|
Boost-Commit : |
Subject: [Boost-commit] svn:boost r70384 - in trunk: boost/asio boost/asio/detail boost/asio/detail/impl boost/asio/ip boost/asio/ip/detail boost/asio/ip/detail/impl boost/asio/ip/impl boost/asio/ssl boost/asio/ssl/detail boost/asio/ssl/detail/impl boost/asio/ssl/impl boost/asio/ssl/old libs/asio/doc libs/asio/doc/overview libs/asio/example/ssl libs/asio/test/ssl
From: chris_at_[hidden]
Date: 2011-03-21 21:22:00
Author: chris_kohlhoff
Date: 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
New Revision: 70384
URL: http://svn.boost.org/trac/boost/changeset/70384
Log:
* Add documentation for new asio::buffer() overloads for std::array.
* Improve backward compatibility of the new SSL implementation.
* Add wrapper for SSL_CTX_set_default_verify_paths().
* Document which OpenSSL functions the ssl::context member functions use.
* Add SSL certificate verification callbacks, and add a new
ssl::rfc2818_verification function object for simple peer certificate
verification based on the host name.
* Use std::atomic<> when available.
* Prefer to use std::array when it is available.
* Use std::shared_ptr and std::weak_ptr when available.
* Use a lightweight scoped smart pointer.
* Fix some shadow variable warnings with g++ 4.6.
Added:
trunk/boost/asio/detail/array.hpp (contents, props changed)
trunk/boost/asio/detail/atomic_count.hpp (contents, props changed)
trunk/boost/asio/detail/scoped_ptr.hpp (contents, props changed)
trunk/boost/asio/ssl/detail/verify_callback.hpp (contents, props changed)
trunk/boost/asio/ssl/impl/rfc2818_verification.ipp (contents, props changed)
trunk/boost/asio/ssl/rfc2818_verification.hpp (contents, props changed)
trunk/boost/asio/ssl/verify_context.hpp (contents, props changed)
trunk/boost/asio/ssl/verify_mode.hpp (contents, props changed)
trunk/libs/asio/test/ssl/rfc2818_verification.cpp (contents, props changed)
Text files modified:
trunk/boost/asio/basic_socket_streambuf.hpp | 6
trunk/boost/asio/buffer.hpp | 4
trunk/boost/asio/detail/config.hpp | 27
trunk/boost/asio/detail/dev_poll_reactor.hpp | 2
trunk/boost/asio/detail/epoll_reactor.hpp | 2
trunk/boost/asio/detail/impl/dev_poll_reactor.ipp | 4
trunk/boost/asio/detail/impl/epoll_reactor.ipp | 4
trunk/boost/asio/detail/impl/kqueue_reactor.ipp | 4
trunk/boost/asio/detail/impl/resolver_service_base.ipp | 12
trunk/boost/asio/detail/impl/select_reactor.ipp | 4
trunk/boost/asio/detail/impl/service_registry.ipp | 8
trunk/boost/asio/detail/impl/signal_set_service.ipp | 7
trunk/boost/asio/detail/impl/strand_service.ipp | 2
trunk/boost/asio/detail/impl/win_iocp_io_service.ipp | 8
trunk/boost/asio/detail/kqueue_reactor.hpp | 2
trunk/boost/asio/detail/resolver_service_base.hpp | 11
trunk/boost/asio/detail/select_reactor.hpp | 2
trunk/boost/asio/detail/service_registry.hpp | 2
trunk/boost/asio/detail/shared_ptr.hpp | 12
trunk/boost/asio/detail/signal_set_service.hpp | 3
trunk/boost/asio/detail/strand_service.hpp | 6
trunk/boost/asio/detail/task_io_service.hpp | 4
trunk/boost/asio/detail/weak_ptr.hpp | 13
trunk/boost/asio/detail/win_iocp_io_service.hpp | 4
trunk/boost/asio/ip/address_v4.hpp | 12
trunk/boost/asio/ip/address_v6.hpp | 12
trunk/boost/asio/ip/detail/impl/endpoint.ipp | 6
trunk/boost/asio/ip/detail/socket_option.hpp | 5
trunk/boost/asio/ip/impl/address_v4.ipp | 6
trunk/boost/asio/ip/impl/address_v6.ipp | 6
trunk/boost/asio/ssl.hpp | 3
trunk/boost/asio/ssl/context.hpp | 142 +++
trunk/boost/asio/ssl/context_base.hpp | 21
trunk/boost/asio/ssl/detail/engine.hpp | 14
trunk/boost/asio/ssl/detail/impl/engine.ipp | 56 +
trunk/boost/asio/ssl/detail/openssl_types.hpp | 1
trunk/boost/asio/ssl/impl/context.hpp | 16
trunk/boost/asio/ssl/impl/context.ipp | 91 ++
trunk/boost/asio/ssl/impl/src.hpp | 1
trunk/boost/asio/ssl/old/basic_context.hpp | 2
trunk/boost/asio/ssl/stream.hpp | 130 +++
trunk/libs/asio/doc/overview/ssl.qbk | 14
trunk/libs/asio/doc/quickref.xml | 2
trunk/libs/asio/doc/reference.qbk | 1651 +++++++++++++++++++++++++++++++++------
trunk/libs/asio/doc/reference.xsl | 77 +
trunk/libs/asio/example/ssl/client.cpp | 32
trunk/libs/asio/test/ssl/Jamfile | 1
trunk/libs/asio/test/ssl/Jamfile.v2 | 2
trunk/libs/asio/test/ssl/stream.cpp | 23
49 files changed, 2089 insertions(+), 390 deletions(-)
Modified: trunk/boost/asio/basic_socket_streambuf.hpp
==============================================================================
--- trunk/boost/asio/basic_socket_streambuf.hpp (original)
+++ trunk/boost/asio/basic_socket_streambuf.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -20,7 +20,6 @@
#if !defined(BOOST_NO_IOSTREAM)
#include <streambuf>
-#include <boost/array.hpp>
#include <boost/preprocessor/arithmetic/inc.hpp>
#include <boost/preprocessor/repetition/enum_binary_params.hpp>
#include <boost/preprocessor/repetition/enum_params.hpp>
@@ -28,6 +27,7 @@
#include <boost/utility/base_from_member.hpp>
#include <boost/asio/basic_socket.hpp>
#include <boost/asio/deadline_timer_service.hpp>
+#include <boost/asio/detail/array.hpp>
#include <boost/asio/detail/throw_error.hpp>
#include <boost/asio/io_service.hpp>
#include <boost/asio/stream_socket_service.hpp>
@@ -506,8 +506,8 @@
enum { putback_max = 8 };
enum { buffer_size = 512 };
- boost::array<char, buffer_size> get_buffer_;
- boost::array<char, buffer_size> put_buffer_;
+ boost::asio::detail::array<char, buffer_size> get_buffer_;
+ boost::asio::detail::array<char, buffer_size> put_buffer_;
bool unbuffered_;
boost::system::error_code ec_;
std::size_t bytes_transferred_;
Modified: trunk/boost/asio/buffer.hpp
==============================================================================
--- trunk/boost/asio/buffer.hpp (original)
+++ trunk/boost/asio/buffer.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -977,7 +977,7 @@
? data.size() * sizeof(PodType) : max_size_in_bytes));
}
-#if defined(BOOST_ASIO_HAS_STD_ARRAY)
+#if defined(BOOST_ASIO_HAS_STD_ARRAY) || defined(GENERATING_DOCUMENTATION)
/// Create a new modifiable buffer that represents the given POD array.
/**
@@ -1072,7 +1072,7 @@
? data.size() * sizeof(PodType) : max_size_in_bytes));
}
-#endif // defined(BOOST_ASIO_HAS_STD_ARRAY)
+#endif // defined(BOOST_ASIO_HAS_STD_ARRAY) || defined(GENERATING_DOCUMENTATION)
/// Create a new modifiable buffer that represents the given POD vector.
/**
Added: trunk/boost/asio/detail/array.hpp
==============================================================================
--- (empty file)
+++ trunk/boost/asio/detail/array.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -0,0 +1,40 @@
+//
+// detail/array.hpp
+// ~~~~~~~~~~~~~~~~
+//
+// Copyright (c) 2003-2011 Christopher M. Kohlhoff (chris at kohlhoff dot com)
+//
+// Distributed under the Boost Software License, Version 1.0. (See accompanying
+// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
+//
+
+#ifndef BOOST_ASIO_DETAIL_ARRAY_HPP
+#define BOOST_ASIO_DETAIL_ARRAY_HPP
+
+#if defined(_MSC_VER) && (_MSC_VER >= 1200)
+# pragma once
+#endif // defined(_MSC_VER) && (_MSC_VER >= 1200)
+
+#include <boost/asio/detail/config.hpp>
+
+#if defined(BOOST_ASIO_HAS_STD_ARRAY)
+# include <array>
+#else // defined(BOOST_ASIO_HAS_STD_ARRAY)
+# include <boost/array.hpp>
+#endif // defined(BOOST_ASIO_HAS_STD_ARRAY)
+
+namespace boost {
+namespace asio {
+namespace detail {
+
+#if defined(BOOST_ASIO_HAS_STD_ARRAY)
+using std::array;
+#else // defined(BOOST_ASIO_HAS_STD_ARRAY)
+using boost::array;
+#endif // defined(BOOST_ASIO_HAS_STD_ARRAY)
+
+} // namespace detail
+} // namespace asio
+} // namespace boost
+
+#endif // BOOST_ASIO_DETAIL_ARRAY_HPP
Added: trunk/boost/asio/detail/atomic_count.hpp
==============================================================================
--- (empty file)
+++ trunk/boost/asio/detail/atomic_count.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -0,0 +1,40 @@
+//
+// detail/atomic_count.hpp
+// ~~~~~~~~~~~~~~~~~~~~~~~
+//
+// Copyright (c) 2003-2011 Christopher M. Kohlhoff (chris at kohlhoff dot com)
+//
+// Distributed under the Boost Software License, Version 1.0. (See accompanying
+// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
+//
+
+#ifndef BOOST_ASIO_DETAIL_ATOMIC_COUNT_HPP
+#define BOOST_ASIO_DETAIL_ATOMIC_COUNT_HPP
+
+#if defined(_MSC_VER) && (_MSC_VER >= 1200)
+# pragma once
+#endif // defined(_MSC_VER) && (_MSC_VER >= 1200)
+
+#include <boost/asio/detail/config.hpp>
+
+#if defined(BOOST_ASIO_HAS_STD_ATOMIC)
+# include <atomic>
+#else // defined(BOOST_ASIO_HAS_STD_ATOMIC)
+# include <boost/detail/atomic_count.hpp>
+#endif // defined(BOOST_ASIO_HAS_STD_ATOMIC)
+
+namespace boost {
+namespace asio {
+namespace detail {
+
+#if defined(BOOST_ASIO_HAS_STD_ATOMIC)
+typedef std::atomic<long> atomic_count;
+#else // defined(BOOST_ASIO_HAS_STD_ATOMIC)
+typedef boost::detail::atomic_count atomic_count;
+#endif // defined(BOOST_ASIO_HAS_STD_ATOMIC)
+
+} // namespace detail
+} // namespace asio
+} // namespace boost
+
+#endif // BOOST_ASIO_DETAIL_ATOMIC_COUNT_HPP
Modified: trunk/boost/asio/detail/config.hpp
==============================================================================
--- trunk/boost/asio/detail/config.hpp (original)
+++ trunk/boost/asio/detail/config.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -96,6 +96,33 @@
# endif // defined(BOOST_MSVC)
#endif // !defined(BOOST_ASIO_DISABLE_STD_ARRAY)
+// Standard library support for shared_ptr and weak_ptr.
