Chris@16: // Chris@16: // ssl/rfc2818_verification.hpp Chris@16: // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Chris@16: // Chris@101: // Copyright (c) 2003-2015 Christopher M. Kohlhoff (chris at kohlhoff dot com) Chris@16: // Chris@16: // Distributed under the Boost Software License, Version 1.0. (See accompanying Chris@16: // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) Chris@16: // Chris@16: Chris@16: #ifndef BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP Chris@16: #define BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP Chris@16: Chris@16: #if defined(_MSC_VER) && (_MSC_VER >= 1200) Chris@16: # pragma once Chris@16: #endif // defined(_MSC_VER) && (_MSC_VER >= 1200) Chris@16: Chris@16: #include Chris@16: Chris@16: #if !defined(BOOST_ASIO_ENABLE_OLD_SSL) Chris@16: # include Chris@16: # include Chris@16: # include Chris@16: #endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL) Chris@16: Chris@16: #include Chris@16: Chris@16: namespace boost { Chris@16: namespace asio { Chris@16: namespace ssl { Chris@16: Chris@16: #if !defined(BOOST_ASIO_ENABLE_OLD_SSL) Chris@16: Chris@16: /// Verifies a certificate against a hostname according to the rules described Chris@16: /// in RFC 2818. Chris@16: /** Chris@16: * @par Example Chris@16: * The following example shows how to synchronously open a secure connection to Chris@16: * a given host name: Chris@16: * @code Chris@16: * using boost::asio::ip::tcp; Chris@16: * namespace ssl = boost::asio::ssl; Chris@16: * typedef ssl::stream ssl_socket; Chris@16: * Chris@16: * // Create a context that uses the default paths for finding CA certificates. Chris@16: * ssl::context ctx(ssl::context::sslv23); Chris@16: * ctx.set_default_verify_paths(); Chris@16: * Chris@16: * // Open a socket and connect it to the remote host. Chris@16: * boost::asio::io_service io_service; Chris@16: * ssl_socket sock(io_service, ctx); Chris@16: * tcp::resolver resolver(io_service); Chris@16: * tcp::resolver::query query("host.name", "https"); Chris@16: * boost::asio::connect(sock.lowest_layer(), resolver.resolve(query)); Chris@16: * sock.lowest_layer().set_option(tcp::no_delay(true)); Chris@16: * Chris@16: * // Perform SSL handshake and verify the remote host's certificate. Chris@16: * sock.set_verify_mode(ssl::verify_peer); Chris@16: * sock.set_verify_callback(ssl::rfc2818_verification("host.name")); Chris@16: * sock.handshake(ssl_socket::client); Chris@16: * Chris@16: * // ... read and write as normal ... Chris@16: * @endcode Chris@16: */ Chris@16: class rfc2818_verification Chris@16: { Chris@16: public: Chris@16: /// The type of the function object's result. Chris@16: typedef bool result_type; Chris@16: Chris@16: /// Constructor. Chris@16: explicit rfc2818_verification(const std::string& host) Chris@16: : host_(host) Chris@16: { Chris@16: } Chris@16: Chris@16: /// Perform certificate verification. Chris@16: BOOST_ASIO_DECL bool operator()(bool preverified, verify_context& ctx) const; Chris@16: Chris@16: private: Chris@16: // Helper function to check a host name against a pattern. Chris@16: BOOST_ASIO_DECL static bool match_pattern(const char* pattern, Chris@16: std::size_t pattern_length, const char* host); Chris@16: Chris@16: // Helper function to check a host name against an IPv4 address Chris@16: // The host name to be checked. Chris@16: std::string host_; Chris@16: }; Chris@16: Chris@16: #endif // defined(BOOST_ASIO_ENABLE_OLD_SSL) Chris@16: Chris@16: } // namespace ssl Chris@16: } // namespace asio Chris@16: } // namespace boost Chris@16: Chris@16: #include Chris@16: Chris@16: #if defined(BOOST_ASIO_HEADER_ONLY) Chris@16: # include Chris@16: #endif // defined(BOOST_ASIO_HEADER_ONLY) Chris@16: Chris@16: #endif // BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP