EIC code displayed by LXR |
|
|
|
|||
File indexing completed on 2025-01-18 09:29:02
0001 // 0002 // ssl/context.hpp 0003 // ~~~~~~~~~~~~~~~ 0004 // 0005 // Copyright (c) 2003-2023 Christopher M. Kohlhoff (chris at kohlhoff dot com) 0006 // 0007 // Distributed under the Boost Software License, Version 1.0. (See accompanying 0008 // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) 0009 // 0010 0011 #ifndef BOOST_ASIO_SSL_CONTEXT_HPP 0012 #define BOOST_ASIO_SSL_CONTEXT_HPP 0013 0014 #if defined(_MSC_VER) && (_MSC_VER >= 1200) 0015 # pragma once 0016 #endif // defined(_MSC_VER) && (_MSC_VER >= 1200) 0017 0018 #include <boost/asio/detail/config.hpp> 0019 0020 #include <string> 0021 #include <boost/asio/buffer.hpp> 0022 #include <boost/asio/io_context.hpp> 0023 #include <boost/asio/ssl/context_base.hpp> 0024 #include <boost/asio/ssl/detail/openssl_types.hpp> 0025 #include <boost/asio/ssl/detail/openssl_init.hpp> 0026 #include <boost/asio/ssl/detail/password_callback.hpp> 0027 #include <boost/asio/ssl/detail/verify_callback.hpp> 0028 #include <boost/asio/ssl/verify_mode.hpp> 0029 0030 #include <boost/asio/detail/push_options.hpp> 0031 0032 namespace boost { 0033 namespace asio { 0034 namespace ssl { 0035 0036 class context 0037 : public context_base, 0038 private noncopyable 0039 { 0040 public: 0041 /// The native handle type of the SSL context. 0042 typedef SSL_CTX* native_handle_type; 0043 0044 /// Constructor. 0045 BOOST_ASIO_DECL explicit context(method m); 0046 0047 /// Construct to take ownership of a native handle. 0048 BOOST_ASIO_DECL explicit context(native_handle_type native_handle); 0049 0050 /// Move-construct a context from another. 0051 /** 0052 * This constructor moves an SSL context from one object to another. 0053 * 0054 * @param other The other context object from which the move will occur. 0055 * 0056 * @note Following the move, the following operations only are valid for the 0057 * moved-from object: 0058 * @li Destruction. 0059 * @li As a target for move-assignment. 0060 */ 0061 BOOST_ASIO_DECL context(context&& other); 0062 0063 /// Move-assign a context from another. 0064 /** 0065 * This assignment operator moves an SSL context from one object to another. 0066 * 0067 * @param other The other context object from which the move will occur. 0068 * 0069 * @note Following the move, the following operations only are valid for the 0070 * moved-from object: 0071 * @li Destruction. 0072 * @li As a target for move-assignment. 0073 */ 0074 BOOST_ASIO_DECL context& operator=(context&& other); 0075 0076 /// Destructor. 0077 BOOST_ASIO_DECL ~context(); 0078 0079 /// Get the underlying implementation in the native type. 0080 /** 0081 * This function may be used to obtain the underlying implementation of the 0082 * context. This is intended to allow access to context functionality that is 0083 * not otherwise provided. 0084 */ 0085 BOOST_ASIO_DECL native_handle_type native_handle(); 0086 0087 /// Clear options on the context. 0088 /** 0089 * This function may be used to configure the SSL options used by the context. 0090 * 0091 * @param o A bitmask of options. The available option values are defined in 0092 * the context_base class. The specified options, if currently enabled on the 0093 * context, are cleared. 0094 * 0095 * @throws boost::system::system_error Thrown on failure. 0096 * 0097 * @note Calls @c SSL_CTX_clear_options. 0098 */ 0099 BOOST_ASIO_DECL void clear_options(options o); 0100 0101 /// Clear options on the context. 0102 /** 0103 * This function may be used to configure the SSL options used by the context. 0104 * 0105 * @param o A bitmask of options. The available option values are defined in 0106 * the context_base class. The specified options, if currently enabled on the 0107 * context, are cleared. 0108 * 0109 * @param ec Set to indicate what error occurred, if any. 0110 * 0111 * @note Calls @c SSL_CTX_clear_options. 0112 */ 0113 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID clear_options(options o, 0114 boost::system::error_code& ec); 0115 0116 /// Set options on the context. 0117 /** 0118 * This function may be used to configure the SSL options used by the context. 0119 * 0120 * @param o A bitmask of options. The available option values are defined in 0121 * the context_base class. The options are bitwise-ored with any existing 0122 * value for the options. 0123 * 0124 * @throws boost::system::system_error Thrown on failure. 0125 * 0126 * @note Calls @c SSL_CTX_set_options. 0127 */ 0128 BOOST_ASIO_DECL void set_options(options o); 0129 0130 /// Set options on the context. 0131 /** 0132 * This function may be used to configure the SSL options used by the context. 0133 * 0134 * @param o A bitmask of options. The available option values are defined in 0135 * the context_base class. The options are bitwise-ored with any existing 0136 * value for the options. 0137 * 0138 * @param ec Set to indicate what error occurred, if any. 0139 * 0140 * @note Calls @c SSL_CTX_set_options. 0141 */ 0142 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID set_options(options o, 0143 boost::system::error_code& ec); 0144 0145 /// Set the peer verification mode. 0146 /** 0147 * This function may be used to configure the peer verification mode used by 0148 * the context. 0149 * 0150 * @param v A bitmask of peer verification modes. See @ref verify_mode for 0151 * available values. 0152 * 0153 * @throws boost::system::system_error Thrown on failure. 0154 * 0155 * @note Calls @c SSL_CTX_set_verify. 0156 */ 0157 BOOST_ASIO_DECL void set_verify_mode(verify_mode v); 0158 0159 /// Set the peer verification mode. 0160 /** 0161 * This function may be used to configure the peer verification mode used by 0162 * the context. 0163 * 0164 * @param v A bitmask of peer verification modes. See @ref verify_mode for 0165 * available values. 0166 * 0167 * @param ec Set to indicate what error occurred, if any. 0168 * 0169 * @note Calls @c SSL_CTX_set_verify. 0170 */ 0171 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID set_verify_mode( 0172 verify_mode v, boost::system::error_code& ec); 0173 0174 /// Set the peer verification depth. 0175 /** 0176 * This function may be used to configure the maximum verification depth 0177 * allowed by the context. 0178 * 0179 * @param depth Maximum depth for the certificate chain verification that 0180 * shall be allowed. 0181 * 0182 * @throws boost::system::system_error Thrown on failure. 0183 * 0184 * @note Calls @c SSL_CTX_set_verify_depth. 0185 */ 0186 BOOST_ASIO_DECL void set_verify_depth(int depth); 0187 0188 /// Set the peer verification depth. 0189 /** 0190 * This function may be used to configure the maximum verification depth 0191 * allowed by the context. 0192 * 0193 * @param depth Maximum depth for the certificate chain verification that 0194 * shall be allowed. 0195 * 0196 * @param ec Set to indicate what error occurred, if any. 0197 * 0198 * @note Calls @c SSL_CTX_set_verify_depth. 0199 */ 0200 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID set_verify_depth( 0201 int depth, boost::system::error_code& ec); 0202 0203 /// Set the callback used to verify peer certificates. 0204 /** 0205 * This function is used to specify a callback function that will be called 0206 * by the implementation when it needs to verify a peer certificate. 0207 * 0208 * @param callback The function object to be used for verifying a certificate. 0209 * The function signature of the handler must be: 0210 * @code bool verify_callback( 0211 * bool preverified, // True if the certificate passed pre-verification. 0212 * verify_context& ctx // The peer certificate and other context. 0213 * ); @endcode 0214 * The return value of the callback is true if the certificate has passed 0215 * verification, false otherwise. 0216 * 0217 * @throws boost::system::system_error Thrown on failure. 0218 * 0219 * @note Calls @c SSL_CTX_set_verify. 0220 */ 0221 template <typename VerifyCallback> 0222 void set_verify_callback(VerifyCallback callback); 0223 0224 /// Set the callback used to verify peer certificates. 0225 /** 0226 * This function is used to specify a callback function that will be called 0227 * by the implementation when it needs to verify a peer certificate. 0228 * 0229 * @param callback The function object to be used for verifying a certificate. 0230 * The function signature of the handler must be: 0231 * @code bool verify_callback( 0232 * bool preverified, // True if the certificate passed pre-verification. 0233 * verify_context& ctx // The peer certificate and other context. 0234 * ); @endcode 0235 * The return value of the callback is true if the certificate has passed 0236 * verification, false otherwise. 0237 * 0238 * @param ec Set to indicate what error occurred, if any. 0239 * 0240 * @note Calls @c SSL_CTX_set_verify. 0241 */ 0242 template <typename VerifyCallback> 0243 BOOST_ASIO_SYNC_OP_VOID set_verify_callback(VerifyCallback callback, 0244 boost::system::error_code& ec); 0245 0246 /// Load a certification authority file for performing verification. 0247 /** 0248 * This function is used to load one or more trusted certification authorities 0249 * from a file. 0250 * 0251 * @param filename The name of a file containing certification authority 0252 * certificates in PEM format. 0253 * 0254 * @throws boost::system::system_error Thrown on failure. 0255 * 0256 * @note Calls @c SSL_CTX_load_verify_locations. 0257 */ 0258 BOOST_ASIO_DECL void load_verify_file(const std::string& filename); 0259 0260 /// Load a certification authority file for performing verification. 0261 /** 0262 * This function is used to load the certificates for one or more trusted 0263 * certification authorities from a file. 0264 * 0265 * @param filename The name of a file containing certification authority 0266 * certificates in PEM format. 0267 * 0268 * @param ec Set to indicate what error occurred, if any. 0269 * 0270 * @note Calls @c SSL_CTX_load_verify_locations. 0271 */ 0272 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID load_verify_file( 0273 const std::string& filename, boost::system::error_code& ec); 0274 0275 /// Add certification authority for performing verification. 0276 /** 0277 * This function is used to add one trusted certification authority 0278 * from a memory buffer. 0279 * 0280 * @param ca The buffer containing the certification authority certificate. 0281 * The certificate must use the PEM format. 0282 * 0283 * @throws boost::system::system_error Thrown on failure. 0284 * 0285 * @note Calls @c SSL_CTX_get_cert_store and @c X509_STORE_add_cert. 0286 */ 0287 BOOST_ASIO_DECL void add_certificate_authority(const const_buffer& ca); 0288 0289 /// Add certification authority for performing verification. 0290 /** 0291 * This function is used to add one trusted certification authority 0292 * from a memory buffer. 0293 * 0294 * @param ca The buffer containing the certification authority certificate. 0295 * The certificate must use the PEM format. 0296 * 0297 * @param ec Set to indicate what error occurred, if any. 0298 * 0299 * @note Calls @c SSL_CTX_get_cert_store and @c X509_STORE_add_cert. 0300 */ 0301 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID add_certificate_authority( 0302 const const_buffer& ca, boost::system::error_code& ec); 0303 0304 /// Configures the context to use the default directories for finding 0305 /// certification authority certificates. 0306 /** 0307 * This function specifies that the context should use the default, 0308 * system-dependent directories for locating certification authority 0309 * certificates. 0310 * 0311 * @throws boost::system::system_error Thrown on failure. 0312 * 0313 * @note Calls @c SSL_CTX_set_default_verify_paths. 0314 */ 0315 BOOST_ASIO_DECL void set_default_verify_paths(); 0316 0317 /// Configures the context to use the default directories for finding 0318 /// certification authority certificates. 0319 /** 0320 * This function specifies that the context should use the default, 0321 * system-dependent directories for locating certification authority 0322 * certificates. 0323 * 0324 * @param ec Set to indicate what error occurred, if any. 0325 * 0326 * @note Calls @c SSL_CTX_set_default_verify_paths. 0327 */ 0328 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID set_default_verify_paths( 0329 boost::system::error_code& ec); 0330 0331 /// Add a directory containing certificate authority files to be used for 0332 /// performing verification. 0333 /** 0334 * This function is used to specify the name of a directory containing 0335 * certification authority certificates. Each file in the directory must 0336 * contain a single certificate. The files must be named using the subject 0337 * name's hash and an extension of ".0". 0338 * 0339 * @param path The name of a directory containing the certificates. 0340 * 0341 * @throws boost::system::system_error Thrown on failure. 0342 * 0343 * @note Calls @c SSL_CTX_load_verify_locations. 0344 */ 0345 BOOST_ASIO_DECL void add_verify_path(const std::string& path); 0346 0347 /// Add a directory containing certificate authority files to be used for 0348 /// performing verification. 0349 /** 0350 * This function is used to specify the name of a directory containing 0351 * certification authority certificates. Each file in the directory must 0352 * contain a single certificate. The files must be named using the subject 0353 * name's hash and an extension of ".0". 0354 * 0355 * @param path The name of a directory containing the certificates. 0356 * 0357 * @param ec Set to indicate what error occurred, if any. 0358 * 0359 * @note Calls @c SSL_CTX_load_verify_locations. 0360 */ 0361 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID add_verify_path( 0362 const std::string& path, boost::system::error_code& ec); 0363 0364 /// Use a certificate from a memory buffer. 0365 /** 0366 * This function is used to load a certificate into the context from a buffer. 0367 * 0368 * @param certificate The buffer containing the certificate. 0369 * 0370 * @param format The certificate format (ASN.1 or PEM). 0371 * 0372 * @throws boost::system::system_error Thrown on failure. 0373 * 0374 * @note Calls @c SSL_CTX_use_certificate or SSL_CTX_use_certificate_ASN1. 0375 */ 0376 BOOST_ASIO_DECL void use_certificate( 0377 const const_buffer& certificate, file_format format); 0378 0379 /// Use a certificate from a memory buffer. 0380 /** 0381 * This function is used to load a certificate into the context from a buffer. 0382 * 0383 * @param certificate The buffer containing the certificate. 0384 * 0385 * @param format The certificate format (ASN.1 or PEM). 0386 * 0387 * @param ec Set to indicate what error occurred, if any. 0388 * 0389 * @note Calls @c SSL_CTX_use_certificate or SSL_CTX_use_certificate_ASN1. 0390 */ 0391 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_certificate( 0392 const const_buffer& certificate, file_format format, 0393 boost::system::error_code& ec); 0394 0395 /// Use a certificate from a file. 0396 /** 0397 * This function is used to load a certificate into the context from a file. 0398 * 0399 * @param filename The name of the file containing the certificate. 0400 * 0401 * @param format The file format (ASN.1 or PEM). 0402 * 0403 * @throws boost::system::system_error Thrown on failure. 0404 * 0405 * @note Calls @c SSL_CTX_use_certificate_file. 0406 */ 0407 BOOST_ASIO_DECL void use_certificate_file( 0408 const std::string& filename, file_format format); 0409 0410 /// Use a certificate from a file. 0411 /** 0412 * This function is used to load a certificate into the context from a file. 0413 * 0414 * @param filename The name of the file containing the certificate. 0415 * 0416 * @param format The file format (ASN.1 or PEM). 0417 * 0418 * @param ec Set to indicate what error occurred, if any. 0419 * 0420 * @note Calls @c SSL_CTX_use_certificate_file. 0421 */ 0422 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_certificate_file( 0423 const std::string& filename, file_format format, 0424 boost::system::error_code& ec); 0425 0426 /// Use a certificate chain from a memory buffer. 0427 /** 0428 * This function is used to load a certificate chain into the context from a 0429 * buffer. 0430 * 0431 * @param chain The buffer containing the certificate chain. The certificate 0432 * chain must use the PEM format. 0433 * 0434 * @throws boost::system::system_error Thrown on failure. 0435 * 0436 * @note Calls @c SSL_CTX_use_certificate and SSL_CTX_add_extra_chain_cert. 0437 */ 0438 BOOST_ASIO_DECL void use_certificate_chain(const const_buffer& chain); 0439 0440 /// Use a certificate chain from a memory buffer. 0441 /** 0442 * This function is used to load a certificate chain into the context from a 0443 * buffer. 0444 * 0445 * @param chain The buffer containing the certificate chain. The certificate 0446 * chain must use the PEM format. 0447 * 0448 * @param ec Set to indicate what error occurred, if any. 0449 * 0450 * @note Calls @c SSL_CTX_use_certificate and SSL_CTX_add_extra_chain_cert. 0451 */ 0452 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_certificate_chain( 0453 const const_buffer& chain, boost::system::error_code& ec); 0454 0455 /// Use a certificate chain from a file. 0456 /** 0457 * This function is used to load a certificate chain into the context from a 0458 * file. 0459 * 0460 * @param filename The name of the file containing the certificate. The file 0461 * must use the PEM format. 0462 * 0463 * @throws boost::system::system_error Thrown on failure. 0464 * 0465 * @note Calls @c SSL_CTX_use_certificate_chain_file. 0466 */ 0467 BOOST_ASIO_DECL void use_certificate_chain_file(const std::string& filename); 0468 0469 /// Use a certificate chain from a file. 0470 /** 0471 * This function is used to load a certificate chain into the context from a 0472 * file. 0473 * 0474 * @param filename The name of the file containing the certificate. The file 0475 * must use the PEM format. 0476 * 0477 * @param ec Set to indicate what error occurred, if any. 0478 * 0479 * @note Calls @c SSL_CTX_use_certificate_chain_file. 0480 */ 0481 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_certificate_chain_file( 0482 const std::string& filename, boost::system::error_code& ec); 0483 0484 /// Use a private key from a memory buffer. 0485 /** 0486 * This function is used to load a private key into the context from a buffer. 0487 * 0488 * @param private_key The buffer containing the private key. 0489 * 0490 * @param format The private key format (ASN.1 or PEM). 0491 * 0492 * @throws boost::system::system_error Thrown on failure. 0493 * 0494 * @note Calls @c SSL_CTX_use_PrivateKey or SSL_CTX_use_PrivateKey_ASN1. 0495 */ 0496 BOOST_ASIO_DECL void use_private_key( 0497 const const_buffer& private_key, file_format format); 0498 0499 /// Use a private key from a memory buffer. 0500 /** 0501 * This function is used to load a private key into the context from a buffer. 0502 * 0503 * @param private_key The buffer containing the private key. 0504 * 0505 * @param format The private key format (ASN.1 or PEM). 0506 * 0507 * @param ec Set to indicate what error occurred, if any. 0508 * 0509 * @note Calls @c SSL_CTX_use_PrivateKey or SSL_CTX_use_PrivateKey_ASN1. 0510 */ 0511 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_private_key( 0512 const const_buffer& private_key, file_format format, 0513 boost::system::error_code& ec); 0514 0515 /// Use a private key from a file. 0516 /** 0517 * This function is used to load a private key into the context from a file. 0518 * 0519 * @param filename The name of the file containing the private key. 0520 * 0521 * @param format The file format (ASN.1 or PEM). 0522 * 0523 * @throws boost::system::system_error Thrown on failure. 0524 * 0525 * @note Calls @c SSL_CTX_use_PrivateKey_file. 0526 */ 0527 BOOST_ASIO_DECL void use_private_key_file( 0528 const std::string& filename, file_format format); 0529 0530 /// Use a private key from a file. 0531 /** 0532 * This function is used to load a private key into the context from a file. 0533 * 0534 * @param filename The name of the file containing the private key. 0535 * 0536 * @param format The file format (ASN.1 or PEM). 0537 * 0538 * @param ec Set to indicate what error occurred, if any. 0539 * 0540 * @note Calls @c SSL_CTX_use_PrivateKey_file. 0541 */ 0542 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_private_key_file( 0543 const std::string& filename, file_format format, 0544 boost::system::error_code& ec); 0545 0546 /// Use an RSA private key from a memory buffer. 0547 /** 0548 * This function is used to load an RSA private key into the context from a 0549 * buffer. 0550 * 0551 * @param private_key The buffer containing the RSA private key. 0552 * 0553 * @param format The private key format (ASN.1 or PEM). 0554 * 0555 * @throws boost::system::system_error Thrown on failure. 0556 * 0557 * @note Calls @c SSL_CTX_use_RSAPrivateKey or SSL_CTX_use_RSAPrivateKey_ASN1. 0558 */ 0559 BOOST_ASIO_DECL void use_rsa_private_key( 0560 const const_buffer& private_key, file_format format); 0561 0562 /// Use an RSA private key from a memory buffer. 0563 /** 0564 * This function is used to load an RSA private key into the context from a 0565 * buffer. 0566 * 0567 * @param private_key The buffer containing the RSA private key. 0568 * 0569 * @param format The private key format (ASN.1 or PEM). 0570 * 0571 * @param ec Set to indicate what error occurred, if any. 0572 * 0573 * @note Calls @c SSL_CTX_use_RSAPrivateKey or SSL_CTX_use_RSAPrivateKey_ASN1. 0574 */ 0575 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_rsa_private_key( 0576 const const_buffer& private_key, file_format format, 0577 boost::system::error_code& ec); 0578 0579 /// Use an RSA private key from a file. 0580 /** 0581 * This function is used to load an RSA private key into the context from a 0582 * file. 0583 * 0584 * @param filename The name of the file containing the RSA private key. 0585 * 0586 * @param format The file format (ASN.1 or PEM). 0587 * 0588 * @throws boost::system::system_error Thrown on failure. 0589 * 0590 * @note Calls @c SSL_CTX_use_RSAPrivateKey_file. 0591 */ 0592 BOOST_ASIO_DECL void use_rsa_private_key_file( 0593 const std::string& filename, file_format format); 0594 0595 /// Use an RSA private key from a file. 0596 /** 0597 * This function is used to load an RSA private key into the context from a 0598 * file. 0599 * 0600 * @param filename The name of the file containing the RSA private key. 0601 * 0602 * @param format The file format (ASN.1 or PEM). 0603 * 0604 * @param ec Set to indicate what error occurred, if any. 0605 * 0606 * @note Calls @c SSL_CTX_use_RSAPrivateKey_file. 0607 */ 0608 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_rsa_private_key_file( 0609 const std::string& filename, file_format format, 0610 boost::system::error_code& ec); 0611 0612 /// Use the specified memory buffer to obtain the temporary Diffie-Hellman 0613 /// parameters. 0614 /** 0615 * This function is used to load Diffie-Hellman parameters into the context 0616 * from a buffer. 0617 * 0618 * @param dh The memory buffer containing the Diffie-Hellman parameters. The 0619 * buffer must use the PEM format. 0620 * 0621 * @throws boost::system::system_error Thrown on failure. 0622 * 0623 * @note Calls @c SSL_CTX_set_tmp_dh. 0624 */ 0625 BOOST_ASIO_DECL void use_tmp_dh(const const_buffer& dh); 0626 0627 /// Use the specified memory buffer to obtain the temporary Diffie-Hellman 0628 /// parameters. 0629 /** 0630 * This function is used to load Diffie-Hellman parameters into the context 0631 * from a buffer. 0632 * 0633 * @param dh The memory buffer containing the Diffie-Hellman parameters. The 0634 * buffer must use the PEM format. 0635 * 0636 * @param ec Set to indicate what error occurred, if any. 0637 * 0638 * @note Calls @c SSL_CTX_set_tmp_dh. 0639 */ 0640 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_tmp_dh( 0641 const const_buffer& dh, boost::system::error_code& ec); 0642 0643 /// Use the specified file to obtain the temporary Diffie-Hellman parameters. 0644 /** 0645 * This function is used to load Diffie-Hellman parameters into the context 0646 * from a file. 0647 * 0648 * @param filename The name of the file containing the Diffie-Hellman 0649 * parameters. The file must use the PEM format. 0650 * 0651 * @throws boost::system::system_error Thrown on failure. 0652 * 0653 * @note Calls @c SSL_CTX_set_tmp_dh. 0654 */ 0655 BOOST_ASIO_DECL void use_tmp_dh_file(const std::string& filename); 0656 0657 /// Use the specified file to obtain the temporary Diffie-Hellman parameters. 0658 /** 0659 * This function is used to load Diffie-Hellman parameters into the context 0660 * from a file. 0661 * 0662 * @param filename The name of the file containing the Diffie-Hellman 0663 * parameters. The file must use the PEM format. 0664 * 0665 * @param ec Set to indicate what error occurred, if any. 0666 * 0667 * @note Calls @c SSL_CTX_set_tmp_dh. 0668 */ 0669 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID use_tmp_dh_file( 0670 const std::string& filename, boost::system::error_code& ec); 0671 0672 /// Set the password callback. 0673 /** 0674 * This function is used to specify a callback function to obtain password 0675 * information about an encrypted key in PEM format. 0676 * 0677 * @param callback The function object to be used for obtaining the password. 0678 * The function signature of the handler must be: 0679 * @code std::string password_callback( 0680 * std::size_t max_length, // The maximum size for a password. 0681 * password_purpose purpose // Whether password is for reading or writing. 0682 * ); @endcode 0683 * The return value of the callback is a string containing the password. 0684 * 0685 * @throws boost::system::system_error Thrown on failure. 0686 * 0687 * @note Calls @c SSL_CTX_set_default_passwd_cb. 0688 */ 0689 template <typename PasswordCallback> 0690 void set_password_callback(PasswordCallback callback); 0691 0692 /// Set the password callback. 0693 /** 0694 * This function is used to specify a callback function to obtain password 0695 * information about an encrypted key in PEM format. 0696 * 0697 * @param callback The function object to be used for obtaining the password. 0698 * The function signature of the handler must be: 0699 * @code std::string password_callback( 0700 * std::size_t max_length, // The maximum size for a password. 0701 * password_purpose purpose // Whether password is for reading or writing. 0702 * ); @endcode 0703 * The return value of the callback is a string containing the password. 0704 * 0705 * @param ec Set to indicate what error occurred, if any. 0706 * 0707 * @note Calls @c SSL_CTX_set_default_passwd_cb. 0708 */ 0709 template <typename PasswordCallback> 0710 BOOST_ASIO_SYNC_OP_VOID set_password_callback(PasswordCallback callback, 0711 boost::system::error_code& ec); 0712 0713 private: 0714 struct bio_cleanup; 0715 struct x509_cleanup; 0716 struct evp_pkey_cleanup; 0717 struct rsa_cleanup; 0718 struct dh_cleanup; 0719 0720 // Helper function used to set a peer certificate verification callback. 0721 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID do_set_verify_callback( 0722 detail::verify_callback_base* callback, boost::system::error_code& ec); 0723 0724 // Callback used when the SSL implementation wants to verify a certificate. 0725 BOOST_ASIO_DECL static int verify_callback_function( 0726 int preverified, X509_STORE_CTX* ctx); 0727 0728 // Helper function used to set a password callback. 0729 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID do_set_password_callback( 0730 detail::password_callback_base* callback, boost::system::error_code& ec); 0731 0732 // Callback used when the SSL implementation wants a password. 0733 BOOST_ASIO_DECL static int password_callback_function( 0734 char* buf, int size, int purpose, void* data); 0735 0736 // Helper function to set the temporary Diffie-Hellman parameters from a BIO. 0737 BOOST_ASIO_DECL BOOST_ASIO_SYNC_OP_VOID do_use_tmp_dh( 0738 BIO* bio, boost::system::error_code& ec); 0739 0740 // Helper function to make a BIO from a memory buffer. 0741 BOOST_ASIO_DECL BIO* make_buffer_bio(const const_buffer& b); 0742 0743 // Translate an SSL error into an error code. 0744 BOOST_ASIO_DECL static boost::system::error_code translate_error(long error); 0745 0746 // The underlying native implementation. 0747 native_handle_type handle_; 0748 0749 // Ensure openssl is initialised. 0750 boost::asio::ssl::detail::openssl_init<> init_; 0751 }; 0752 0753 } // namespace ssl 0754 } // namespace asio 0755 } // namespace boost 0756 0757 #include <boost/asio/detail/pop_options.hpp> 0758 0759 #include <boost/asio/ssl/impl/context.hpp> 0760 #if defined(BOOST_ASIO_HEADER_ONLY) 0761 # include <boost/asio/ssl/impl/context.ipp> 0762 #endif // defined(BOOST_ASIO_HEADER_ONLY) 0763 0764 #endif // BOOST_ASIO_SSL_CONTEXT_HPP
| [ Source navigation ] | [ Diff markup ] | [ Identifier search ] | [ general search ] |
|
This page was automatically generated by the 2.3.7 LXR engine. The LXR team |
|