+#if !defined(BOOST_ASIO_DISABLE_STD_SHARED_PTR)
+# if defined(__GNUC__)
+# if ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 4)
+# if defined(__GXX_EXPERIMENTAL_CXX0X__)
+# define BOOST_ASIO_HAS_STD_SHARED_PTR
+# endif // defined(__GXX_EXPERIMENTAL_CXX0X__)
+# endif // ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 4)
+# endif // defined(__GNUC__)
+# if defined(BOOST_MSVC)
+# if (_MSC_VER >= 1600)
+# define BOOST_ASIO_HAS_STD_SHARED_PTR
+# endif // (_MSC_VER >= 1600)
+# endif // defined(BOOST_MSVC)
+#endif // !defined(BOOST_ASIO_DISABLE_STD_SHARED_PTR)
+
+// Standard library support for atomic operations.
+#if !defined(BOOST_ASIO_DISABLE_STD_ATOMIC)
+# if defined(__GNUC__)
+# if ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 5)) || (__GNUC__ > 4)
+# if defined(__GXX_EXPERIMENTAL_CXX0X__)
+# define BOOST_ASIO_HAS_STD_ATOMIC
+# endif // defined(__GXX_EXPERIMENTAL_CXX0X__)
+# endif // ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 5)) || (__GNUC__ > 4)
+# endif // defined(__GNUC__)
+#endif // !defined(BOOST_ASIO_DISABLE_STD_ATOMIC)
+
// Windows: target OS version.
#if defined(BOOST_WINDOWS) || defined(__CYGWIN__)
# if !defined(_WIN32_WINNT) && !defined(_WIN32_WINDOWS)
Modified: trunk/boost/asio/detail/dev_poll_reactor.hpp
==============================================================================
--- trunk/boost/asio/detail/dev_poll_reactor.hpp (original)
+++ trunk/boost/asio/detail/dev_poll_reactor.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -66,7 +66,7 @@
// Recreate internal descriptors following a fork.
BOOST_ASIO_DECL void fork_service(
- boost::asio::io_service::fork_event event);
+ boost::asio::io_service::fork_event fork_ev);
// Initialise the task.
BOOST_ASIO_DECL void init_task();
Modified: trunk/boost/asio/detail/epoll_reactor.hpp
==============================================================================
--- trunk/boost/asio/detail/epoll_reactor.hpp (original)
+++ trunk/boost/asio/detail/epoll_reactor.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -73,7 +73,7 @@
// Recreate internal descriptors following a fork.
BOOST_ASIO_DECL void fork_service(
- boost::asio::io_service::fork_event event);
+ boost::asio::io_service::fork_event fork_ev);
// Initialise the task.
BOOST_ASIO_DECL void init_task();
Modified: trunk/boost/asio/detail/impl/dev_poll_reactor.ipp
==============================================================================
--- trunk/boost/asio/detail/impl/dev_poll_reactor.ipp (original)
+++ trunk/boost/asio/detail/impl/dev_poll_reactor.ipp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -87,9 +87,9 @@
short events_;
};
-void dev_poll_reactor::fork_service(boost::asio::io_service::fork_event event)
+void dev_poll_reactor::fork_service(boost::asio::io_service::fork_event fork_ev)
{
- if (event == boost::asio::io_service::fork_child)
+ if (fork_ev == boost::asio::io_service::fork_child)
{
detail::mutex::scoped_lock lock(mutex_);
Modified: trunk/boost/asio/detail/impl/epoll_reactor.ipp
==============================================================================
--- trunk/boost/asio/detail/impl/epoll_reactor.ipp (original)
+++ trunk/boost/asio/detail/impl/epoll_reactor.ipp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -87,9 +87,9 @@
timer_queues_.get_all_timers(ops);
}
-void epoll_reactor::fork_service(boost::asio::io_service::fork_event event)
+void epoll_reactor::fork_service(boost::asio::io_service::fork_event fork_ev)
{
- if (event == boost::asio::io_service::fork_child)
+ if (fork_ev == boost::asio::io_service::fork_child)
{
if (epoll_fd_ != -1)
::close(epoll_fd_);
Modified: trunk/boost/asio/detail/impl/kqueue_reactor.ipp
==============================================================================
--- trunk/boost/asio/detail/impl/kqueue_reactor.ipp (original)
+++ trunk/boost/asio/detail/impl/kqueue_reactor.ipp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -77,9 +77,9 @@
timer_queues_.get_all_timers(ops);
}
-void kqueue_reactor::fork_service(boost::asio::io_service::fork_event event)
+void kqueue_reactor::fork_service(boost::asio::io_service::fork_event fork_ev)
{
- if (event == boost::asio::io_service::fork_child)
+ if (fork_ev == boost::asio::io_service::fork_child)
{
// The kqueue descriptor is automatically closed in the child.
kqueue_fd_ = -1;
Modified: trunk/boost/asio/detail/impl/resolver_service_base.ipp
==============================================================================
--- trunk/boost/asio/detail/impl/resolver_service_base.ipp (original)
+++ trunk/boost/asio/detail/impl/resolver_service_base.ipp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -53,10 +53,10 @@
void resolver_service_base::shutdown_service()
{
work_.reset();
- if (work_io_service_)
+ if (work_io_service_.get())
{
work_io_service_->stop();
- if (work_thread_)
+ if (work_thread_.get())
{
work_thread_->join();
work_thread_.reset();
@@ -66,11 +66,11 @@
}
void resolver_service_base::fork_service(
- boost::asio::io_service::fork_event event)
+ boost::asio::io_service::fork_event fork_ev)
{
- if (work_thread_)
+ if (work_thread_.get())
{
- if (event == boost::asio::io_service::fork_prepare)
+ if (fork_ev == boost::asio::io_service::fork_prepare)
{
work_io_service_->stop();
work_thread_->join();
@@ -116,7 +116,7 @@
void resolver_service_base::start_work_thread()
{
boost::asio::detail::mutex::scoped_lock lock(mutex_);
- if (!work_thread_)
+ if (!work_thread_.get())
{
work_thread_.reset(new boost::asio::detail::thread(
work_io_service_runner(*work_io_service_)));
Modified: trunk/boost/asio/detail/impl/select_reactor.ipp
==============================================================================
--- trunk/boost/asio/detail/impl/select_reactor.ipp (original)
+++ trunk/boost/asio/detail/impl/select_reactor.ipp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -84,9 +84,9 @@
timer_queues_.get_all_timers(ops);
}
-void select_reactor::fork_service(boost::asio::io_service::fork_event event)
+void select_reactor::fork_service(boost::asio::io_service::fork_event fork_ev)
{
- if (event == boost::asio::io_service::fork_child)
+ if (fork_ev == boost::asio::io_service::fork_child)
interrupter_.recreate();
}
Modified: trunk/boost/asio/detail/impl/service_registry.ipp
==============================================================================
--- trunk/boost/asio/detail/impl/service_registry.ipp (original)
+++ trunk/boost/asio/detail/impl/service_registry.ipp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -53,7 +53,7 @@
}
}
-void service_registry::notify_fork(boost::asio::io_service::fork_event event)
+void service_registry::notify_fork(boost::asio::io_service::fork_event fork_ev)
{
// Make a copy of all of the services while holding the lock. We don't want
// to hold the lock while calling into each service, as it may try to call
@@ -74,12 +74,12 @@
// services in the vector. For the other events we want to go in the other
// direction.
std::size_t num_services = services.size();
- if (event == boost::asio::io_service::fork_prepare)
+ if (fork_ev == boost::asio::io_service::fork_prepare)
for (std::size_t i = 0; i < num_services; ++i)
- services[i]->fork_service(event);
+ services[i]->fork_service(fork_ev);
else
for (std::size_t i = num_services; i > 0; --i)
- services[i - 1]->fork_service(event);
+ services[i - 1]->fork_service(fork_ev);
}
void service_registry::init_key(boost::asio::io_service::service::key& key,
Modified: trunk/boost/asio/detail/impl/signal_set_service.ipp
==============================================================================
--- trunk/boost/asio/detail/impl/signal_set_service.ipp (original)
+++ trunk/boost/asio/detail/impl/signal_set_service.ipp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -146,13 +146,14 @@
}
}
-void signal_set_service::fork_service(boost::asio::io_service::fork_event event)
+void signal_set_service::fork_service(
+ boost::asio::io_service::fork_event fork_ev)
{
#if !defined(BOOST_WINDOWS) && !defined(__CYGWIN__)
signal_state* state = get_signal_state();
static_mutex::scoped_lock lock(state->mutex_);
- switch (event)
+ switch (fork_ev)
{
case boost::asio::io_service::fork_prepare:
reactor_.deregister_internal_descriptor(
@@ -179,7 +180,7 @@
break;
}
#else // !defined(BOOST_WINDOWS) && !defined(__CYGWIN__)
- (void)event;
+ (void)fork_ev;
#endif // !defined(BOOST_WINDOWS) && !defined(__CYGWIN__)
}
Modified: trunk/boost/asio/detail/impl/strand_service.ipp
==============================================================================
--- trunk/boost/asio/detail/impl/strand_service.ipp (original)
+++ trunk/boost/asio/detail/impl/strand_service.ipp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -70,7 +70,7 @@
boost::asio::detail::mutex::scoped_lock lock(mutex_);
- if (!implementations_[index])
+ if (!implementations_[index].get())
implementations_[index].reset(new strand_impl);
impl = implementations_[index].get();
}
Modified: trunk/boost/asio/detail/impl/win_iocp_io_service.ipp
==============================================================================
--- trunk/boost/asio/detail/impl/win_iocp_io_service.ipp (original)
+++ trunk/boost/asio/detail/impl/win_iocp_io_service.ipp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -90,7 +90,7 @@
{
::InterlockedExchange(&shutdown_, 1);
- if (timer_thread_)
+ if (timer_thread_.get())
{
LARGE_INTEGER timeout;
timeout.QuadPart = 1;
@@ -126,7 +126,7 @@
}
}
- if (timer_thread_)
+ if (timer_thread_.get())
timer_thread_->join();
}
@@ -456,7 +456,7 @@
&timeout, max_timeout_msec, 0, 0, FALSE);
}
- if (!timer_thread_)
+ if (!timer_thread_.get())
{
timer_thread_function thread_function = { this };
timer_thread_.reset(new thread(thread_function, 65536));
@@ -472,7 +472,7 @@
void win_iocp_io_service::update_timeout()
{
- if (timer_thread_)
+ if (timer_thread_.get())
{
// There's no point updating the waitable timer if the new timeout period
// exceeds the maximum timeout. In that case, we might as well wait for the
Modified: trunk/boost/asio/detail/kqueue_reactor.hpp
==============================================================================
--- trunk/boost/asio/detail/kqueue_reactor.hpp (original)
+++ trunk/boost/asio/detail/kqueue_reactor.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -84,7 +84,7 @@
// Recreate internal descriptors following a fork.
BOOST_ASIO_DECL void fork_service(
- boost::asio::io_service::fork_event event);
+ boost::asio::io_service::fork_event fork_ev);
// Initialise the task.
BOOST_ASIO_DECL void init_task();
Modified: trunk/boost/asio/detail/resolver_service_base.hpp
==============================================================================
--- trunk/boost/asio/detail/resolver_service_base.hpp (original)
+++ trunk/boost/asio/detail/resolver_service_base.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -16,7 +16,6 @@
#endif // defined(_MSC_VER) && (_MSC_VER >= 1200)
#include <boost/asio/detail/config.hpp>
-#include <boost/scoped_ptr.hpp>
#include <boost/asio/error.hpp>
#include <boost/asio/io_service.hpp>
#include <boost/asio/detail/mutex.hpp>
@@ -24,6 +23,7 @@
#include <boost/asio/detail/operation.hpp>
#include <boost/asio/detail/socket_ops.hpp>
#include <boost/asio/detail/socket_types.hpp>
+#include <boost/asio/detail/scoped_ptr.hpp>
#include <boost/asio/detail/thread.hpp>
#include <boost/asio/detail/push_options.hpp>
@@ -49,7 +49,8 @@
BOOST_ASIO_DECL void shutdown_service();
// Perform any fork-related housekeeping.
- BOOST_ASIO_DECL void fork_service(boost::asio::io_service::fork_event event);
+ BOOST_ASIO_DECL void fork_service(
+ boost::asio::io_service::fork_event fork_ev);
// Construct a new resolver implementation.
BOOST_ASIO_DECL void construct(implementation_type& impl);
@@ -103,16 +104,16 @@
boost::asio::detail::mutex mutex_;
// Private io_service used for performing asynchronous host resolution.
- boost::scoped_ptr<boost::asio::io_service> work_io_service_;
+ boost::asio::detail::scoped_ptr<boost::asio::io_service> work_io_service_;
// The work io_service implementation used to post completions.
io_service_impl& work_io_service_impl_;
// Work for the private io_service to perform.
- boost::scoped_ptr<boost::asio::io_service::work> work_;
+ boost::asio::detail::scoped_ptr<boost::asio::io_service::work> work_;
// Thread used for running the work io_service's run loop.
- boost::scoped_ptr<boost::asio::detail::thread> work_thread_;
+ boost::asio::detail::scoped_ptr<boost::asio::detail::thread> work_thread_;
};
} // namespace detail
Added: trunk/boost/asio/detail/scoped_ptr.hpp
==============================================================================
--- (empty file)
+++ trunk/boost/asio/detail/scoped_ptr.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -0,0 +1,81 @@
+//
+// detail/scoped_ptr.hpp
+// ~~~~~~~~~~~~~~~~~~~~~
+//
+// Copyright (c) 2003-2011 Christopher M. Kohlhoff (chris at kohlhoff dot com)
+//
+// Distributed under the Boost Software License, Version 1.0. (See accompanying
+// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
+//
+
+#ifndef BOOST_ASIO_DETAIL_SCOPED_PTR_HPP
+#define BOOST_ASIO_DETAIL_SCOPED_PTR_HPP
+
+#if defined(_MSC_VER) && (_MSC_VER >= 1200)
+# pragma once
+#endif // defined(_MSC_VER) && (_MSC_VER >= 1200)
+
+#include <boost/asio/detail/config.hpp>
+
+#include <boost/asio/detail/push_options.hpp>
+
+namespace boost {
+namespace asio {
+namespace detail {
+
+template <typename T>
+class scoped_ptr
+{
+public:
+ // Constructor.
+ explicit scoped_ptr(T* p = 0)
+ : p_(p)
+ {
+ }
+
+ // Destructor.
+ ~scoped_ptr()
+ {
+ delete p_;
+ }
+
+ // Access.
+ T* get()
+ {
+ return p_;
+ }
+
+ // Access.
+ T* operator->()
+ {
+ return p_;
+ }
+
+ // Dereference.
+ T& operator*()
+ {
+ return *p_;
+ }
+
+ // Reset pointer.
