1 // 2 // ssl/rfc2818_verification.hpp 3 // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 4 // 5 // Copyright (c) 2003-2015 Christopher M. Kohlhoff (chris at kohlhoff dot com) 6 // 7 // Distributed under the Boost Software License, Version 1.0. (See accompanying 8 // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) 9 // 10 11 #ifndef BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP 12 #define BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP 13 14 #if defined(_MSC_VER) && (_MSC_VER >= 1200) 15 # pragma once 16 #endif // defined(_MSC_VER) && (_MSC_VER >= 1200) 17 18 #include <boost/asio/detail/config.hpp> 19 20 #if !defined(BOOST_ASIO_ENABLE_OLD_SSL) 21 # include <string> 22 # include <boost/asio/ssl/detail/openssl_types.hpp> 23 # include <boost/asio/ssl/verify_context.hpp> 24 #endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL) 25 26 #include <boost/asio/detail/push_options.hpp> 27 28 namespace boost { 29 namespace asio { 30 namespace ssl { 31 32 #if !defined(BOOST_ASIO_ENABLE_OLD_SSL) 33 34 /// Verifies a certificate against a hostname according to the rules described 35 /// in RFC 2818. 36 /** 37 * @par Example 38 * The following example shows how to synchronously open a secure connection to 39 * a given host name: 40 * @code 41 * using boost::asio::ip::tcp; 42 * namespace ssl = boost::asio::ssl; 43 * typedef ssl::stream<tcp::socket> ssl_socket; 44 * 45 * // Create a context that uses the default paths for finding CA certificates. 46 * ssl::context ctx(ssl::context::sslv23); 47 * ctx.set_default_verify_paths(); 48 * 49 * // Open a socket and connect it to the remote host. 50 * boost::asio::io_service io_service; 51 * ssl_socket sock(io_service, ctx); 52 * tcp::resolver resolver(io_service); 53 * tcp::resolver::query query("host.name", "https"); 54 * boost::asio::connect(sock.lowest_layer(), resolver.resolve(query)); 55 * sock.lowest_layer().set_option(tcp::no_delay(true)); 56 * 57 * // Perform SSL handshake and verify the remote host's certificate. 58 * sock.set_verify_mode(ssl::verify_peer); 59 * sock.set_verify_callback(ssl::rfc2818_verification("host.name")); 60 * sock.handshake(ssl_socket::client); 61 * 62 * // ... read and write as normal ... 63 * @endcode 64 */ 65 class rfc2818_verification 66 { 67 public: 68 /// The type of the function object's result. 69 typedef bool result_type; 70 71 /// Constructor. rfc2818_verification(const std::string & host)72 explicit rfc2818_verification(const std::string& host) 73 : host_(host) 74 { 75 } 76 77 /// Perform certificate verification. 78 BOOST_ASIO_DECL bool operator()(bool preverified, verify_context& ctx) const; 79 80 private: 81 // Helper function to check a host name against a pattern. 82 BOOST_ASIO_DECL static bool match_pattern(const char* pattern, 83 std::size_t pattern_length, const char* host); 84 85 // Helper function to check a host name against an IPv4 address 86 // The host name to be checked. 87 std::string host_; 88 }; 89 90 #endif // defined(BOOST_ASIO_ENABLE_OLD_SSL) 91 92 } // namespace ssl 93 } // namespace asio 94 } // namespace boost 95 96 #include <boost/asio/detail/pop_options.hpp> 97 98 #if defined(BOOST_ASIO_HEADER_ONLY) 99 # include <boost/asio/ssl/impl/rfc2818_verification.ipp> 100 #endif // defined(BOOST_ASIO_HEADER_ONLY) 101 102 #endif // BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP 103