1 // 2 // ssl/host_name_verification.hpp 3 // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 4 // 5 // Copyright (c) 2003-2021 Christopher M. Kohlhoff (chris at kohlhoff dot com) 6 // 7 // Distributed under the Boost Software License, Version 1.0. (See accompanying 8 // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) 9 // 10 11 #ifndef BOOST_ASIO_SSL_HOST_NAME_VERIFICATION_HPP 12 #define BOOST_ASIO_SSL_HOST_NAME_VERIFICATION_HPP 13 14 #if defined(_MSC_VER) && (_MSC_VER >= 1200) 15 # pragma once 16 #endif // defined(_MSC_VER) && (_MSC_VER >= 1200) 17 18 #include <boost/asio/detail/config.hpp> 19 20 #include <string> 21 #include <boost/asio/ssl/detail/openssl_types.hpp> 22 #include <boost/asio/ssl/verify_context.hpp> 23 24 #include <boost/asio/detail/push_options.hpp> 25 26 namespace boost { 27 namespace asio { 28 namespace ssl { 29 30 /// Verifies a certificate against a host_name according to the rules described 31 /// in RFC 6125. 32 /** 33 * @par Example 34 * The following example shows how to synchronously open a secure connection to 35 * a given host name: 36 * @code 37 * using boost::asio::ip::tcp; 38 * namespace ssl = boost::asio::ssl; 39 * typedef ssl::stream<tcp::socket> ssl_socket; 40 * 41 * // Create a context that uses the default paths for finding CA certificates. 42 * ssl::context ctx(ssl::context::sslv23); 43 * ctx.set_default_verify_paths(); 44 * 45 * // Open a socket and connect it to the remote host. 46 * boost::asio::io_context io_context; 47 * ssl_socket sock(io_context, ctx); 48 * tcp::resolver resolver(io_context); 49 * tcp::resolver::query query("host.name", "https"); 50 * boost::asio::connect(sock.lowest_layer(), resolver.resolve(query)); 51 * sock.lowest_layer().set_option(tcp::no_delay(true)); 52 * 53 * // Perform SSL handshake and verify the remote host's certificate. 54 * sock.set_verify_mode(ssl::verify_peer); 55 * sock.set_verify_callback(ssl::host_name_verification("host.name")); 56 * sock.handshake(ssl_socket::client); 57 * 58 * // ... read and write as normal ... 59 * @endcode 60 */ 61 class host_name_verification 62 { 63 public: 64 /// The type of the function object's result. 65 typedef bool result_type; 66 67 /// Constructor. host_name_verification(const std::string & host)68 explicit host_name_verification(const std::string& host) 69 : host_(host) 70 { 71 } 72 73 /// Perform certificate verification. 74 BOOST_ASIO_DECL bool operator()(bool preverified, verify_context& ctx) const; 75 76 private: 77 // Helper function to check a host name against an IPv4 address 78 // The host name to be checked. 79 std::string host_; 80 }; 81 82 } // namespace ssl 83 } // namespace asio 84 } // namespace boost 85 86 #include <boost/asio/detail/pop_options.hpp> 87 88 #if defined(BOOST_ASIO_HEADER_ONLY) 89 # include <boost/asio/ssl/impl/host_name_verification.ipp> 90 #endif // defined(BOOST_ASIO_HEADER_ONLY) 91 92 #endif // BOOST_ASIO_SSL_HOST_NAME_VERIFICATION_HPP 93