]>
Commit | Line | Data |
---|---|---|
f67539c2 TL |
1 | // |
2 | // ssl/host_name_verification.hpp | |
3 | // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
4 | // | |
5 | // Copyright (c) 2003-2020 Christopher M. Kohlhoff (chris at kohlhoff dot com) | |
6 | // | |
7 | // Distributed under the Boost Software License, Version 1.0. (See accompanying | |
8 | // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) | |
9 | // | |
10 | ||
11 | #ifndef BOOST_ASIO_SSL_HOST_NAME_VERIFICATION_HPP | |
12 | #define BOOST_ASIO_SSL_HOST_NAME_VERIFICATION_HPP | |
13 | ||
14 | #if defined(_MSC_VER) && (_MSC_VER >= 1200) | |
15 | # pragma once | |
16 | #endif // defined(_MSC_VER) && (_MSC_VER >= 1200) | |
17 | ||
18 | #include <boost/asio/detail/config.hpp> | |
19 | ||
20 | #include <string> | |
21 | #include <boost/asio/ssl/detail/openssl_types.hpp> | |
22 | #include <boost/asio/ssl/verify_context.hpp> | |
23 | ||
24 | #include <boost/asio/detail/push_options.hpp> | |
25 | ||
26 | namespace boost { | |
27 | namespace asio { | |
28 | namespace ssl { | |
29 | ||
30 | /// Verifies a certificate against a host_name according to the rules described | |
31 | /// in RFC 6125. | |
32 | /** | |
33 | * @par Example | |
34 | * The following example shows how to synchronously open a secure connection to | |
35 | * a given host name: | |
36 | * @code | |
37 | * using boost::asio::ip::tcp; | |
38 | * namespace ssl = boost::asio::ssl; | |
39 | * typedef ssl::stream<tcp::socket> ssl_socket; | |
40 | * | |
41 | * // Create a context that uses the default paths for finding CA certificates. | |
42 | * ssl::context ctx(ssl::context::sslv23); | |
43 | * ctx.set_default_verify_paths(); | |
44 | * | |
45 | * // Open a socket and connect it to the remote host. | |
46 | * boost::asio::io_context io_context; | |
47 | * ssl_socket sock(io_context, ctx); | |
48 | * tcp::resolver resolver(io_context); | |
49 | * tcp::resolver::query query("host.name", "https"); | |
50 | * boost::asio::connect(sock.lowest_layer(), resolver.resolve(query)); | |
51 | * sock.lowest_layer().set_option(tcp::no_delay(true)); | |
52 | * | |
53 | * // Perform SSL handshake and verify the remote host's certificate. | |
54 | * sock.set_verify_mode(ssl::verify_peer); | |
55 | * sock.set_verify_callback(ssl::host_name_verification("host.name")); | |
56 | * sock.handshake(ssl_socket::client); | |
57 | * | |
58 | * // ... read and write as normal ... | |
59 | * @endcode | |
60 | */ | |
61 | class host_name_verification | |
62 | { | |
63 | public: | |
64 | /// The type of the function object's result. | |
65 | typedef bool result_type; | |
66 | ||
67 | /// Constructor. | |
68 | explicit host_name_verification(const std::string& host) | |
69 | : host_(host) | |
70 | { | |
71 | } | |
72 | ||
73 | /// Perform certificate verification. | |
74 | BOOST_ASIO_DECL bool operator()(bool preverified, verify_context& ctx) const; | |
75 | ||
76 | private: | |
77 | // Helper function to check a host name against an IPv4 address | |
78 | // The host name to be checked. | |
79 | std::string host_; | |
80 | }; | |
81 | ||
82 | } // namespace ssl | |
83 | } // namespace asio | |
84 | } // namespace boost | |
85 | ||
86 | #include <boost/asio/detail/pop_options.hpp> | |
87 | ||
88 | #if defined(BOOST_ASIO_HEADER_ONLY) | |
89 | # include <boost/asio/ssl/impl/host_name_verification.ipp> | |
90 | #endif // defined(BOOST_ASIO_HEADER_ONLY) | |
91 | ||
92 | #endif // BOOST_ASIO_SSL_HOST_NAME_VERIFICATION_HPP |