diff options
Diffstat (limited to 'boost/asio/ssl/rfc2818_verification.hpp')
-rw-r--r-- | boost/asio/ssl/rfc2818_verification.hpp | 102 |
1 files changed, 102 insertions, 0 deletions
diff --git a/boost/asio/ssl/rfc2818_verification.hpp b/boost/asio/ssl/rfc2818_verification.hpp new file mode 100644 index 0000000000..63ba948d6c --- /dev/null +++ b/boost/asio/ssl/rfc2818_verification.hpp @@ -0,0 +1,102 @@ +// +// ssl/rfc2818_verification.hpp +// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +// +// Copyright (c) 2003-2012 Christopher M. Kohlhoff (chris at kohlhoff dot com) +// +// Distributed under the Boost Software License, Version 1.0. (See accompanying +// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) +// + +#ifndef BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP +#define BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP + +#if defined(_MSC_VER) && (_MSC_VER >= 1200) +# pragma once +#endif // defined(_MSC_VER) && (_MSC_VER >= 1200) + +#include <boost/asio/detail/config.hpp> + +#if !defined(BOOST_ASIO_ENABLE_OLD_SSL) +# include <string> +# include <boost/asio/ssl/detail/openssl_types.hpp> +# include <boost/asio/ssl/verify_context.hpp> +#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL) + +#include <boost/asio/detail/push_options.hpp> + +namespace boost { +namespace asio { +namespace ssl { + +#if !defined(BOOST_ASIO_ENABLE_OLD_SSL) + +/// Verifies a certificate against a hostname according to the rules described +/// in RFC 2818. +/** + * @par Example + * The following example shows how to synchronously open a secure connection to + * a given host name: + * @code + * using boost::asio::ip::tcp; + * namespace ssl = boost::asio::ssl; + * typedef ssl::stream<tcp::socket> ssl_socket; + * + * // Create a context that uses the default paths for finding CA certificates. + * ssl::context ctx(ssl::context::sslv23); + * ctx.set_default_verify_paths(); + * + * // Open a socket and connect it to the remote host. + * boost::asio::io_service io_service; + * ssl_socket sock(io_service, ctx); + * tcp::resolver resolver(io_service); + * tcp::resolver::query query("host.name", "https"); + * boost::asio::connect(sock.lowest_layer(), resolver.resolve(query)); + * sock.lowest_layer().set_option(tcp::no_delay(true)); + * + * // Perform SSL handshake and verify the remote host's certificate. + * sock.set_verify_mode(ssl::verify_peer); + * sock.set_verify_callback(ssl::rfc2818_verification("host.name")); + * sock.handshake(ssl_socket::client); + * + * // ... read and write as normal ... + * @endcode + */ +class rfc2818_verification +{ +public: + /// The type of the function object's result. + typedef bool result_type; + + /// Constructor. + explicit rfc2818_verification(const std::string& host) + : host_(host) + { + } + + /// Perform certificate verification. + BOOST_ASIO_DECL bool operator()(bool preverified, verify_context& ctx) const; + +private: + // Helper function to check a host name against a pattern. + BOOST_ASIO_DECL static bool match_pattern(const char* pattern, + std::size_t pattern_length, const char* host); + + // Helper function to check a host name against an IPv4 address + // The host name to be checked. + std::string host_; +}; + +#endif // defined(BOOST_ASIO_ENABLE_OLD_SSL) + +} // namespace ssl +} // namespace asio +} // namespace boost + +#include <boost/asio/detail/pop_options.hpp> + +#if defined(BOOST_ASIO_HEADER_ONLY) +# include <boost/asio/ssl/impl/rfc2818_verification.ipp> +#endif // defined(BOOST_ASIO_HEADER_ONLY) + +#endif // BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP |