]> git.proxmox.com Git - ceph.git/blame - ceph/src/boost/boost/asio/ssl/context.hpp
projects / ceph.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
import new upstream nautilus stable release 14.2.8
[ceph.git] / ceph / src / boost / boost / asio / ssl / context.hpp
CommitLineData
7c673cae
FG		 1//
2// ssl/context.hpp
3// ~~~~~~~~~~~~~~~
4//
92f5a8d4 5// Copyright (c) 2003-2019 Christopher M. Kohlhoff (chris at kohlhoff dot com)
7c673cae
FG		 6//
7// Distributed under the Boost Software License, Version 1.0. (See accompanying
8// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
9//
10
11#ifndef BOOST_ASIO_SSL_CONTEXT_HPP
12#define BOOST_ASIO_SSL_CONTEXT_HPP
13
14#if defined(_MSC_VER) && (_MSC_VER >= 1200)
15# pragma once
16#endif // defined(_MSC_VER) && (_MSC_VER >= 1200)
17
18#include <boost/asio/detail/config.hpp>
19
b32b8144
FG		 20#include <string>
21#include <boost/asio/buffer.hpp>
22#include <boost/asio/io_context.hpp>
23#include <boost/asio/ssl/context_base.hpp>
24#include <boost/asio/ssl/detail/openssl_types.hpp>
25#include <boost/asio/ssl/detail/openssl_init.hpp>
26#include <boost/asio/ssl/detail/password_callback.hpp>
27#include <boost/asio/ssl/detail/verify_callback.hpp>
28#include <boost/asio/ssl/verify_mode.hpp>
7c673cae
FG		 29
30#include <boost/asio/detail/push_options.hpp>
31
32namespace boost {
33namespace asio {
34namespace ssl {
35
7c673cae
FG		 36class context
37 : public context_base,
38 private noncopyable
39{
40public:
41 /// The native handle type of the SSL context.
42 typedef SSL_CTX* native_handle_type;
43
7c673cae
FG		 44 /// Constructor.
45 BOOST_ASIO_DECL explicit context(method m);
46
7c673cae
FG		 47#if defined(BOOST_ASIO_HAS_MOVE) || defined(GENERATING_DOCUMENTATION)
48 /// Move-construct a context from another.
49 /**
50 * This constructor moves an SSL context from one object to another.
51 *
52 * @param other The other context object from which the move will occur.
53 *
54 * @note Following the move, the following operations only are valid for the
55 * moved-from object:
56 * @li Destruction.
57 * @li As a target for move-assignment.
58 */
59 BOOST_ASIO_DECL context(context&& other);
60
61 /// Move-assign a context from another.
62 /**
63 * This assignment operator moves an SSL context from one object to another.
64 *
65 * @param other The other context object from which the move will occur.
66 *
67 * @note Following the move, the following operations only are valid for the
68 * moved-from object:
69 * @li Destruction.
70 * @li As a target for move-assignment.
71 */
72 BOOST_ASIO_DECL context& operator=(context&& other);
73#endif // defined(BOOST_ASIO_HAS_MOVE) || defined(GENERATING_DOCUMENTATION)
74
75 /// Destructor.
76 BOOST_ASIO_DECL ~context();
77
78 /// Get the underlying implementation in the native type.
79 /**
80 * This function may be used to obtain the underlying implementation of the
81 * context. This is intended to allow access to context functionality that is
82 * not otherwise provided.
83 */
84 BOOST_ASIO_DECL native_handle_type native_handle();
85
7c673cae
FG		 86 /// Clear options on the context.
87 /**
88 * This function may be used to configure the SSL options used by the context.
89 *
90 * @param o A bitmask of options. The available option values are defined in
91 * the context_base class. The specified options, if currently enabled on the
92 * context, are cleared.
93 *
94 * @throws boost::system::system_error Thrown on failure.
95 *
96 * @note Calls @c SSL_CTX_clear_options.
97 */
98 BOOST_ASIO_DECL void clear_options(options o);
99
100 /// Clear options on the context.
101 /**
102 * This function may be used to configure the SSL options used by the context.
103 *
104 * @param o A bitmask of options. The available option values are defined in
105 * the context_base class. The specified options, if currently enabled on the
106 * context, are cleared.
107 *
108 * @param ec Set to indicate what error occurred, if any.
109 *
110 * @note Calls @c SSL_CTX_clear_options.
111 */
b32b8144 112 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID clear_options(options o,
7c673cae
FG		 113 boost::system::error_code& ec);
114
115 /// Set options on the context.
116 /**
117 * This function may be used to configure the SSL options used by the context.
118 *
119 * @param o A bitmask of options. The available option values are defined in
120 * the context_base class. The options are bitwise-ored with any existing
121 * value for the options.
122 *
123 * @throws boost::system::system_error Thrown on failure.
124 *
125 * @note Calls @c SSL_CTX_set_options.
126 */
127 BOOST_ASIO_DECL void set_options(options o);
128
129 /// Set options on the context.
130 /**
131 * This function may be used to configure the SSL options used by the context.
132 *
133 * @param o A bitmask of options. The available option values are defined in
134 * the context_base class. The options are bitwise-ored with any existing
135 * value for the options.
136 *
137 * @param ec Set to indicate what error occurred, if any.
138 *
139 * @note Calls @c SSL_CTX_set_options.
140 */
b32b8144 141 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID set_options(options o,
7c673cae
FG		 142 boost::system::error_code& ec);
143
144 /// Set the peer verification mode.
145 /**
146 * This function may be used to configure the peer verification mode used by
147 * the context.
148 *
149 * @param v A bitmask of peer verification modes. See @ref verify_mode for
150 * available values.
151 *
152 * @throws boost::system::system_error Thrown on failure.
153 *
154 * @note Calls @c SSL_CTX_set_verify.
155 */
156 BOOST_ASIO_DECL void set_verify_mode(verify_mode v);
157
158 /// Set the peer verification mode.
159 /**
160 * This function may be used to configure the peer verification mode used by
161 * the context.
162 *
163 * @param v A bitmask of peer verification modes. See @ref verify_mode for
164 * available values.
165 *
166 * @param ec Set to indicate what error occurred, if any.
167 *
168 * @note Calls @c SSL_CTX_set_verify.
169 */
b32b8144 170 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID set_verify_mode(
7c673cae
FG		 171 verify_mode v, boost::system::error_code& ec);
172
173 /// Set the peer verification depth.
174 /**
175 * This function may be used to configure the maximum verification depth
176 * allowed by the context.
177 *
178 * @param depth Maximum depth for the certificate chain verification that
179 * shall be allowed.
180 *
181 * @throws boost::system::system_error Thrown on failure.
182 *
183 * @note Calls @c SSL_CTX_set_verify_depth.
184 */
185 BOOST_ASIO_DECL void set_verify_depth(int depth);
186
187 /// Set the peer verification depth.
188 /**
189 * This function may be used to configure the maximum verification depth
190 * allowed by the context.
191 *
192 * @param depth Maximum depth for the certificate chain verification that
193 * shall be allowed.
194 *
195 * @param ec Set to indicate what error occurred, if any.
196 *
197 * @note Calls @c SSL_CTX_set_verify_depth.
198 */
b32b8144 199 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID set_verify_depth(
7c673cae
FG		 200 int depth, boost::system::error_code& ec);
201
202 /// Set the callback used to verify peer certificates.
203 /**
204 * This function is used to specify a callback function that will be called
205 * by the implementation when it needs to verify a peer certificate.
206 *
207 * @param callback The function object to be used for verifying a certificate.
208 * The function signature of the handler must be:
209 * @code bool verify_callback(
210 * bool preverified, // True if the certificate passed pre-verification.
211 * verify_context& ctx // The peer certificate and other context.
212 * ); @endcode
213 * The return value of the callback is true if the certificate has passed
214 * verification, false otherwise.
215 *
216 * @throws boost::system::system_error Thrown on failure.
217 *
218 * @note Calls @c SSL_CTX_set_verify.
219 */
220 template <typename VerifyCallback>
221 void set_verify_callback(VerifyCallback callback);
222
223 /// Set the callback used to verify peer certificates.
224 /**
225 * This function is used to specify a callback function that will be called
226 * by the implementation when it needs to verify a peer certificate.
227 *
228 * @param callback The function object to be used for verifying a certificate.
229 * The function signature of the handler must be:
230 * @code bool verify_callback(
231 * bool preverified, // True if the certificate passed pre-verification.
232 * verify_context& ctx // The peer certificate and other context.
233 * ); @endcode
234 * The return value of the callback is true if the certificate has passed
235 * verification, false otherwise.
236 *
237 * @param ec Set to indicate what error occurred, if any.
238 *
239 * @note Calls @c SSL_CTX_set_verify.
240 */
241 template <typename VerifyCallback>
b32b8144 242 BOOST_ASIO_SYNC_OP_VOID set_verify_callback(VerifyCallback callback,
7c673cae
FG		 243 boost::system::error_code& ec);
244
245 /// Load a certification authority file for performing verification.
246 /**
247 * This function is used to load one or more trusted certification authorities
248 * from a file.
249 *
250 * @param filename The name of a file containing certification authority
251 * certificates in PEM format.
252 *
253 * @throws boost::system::system_error Thrown on failure.
254 *
255 * @note Calls @c SSL_CTX_load_verify_locations.
256 */
257 BOOST_ASIO_DECL void load_verify_file(const std::string& filename);
258
259 /// Load a certification authority file for performing verification.
260 /**
261 * This function is used to load the certificates for one or more trusted
262 * certification authorities from a file.
263 *
264 * @param filename The name of a file containing certification authority
265 * certificates in PEM format.
266 *
267 * @param ec Set to indicate what error occurred, if any.
268 *
269 * @note Calls @c SSL_CTX_load_verify_locations.
270 */
b32b8144 271 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID load_verify_file(
7c673cae
FG		 272 const std::string& filename, boost::system::error_code& ec);
273
274 /// Add certification authority for performing verification.
275 /**
276 * This function is used to add one trusted certification authority
277 * from a memory buffer.
278 *
279 * @param ca The buffer containing the certification authority certificate.
280 * The certificate must use the PEM format.
281 *
282 * @throws boost::system::system_error Thrown on failure.
283 *
284 * @note Calls @c SSL_CTX_get_cert_store and @c X509_STORE_add_cert.
285 */
286 BOOST_ASIO_DECL void add_certificate_authority(const const_buffer& ca);
287
288 /// Add certification authority for performing verification.
289 /**
290 * This function is used to add one trusted certification authority
291 * from a memory buffer.
292 *
293 * @param ca The buffer containing the certification authority certificate.
294 * The certificate must use the PEM format.
295 *
296 * @param ec Set to indicate what error occurred, if any.
297 *
298 * @note Calls @c SSL_CTX_get_cert_store and @c X509_STORE_add_cert.
299 */
b32b8144 300 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID add_certificate_authority(
7c673cae
FG		 301 const const_buffer& ca, boost::system::error_code& ec);
302
303 /// Configures the context to use the default directories for finding
304 /// certification authority certificates.
305 /**
306 * This function specifies that the context should use the default,
307 * system-dependent directories for locating certification authority
308 * certificates.
309 *
310 * @throws boost::system::system_error Thrown on failure.
311 *
312 * @note Calls @c SSL_CTX_set_default_verify_paths.
313 */
314 BOOST_ASIO_DECL void set_default_verify_paths();
315
316 /// Configures the context to use the default directories for finding
317 /// certification authority certificates.
318 /**
319 * This function specifies that the context should use the default,
320 * system-dependent directories for locating certification authority
321 * certificates.
322 *
323 * @param ec Set to indicate what error occurred, if any.
324 *
325 * @note Calls @c SSL_CTX_set_default_verify_paths.
326 */
b32b8144 327 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID set_default_verify_paths(
7c673cae
FG		 328 boost::system::error_code& ec);
329
330 /// Add a directory containing certificate authority files to be used for
331 /// performing verification.
332 /**
333 * This function is used to specify the name of a directory containing
334 * certification authority certificates. Each file in the directory must
335 * contain a single certificate. The files must be named using the subject
336 * name's hash and an extension of ".0".
337 *
338 * @param path The name of a directory containing the certificates.
339 *
340 * @throws boost::system::system_error Thrown on failure.
341 *
342 * @note Calls @c SSL_CTX_load_verify_locations.
343 */
344 BOOST_ASIO_DECL void add_verify_path(const std::string& path);
345
346 /// Add a directory containing certificate authority files to be used for
347 /// performing verification.
348 /**
349 * This function is used to specify the name of a directory containing
350 * certification authority certificates. Each file in the directory must
351 * contain a single certificate. The files must be named using the subject
352 * name's hash and an extension of ".0".
353 *
354 * @param path The name of a directory containing the certificates.
355 *
356 * @param ec Set to indicate what error occurred, if any.
357 *
358 * @note Calls @c SSL_CTX_load_verify_locations.
359 */
b32b8144 360 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID add_verify_path(
7c673cae
FG		 361 const std::string& path, boost::system::error_code& ec);
362
363 /// Use a certificate from a memory buffer.
364 /**
365 * This function is used to load a certificate into the context from a buffer.
366 *
367 * @param certificate The buffer containing the certificate.
368 *
369 * @param format The certificate format (ASN.1 or PEM).
370 *
371 * @throws boost::system::system_error Thrown on failure.
372 *
373 * @note Calls @c SSL_CTX_use_certificate or SSL_CTX_use_certificate_ASN1.
374 */
375 BOOST_ASIO_DECL void use_certificate(
376 const const_buffer& certificate, file_format format);
377
378 /// Use a certificate from a memory buffer.
379 /**
380 * This function is used to load a certificate into the context from a buffer.
381 *
382 * @param certificate The buffer containing the certificate.
383 *
384 * @param format The certificate format (ASN.1 or PEM).
385 *
386 * @param ec Set to indicate what error occurred, if any.
387 *
388 * @note Calls @c SSL_CTX_use_certificate or SSL_CTX_use_certificate_ASN1.
389 */
b32b8144 390 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_certificate(
7c673cae
FG		 391 const const_buffer& certificate, file_format format,
392 boost::system::error_code& ec);
393
394 /// Use a certificate from a file.
395 /**
396 * This function is used to load a certificate into the context from a file.
397 *
398 * @param filename The name of the file containing the certificate.
399 *
400 * @param format The file format (ASN.1 or PEM).
401 *
402 * @throws boost::system::system_error Thrown on failure.
403 *
404 * @note Calls @c SSL_CTX_use_certificate_file.
405 */
406 BOOST_ASIO_DECL void use_certificate_file(
407 const std::string& filename, file_format format);
408
409 /// Use a certificate from a file.
410 /**
411 * This function is used to load a certificate into the context from a file.
412 *
413 * @param filename The name of the file containing the certificate.
414 *
415 * @param format The file format (ASN.1 or PEM).
416 *
417 * @param ec Set to indicate what error occurred, if any.
418 *
419 * @note Calls @c SSL_CTX_use_certificate_file.
420 */
b32b8144 421 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_certificate_file(
7c673cae
FG		 422 const std::string& filename, file_format format,
423 boost::system::error_code& ec);
424
425 /// Use a certificate chain from a memory buffer.
426 /**
427 * This function is used to load a certificate chain into the context from a
428 * buffer.
429 *
430 * @param chain The buffer containing the certificate chain. The certificate
431 * chain must use the PEM format.
432 *
433 * @throws boost::system::system_error Thrown on failure.
434 *
435 * @note Calls @c SSL_CTX_use_certificate and SSL_CTX_add_extra_chain_cert.
436 */
437 BOOST_ASIO_DECL void use_certificate_chain(const const_buffer& chain);
438
439 /// Use a certificate chain from a memory buffer.
440 /**
441 * This function is used to load a certificate chain into the context from a
442 * buffer.
443 *
444 * @param chain The buffer containing the certificate chain. The certificate
445 * chain must use the PEM format.
446 *
447 * @param ec Set to indicate what error occurred, if any.
448 *
449 * @note Calls @c SSL_CTX_use_certificate and SSL_CTX_add_extra_chain_cert.
450 */
b32b8144 451 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_certificate_chain(
7c673cae
FG		 452 const const_buffer& chain, boost::system::error_code& ec);
453
454 /// Use a certificate chain from a file.
455 /**
456 * This function is used to load a certificate chain into the context from a
457 * file.
458 *
459 * @param filename The name of the file containing the certificate. The file
460 * must use the PEM format.
461 *
462 * @throws boost::system::system_error Thrown on failure.
463 *
464 * @note Calls @c SSL_CTX_use_certificate_chain_file.
465 */
466 BOOST_ASIO_DECL void use_certificate_chain_file(const std::string& filename);
467
468 /// Use a certificate chain from a file.
469 /**
470 * This function is used to load a certificate chain into the context from a
471 * file.
472 *
473 * @param filename The name of the file containing the certificate. The file
474 * must use the PEM format.
475 *
476 * @param ec Set to indicate what error occurred, if any.
477 *
478 * @note Calls @c SSL_CTX_use_certificate_chain_file.
479 */
b32b8144 480 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_certificate_chain_file(
7c673cae
FG		 481 const std::string& filename, boost::system::error_code& ec);
482
483 /// Use a private key from a memory buffer.
484 /**
485 * This function is used to load a private key into the context from a buffer.
486 *
487 * @param private_key The buffer containing the private key.
488 *
489 * @param format The private key format (ASN.1 or PEM).
490 *
491 * @throws boost::system::system_error Thrown on failure.
492 *
493 * @note Calls @c SSL_CTX_use_PrivateKey or SSL_CTX_use_PrivateKey_ASN1.
494 */
495 BOOST_ASIO_DECL void use_private_key(
496 const const_buffer& private_key, file_format format);
497
498 /// Use a private key from a memory buffer.
499 /**
500 * This function is used to load a private key into the context from a buffer.
501 *
502 * @param private_key The buffer containing the private key.
503 *
504 * @param format The private key format (ASN.1 or PEM).
505 *
506 * @param ec Set to indicate what error occurred, if any.
507 *
508 * @note Calls @c SSL_CTX_use_PrivateKey or SSL_CTX_use_PrivateKey_ASN1.
509 */
b32b8144 510 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_private_key(
7c673cae
FG		 511 const const_buffer& private_key, file_format format,
512 boost::system::error_code& ec);
513
514 /// Use a private key from a file.
515 /**
516 * This function is used to load a private key into the context from a file.
517 *
518 * @param filename The name of the file containing the private key.
519 *
520 * @param format The file format (ASN.1 or PEM).
521 *
522 * @throws boost::system::system_error Thrown on failure.
523 *
524 * @note Calls @c SSL_CTX_use_PrivateKey_file.
525 */
526 BOOST_ASIO_DECL void use_private_key_file(
527 const std::string& filename, file_format format);
528
529 /// Use a private key from a file.
530 /**
531 * This function is used to load a private key into the context from a file.
532 *
533 * @param filename The name of the file containing the private key.
534 *
535 * @param format The file format (ASN.1 or PEM).
536 *
537 * @param ec Set to indicate what error occurred, if any.
538 *
539 * @note Calls @c SSL_CTX_use_PrivateKey_file.
540 */
b32b8144 541 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_private_key_file(
7c673cae
FG		 542 const std::string& filename, file_format format,
543 boost::system::error_code& ec);
544
545 /// Use an RSA private key from a memory buffer.
546 /**
547 * This function is used to load an RSA private key into the context from a
548 * buffer.
549 *
550 * @param private_key The buffer containing the RSA private key.
551 *
552 * @param format The private key format (ASN.1 or PEM).
553 *
554 * @throws boost::system::system_error Thrown on failure.
555 *
556 * @note Calls @c SSL_CTX_use_RSAPrivateKey or SSL_CTX_use_RSAPrivateKey_ASN1.
557 */
558 BOOST_ASIO_DECL void use_rsa_private_key(
559 const const_buffer& private_key, file_format format);
560
561 /// Use an RSA private key from a memory buffer.
562 /**
563 * This function is used to load an RSA private key into the context from a
564 * buffer.
565 *
566 * @param private_key The buffer containing the RSA private key.
567 *
568 * @param format The private key format (ASN.1 or PEM).
569 *
570 * @param ec Set to indicate what error occurred, if any.
571 *
572 * @note Calls @c SSL_CTX_use_RSAPrivateKey or SSL_CTX_use_RSAPrivateKey_ASN1.
573 */
b32b8144 574 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_rsa_private_key(
7c673cae
FG		 575 const const_buffer& private_key, file_format format,
576 boost::system::error_code& ec);
577
578 /// Use an RSA private key from a file.
579 /**
580 * This function is used to load an RSA private key into the context from a
581 * file.
582 *
583 * @param filename The name of the file containing the RSA private key.
584 *
585 * @param format The file format (ASN.1 or PEM).
586 *
587 * @throws boost::system::system_error Thrown on failure.
588 *
589 * @note Calls @c SSL_CTX_use_RSAPrivateKey_file.
590 */
591 BOOST_ASIO_DECL void use_rsa_private_key_file(
592 const std::string& filename, file_format format);
593
594 /// Use an RSA private key from a file.
595 /**
596 * This function is used to load an RSA private key into the context from a
597 * file.
598 *
599 * @param filename The name of the file containing the RSA private key.
600 *
601 * @param format The file format (ASN.1 or PEM).
602 *
603 * @param ec Set to indicate what error occurred, if any.
604 *
605 * @note Calls @c SSL_CTX_use_RSAPrivateKey_file.
606 */
b32b8144 607 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_rsa_private_key_file(
7c673cae
FG		 608 const std::string& filename, file_format format,
609 boost::system::error_code& ec);
610
611 /// Use the specified memory buffer to obtain the temporary Diffie-Hellman
612 /// parameters.
613 /**
614 * This function is used to load Diffie-Hellman parameters into the context
615 * from a buffer.
616 *
617 * @param dh The memory buffer containing the Diffie-Hellman parameters. The
618 * buffer must use the PEM format.
619 *
620 * @throws boost::system::system_error Thrown on failure.
621 *
622 * @note Calls @c SSL_CTX_set_tmp_dh.
623 */
624 BOOST_ASIO_DECL void use_tmp_dh(const const_buffer& dh);
625
626 /// Use the specified memory buffer to obtain the temporary Diffie-Hellman
627 /// parameters.
628 /**
629 * This function is used to load Diffie-Hellman parameters into the context
630 * from a buffer.
631 *
632 * @param dh The memory buffer containing the Diffie-Hellman parameters. The
633 * buffer must use the PEM format.
634 *
635 * @param ec Set to indicate what error occurred, if any.
636 *
637 * @note Calls @c SSL_CTX_set_tmp_dh.
638 */
b32b8144 639 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_tmp_dh(
7c673cae
FG		 640 const const_buffer& dh, boost::system::error_code& ec);
641
642 /// Use the specified file to obtain the temporary Diffie-Hellman parameters.
643 /**
644 * This function is used to load Diffie-Hellman parameters into the context
645 * from a file.
646 *
647 * @param filename The name of the file containing the Diffie-Hellman
648 * parameters. The file must use the PEM format.
649 *
650 * @throws boost::system::system_error Thrown on failure.
651 *
652 * @note Calls @c SSL_CTX_set_tmp_dh.
653 */
654 BOOST_ASIO_DECL void use_tmp_dh_file(const std::string& filename);
655
656 /// Use the specified file to obtain the temporary Diffie-Hellman parameters.
657 /**
658 * This function is used to load Diffie-Hellman parameters into the context
659 * from a file.
660 *
661 * @param filename The name of the file containing the Diffie-Hellman
662 * parameters. The file must use the PEM format.
663 *
664 * @param ec Set to indicate what error occurred, if any.
665 *
666 * @note Calls @c SSL_CTX_set_tmp_dh.
667 */
b32b8144 668 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_tmp_dh_file(
7c673cae
FG		 669 const std::string& filename, boost::system::error_code& ec);
670
671 /// Set the password callback.
672 /**
673 * This function is used to specify a callback function to obtain password
674 * information about an encrypted key in PEM format.
675 *
676 * @param callback The function object to be used for obtaining the password.
677 * The function signature of the handler must be:
678 * @code std::string password_callback(
679 * std::size_t max_length, // The maximum size for a password.
680 * password_purpose purpose // Whether password is for reading or writing.
681 * ); @endcode
682 * The return value of the callback is a string containing the password.
683 *
684 * @throws boost::system::system_error Thrown on failure.
685 *
686 * @note Calls @c SSL_CTX_set_default_passwd_cb.
687 */
688 template <typename PasswordCallback>
689 void set_password_callback(PasswordCallback callback);
690
691 /// Set the password callback.
692 /**
693 * This function is used to specify a callback function to obtain password
694 * information about an encrypted key in PEM format.
695 *
696 * @param callback The function object to be used for obtaining the password.
697 * The function signature of the handler must be:
698 * @code std::string password_callback(
699 * std::size_t max_length, // The maximum size for a password.
700 * password_purpose purpose // Whether password is for reading or writing.
701 * ); @endcode
702 * The return value of the callback is a string containing the password.
703 *
704 * @param ec Set to indicate what error occurred, if any.
705 *
706 * @note Calls @c SSL_CTX_set_default_passwd_cb.
707 */
708 template <typename PasswordCallback>
b32b8144 709 BOOST_ASIO_SYNC_OP_VOID set_password_callback(PasswordCallback callback,
7c673cae
FG		 710 boost::system::error_code& ec);
711
712private:
713 struct bio_cleanup;
714 struct x509_cleanup;
715 struct evp_pkey_cleanup;
716 struct rsa_cleanup;
717 struct dh_cleanup;
718
719 // Helper function used to set a peer certificate verification callback.
b32b8144 720 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID do_set_verify_callback(
7c673cae
FG		 721 detail::verify_callback_base* callback, boost::system::error_code& ec);
722
723 // Callback used when the SSL implementation wants to verify a certificate.
724 BOOST_ASIO_DECL static int verify_callback_function(
725 int preverified, X509_STORE_CTX* ctx);
726
727 // Helper function used to set a password callback.
b32b8144 728 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID do_set_password_callback(
7c673cae
FG		 729 detail::password_callback_base* callback, boost::system::error_code& ec);
730
731 // Callback used when the SSL implementation wants a password.
732 BOOST_ASIO_DECL static int password_callback_function(
733 char* buf, int size, int purpose, void* data);
734
735 // Helper function to set the temporary Diffie-Hellman parameters from a BIO.
b32b8144 736 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID do_use_tmp_dh(
7c673cae
FG		 737 BIO* bio, boost::system::error_code& ec);
738
739 // Helper function to make a BIO from a memory buffer.
740 BOOST_ASIO_DECL BIO* make_buffer_bio(const const_buffer& b);
741
742 // The underlying native implementation.
743 native_handle_type handle_;
744
745 // Ensure openssl is initialised.
746 boost::asio::ssl::detail::openssl_init<> init_;
747};
748
7c673cae
FG		 749} // namespace ssl
750} // namespace asio
751} // namespace boost
752
753#include <boost/asio/detail/pop_options.hpp>
754
755#include <boost/asio/ssl/impl/context.hpp>
756#if defined(BOOST_ASIO_HEADER_ONLY)
757# include <boost/asio/ssl/impl/context.ipp>
758#endif // defined(BOOST_ASIO_HEADER_ONLY)
759
760#endif // BOOST_ASIO_SSL_CONTEXT_HPP
Ceph