projects / ceph.git / blame
| Commit | Line | Data |
|---|---|---|
| 7c673cae FG |
1 | // |
| 2 | // ssl/rfc2818_verification.hpp | |
| 3 | // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
| 4 | // | |
| 11fdf7f2 | 5 | // Copyright (c) 2003-2018 Christopher M. Kohlhoff (chris at kohlhoff dot com) |
| 7c673cae FG |
6 | // |
| 7 | // Distributed under the Boost Software License, Version 1.0. (See accompanying | |
| 8 | // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) | |
| 9 | // | |
| 10 | ||
| 11 | #ifndef BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP | |
| 12 | #define BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP | |
| 13 | ||
| 14 | #if defined(_MSC_VER) && (_MSC_VER >= 1200) | |
| 15 | # pragma once | |
| 16 | #endif // defined(_MSC_VER) && (_MSC_VER >= 1200) | |
| 17 | ||
| 18 | #include <boost/asio/detail/config.hpp> | |
| 19 | ||
| b32b8144 FG |
20 | #include <string> |
| 21 | #include <boost/asio/ssl/detail/openssl_types.hpp> | |
| 22 | #include <boost/asio/ssl/verify_context.hpp> | |
| 7c673cae FG |
23 | |
| 24 | #include <boost/asio/detail/push_options.hpp> | |
| 25 | ||
| 26 | namespace boost { | |
| 27 | namespace asio { | |
| 28 | namespace ssl { | |
| 29 | ||
| 7c673cae FG |
30 | /// Verifies a certificate against a hostname according to the rules described |
| 31 | /// in RFC 2818. | |
| 32 | /** | |
| 33 | * @par Example | |
| 34 | * The following example shows how to synchronously open a secure connection to | |
| 35 | * a given host name: | |
| 36 | * @code | |
| 37 | * using boost::asio::ip::tcp; | |
| 38 | * namespace ssl = boost::asio::ssl; | |
| 39 | * typedef ssl::stream<tcp::socket> ssl_socket; | |
| 40 | * | |
| 41 | * // Create a context that uses the default paths for finding CA certificates. | |
| 42 | * ssl::context ctx(ssl::context::sslv23); | |
| 43 | * ctx.set_default_verify_paths(); | |
| 44 | * | |
| 45 | * // Open a socket and connect it to the remote host. | |
| b32b8144 FG |
46 | * boost::asio::io_context io_context; |
| 47 | * ssl_socket sock(io_context, ctx); | |
| 48 | * tcp::resolver resolver(io_context); | |
| 7c673cae FG |
49 | * tcp::resolver::query query("host.name", "https"); |
| 50 | * boost::asio::connect(sock.lowest_layer(), resolver.resolve(query)); | |
| 51 | * sock.lowest_layer().set_option(tcp::no_delay(true)); | |
| 52 | * | |
| 53 | * // Perform SSL handshake and verify the remote host's certificate. | |
| 54 | * sock.set_verify_mode(ssl::verify_peer); | |
| 55 | * sock.set_verify_callback(ssl::rfc2818_verification("host.name")); | |
| 56 | * sock.handshake(ssl_socket::client); | |
| 57 | * | |
| 58 | * // ... read and write as normal ... | |
| 59 | * @endcode | |
| 60 | */ | |
| 61 | class rfc2818_verification | |
| 62 | { | |
| 63 | public: | |
| 64 | /// The type of the function object's result. | |
| 65 | typedef bool result_type; | |
| 66 | ||
| 67 | /// Constructor. | |
| 68 | explicit rfc2818_verification(const std::string& host) | |
| 69 | : host_(host) | |
| 70 | { | |
| 71 | } | |
| 72 | ||
| 73 | /// Perform certificate verification. | |
| 74 | BOOST_ASIO_DECL bool operator()(bool preverified, verify_context& ctx) const; | |
| 75 | ||
| 76 | private: | |
| 77 | // Helper function to check a host name against a pattern. | |
| 78 | BOOST_ASIO_DECL static bool match_pattern(const char* pattern, | |
| 79 | std::size_t pattern_length, const char* host); | |
| 80 | ||
| 81 | // Helper function to check a host name against an IPv4 address | |
| 82 | // The host name to be checked. | |
| 83 | std::string host_; | |
| 84 | }; | |
| 85 | ||
| 7c673cae FG |
86 | } // namespace ssl |
| 87 | } // namespace asio | |
| 88 | } // namespace boost | |
| 89 | ||
| 90 | #include <boost/asio/detail/pop_options.hpp> | |
| 91 | ||
| 92 | #if defined(BOOST_ASIO_HEADER_ONLY) | |
| 93 | # include <boost/asio/ssl/impl/rfc2818_verification.ipp> | |
| 94 | #endif // defined(BOOST_ASIO_HEADER_ONLY) | |
| 95 | ||
| 96 | #endif // BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP |