// // ssl/rfc2818_verification.hpp // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ // // Copyright (c) 2003-2012 Christopher M. Kohlhoff (chris at kohlhoff dot com) // // Distributed under the Boost Software License, Version 1.0. (See accompanying // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) // #ifndef BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP #define BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP #if defined(_MSC_VER) && (_MSC_VER >= 1200) # pragma once #endif // defined(_MSC_VER) && (_MSC_VER >= 1200) #include #if !defined(BOOST_ASIO_ENABLE_OLD_SSL) # include # include # include #endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL) #include namespace boost { namespace asio { namespace ssl { #if !defined(BOOST_ASIO_ENABLE_OLD_SSL) /// Verifies a certificate against a hostname according to the rules described /// in RFC 2818. /** * @par Example * The following example shows how to synchronously open a secure connection to * a given host name: * @code * using boost::asio::ip::tcp; * namespace ssl = boost::asio::ssl; * typedef ssl::stream ssl_socket; * * // Create a context that uses the default paths for finding CA certificates. * ssl::context ctx(ssl::context::sslv23); * ctx.set_default_verify_paths(); * * // Open a socket and connect it to the remote host. * boost::asio::io_service io_service; * ssl_socket sock(io_service, ctx); * tcp::resolver resolver(io_service); * tcp::resolver::query query("host.name", "https"); * boost::asio::connect(sock.lowest_layer(), resolver.resolve(query)); * sock.lowest_layer().set_option(tcp::no_delay(true)); * * // Perform SSL handshake and verify the remote host's certificate. * sock.set_verify_mode(ssl::verify_peer); * sock.set_verify_callback(ssl::rfc2818_verification("host.name")); * sock.handshake(ssl_socket::client); * * // ... read and write as normal ... * @endcode */ class rfc2818_verification { public: /// The type of the function object's result. typedef bool result_type; /// Constructor. explicit rfc2818_verification(const std::string& host) : host_(host) { } /// Perform certificate verification. BOOST_ASIO_DECL bool operator()(bool preverified, verify_context& ctx) const; private: // Helper function to check a host name against a pattern. BOOST_ASIO_DECL static bool match_pattern(const char* pattern, std::size_t pattern_length, const char* host); // Helper function to check a host name against an IPv4 address // The host name to be checked. std::string host_; }; #endif // defined(BOOST_ASIO_ENABLE_OLD_SSL) } // namespace ssl } // namespace asio } // namespace boost #include #if defined(BOOST_ASIO_HEADER_ONLY) # include #endif // defined(BOOST_ASIO_HEADER_ONLY) #endif // BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP