinterpret_cast<const char*>(common_name->data); + std::size_t pattern_length = common_name->length; + if (match_pattern(pattern, pattern_length, host_.c_str())) + return true; + } + + return false; +} + +bool rfc2818_verification::match_pattern(const char* pattern, + std::size_t pattern_length, const char* host) +{ + using namespace std; // For tolower. + + const char* p = pattern; + const char* p_end = p + pattern_length; + const char* h = host; + + while (p != p_end && *h) + { + if (*p == '*') + { + ++p; + while (*h && *h != '.') + if (match_pattern(p, p_end - p, h++)) + return true; + } + else if (tolower(*p) == tolower(*h)) + { + ++p; + ++h; + } + else + { + return false; + } + } + + return p == p_end && !*h; +} + +#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL) + +} // namespace ssl +} // namespace asio +} // namespace boost + +#include <boost/asio/detail/pop_options.hpp> + +#endif // BOOST_ASIO_SSL_IMPL_RFC2818_VERIFICATION_IPP diff --git a/boost/asio/ssl/impl/src.hpp b/boost/asio/ssl/impl/src.hpp new file mode 100644 index 0000000000..285bae4b1b --- /dev/null +++ b/boost/asio/ssl/impl/src.hpp @@ -0,0 +1,28 @@ +// +// impl/ssl/src.hpp +// ~~~~~~~~~~~~~~~~ +// +// Copyright (c) 2003-2012 Christopher M. Kohlhoff (chris at kohlhoff dot com) +// +// Distributed under the Boost Software License, Version 1.0. (See accompanying +// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) +// + +#ifndef BOOST_ASIO_SSL_IMPL_SRC_HPP +#define BOOST_ASIO_SSL_IMPL_SRC_HPP + +#define BOOST_ASIO_SOURCE + +#include <boost/asio/detail/config.hpp> + +#if defined(BOOST_ASIO_HEADER_ONLY) +# error Do not compile Asio library source with BOOST_ASIO_HEADER_ONLY defined +#endif + +#include <boost/asio/ssl/impl/context.ipp> +#include <boost/asio/ssl/impl/error.ipp> +#include <boost/asio/ssl/detail/impl/engine.ipp> +#include <boost/asio/ssl/detail/impl/openssl_init.ipp> +#include <boost/asio/ssl/impl/rfc2818_verification.ipp> + +#endif // BOOST_ASIO_SSL_IMPL_SRC_HPP |