Subject: [Boost-bugs] [Boost C++ Libraries] #11809: Add SSL Renegotiate handshake support to boost::asio::ssl
From: Boost C++ Libraries (noreply_at_[hidden])
Date: 2015-11-20 11:13:44
#11809: Add SSL Renegotiate handshake support to boost::asio::ssl
--------------------------+------------------------------
Reporter: georgid@… | Type: Feature Requests
Status: new | Milestone: To Be Determined
Component: None | Version: Boost 1.59.0
Severity: Optimization | Keywords:
--------------------------+------------------------------
Currently the boost::asio::ssl::stream handshake can call either
SSL_accept or SSL_connect for initial connection handshaking. To be able
to do a SSL renegotiation handshake SSL_do_hanshake needs() to be called.
I have attached a patch that adds a new boost::asio::ssl::hanshake_type
called "renegotiate" and the needed support in the ssl::engine to do a
proper renegotiation handshake.
Doing a server side renegotiate to request the client certificate can be
done in the following way:
{{{
#!c++
#include <boost/asio.hpp>
#include <boost/asio/ssl.hpp>
typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> ssl_socket;
int main(int argc, char* argv[])
{
using namespace std; // For atoi.
using namespace boost::asio;
unsigned short port = atoi(argv[1]);
io_service io_service;
ip::tcp::acceptor acceptor(io_service,
ip::tcp::endpoint(ip::tcp::v4(), port));
ssl::context ctx(ssl::context::sslv23);
ssl_socket sock(io_service, ctx);
acceptor.accept(sock.lowest_layer());
sock.handshake(ssl_socket::server);
// read some data
sock.set_verify_mode(ssl::verify_peer);
sock.handshake(ssl_socket::renegotiate);
// continue using the connection
}
}}}
-- Ticket URL: <https://svn.boost.org/trac/boost/ticket/11809> Boost C++ Libraries <http://www.boost.org/> Boost provides free peer-reviewed portable C++ source libraries.
This archive was generated by hypermail 2.1.7 : 2017-02-16 18:50:19 UTC