+ void reset(T* p = 0)
+ {
+ delete p_;
+ p_ = p;
+ }
+
+private:
+ // Disallow copying and assignment.
+ scoped_ptr(const scoped_ptr&);
+ scoped_ptr& operator=(const scoped_ptr&);
+
+ T* p_;
+};
+
+} // namespace detail
+} // namespace asio
+} // namespace boost
+
+#include <boost/asio/detail/pop_options.hpp>
+
+#endif // BOOST_ASIO_DETAIL_SCOPED_PTR_HPP
Modified: trunk/boost/asio/detail/select_reactor.hpp
==============================================================================
--- trunk/boost/asio/detail/select_reactor.hpp (original)
+++ trunk/boost/asio/detail/select_reactor.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -75,7 +75,7 @@
// Recreate internal descriptors following a fork.
BOOST_ASIO_DECL void fork_service(
- boost::asio::io_service::fork_event event);
+ boost::asio::io_service::fork_event fork_ev);
// Initialise the task, but only if the reactor is not in its own thread.
BOOST_ASIO_DECL void init_task();
Modified: trunk/boost/asio/detail/service_registry.hpp
==============================================================================
--- trunk/boost/asio/detail/service_registry.hpp (original)
+++ trunk/boost/asio/detail/service_registry.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -59,7 +59,7 @@
BOOST_ASIO_DECL ~service_registry();
// Notify all services of a fork event.
- BOOST_ASIO_DECL void notify_fork(boost::asio::io_service::fork_event event);
+ BOOST_ASIO_DECL void notify_fork(boost::asio::io_service::fork_event fork_ev);
// Get the service object corresponding to the specified service type. Will
// create a new service object automatically if no such object already
Modified: trunk/boost/asio/detail/shared_ptr.hpp
==============================================================================
--- trunk/boost/asio/detail/shared_ptr.hpp (original)
+++ trunk/boost/asio/detail/shared_ptr.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -17,21 +17,21 @@
#include <boost/asio/detail/config.hpp>
-#if defined(_MSC_VER) && (_MSC_VER >= 1600)
+#if defined(BOOST_ASIO_HAS_STD_SHARED_PTR)
# include <memory>
-#else
+#else // defined(BOOST_ASIO_HAS_STD_SHARED_PTR)
# include <boost/shared_ptr.hpp>
-#endif
+#endif // defined(BOOST_ASIO_HAS_STD_SHARED_PTR)
namespace boost {
namespace asio {
namespace detail {
-#if defined(_MSC_VER) && (_MSC_VER >= 1600)
+#if defined(BOOST_ASIO_HAS_STD_SHARED_PTR)
using std::shared_ptr;
-#else
+#else // defined(BOOST_ASIO_HAS_STD_SHARED_PTR)
using boost::shared_ptr;
-#endif
+#endif // defined(BOOST_ASIO_HAS_STD_SHARED_PTR)
} // namespace detail
} // namespace asio
Modified: trunk/boost/asio/detail/signal_set_service.hpp
==============================================================================
--- trunk/boost/asio/detail/signal_set_service.hpp (original)
+++ trunk/boost/asio/detail/signal_set_service.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -117,7 +117,8 @@
BOOST_ASIO_DECL void shutdown_service();
// Perform fork-related housekeeping.
- BOOST_ASIO_DECL void fork_service(boost::asio::io_service::fork_event event);
+ BOOST_ASIO_DECL void fork_service(
+ boost::asio::io_service::fork_event fork_ev);
// Construct a new signal_set implementation.
BOOST_ASIO_DECL void construct(implementation_type& impl);
Modified: trunk/boost/asio/detail/strand_service.hpp
==============================================================================
--- trunk/boost/asio/detail/strand_service.hpp (original)
+++ trunk/boost/asio/detail/strand_service.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -16,11 +16,11 @@
#endif // defined(_MSC_VER) && (_MSC_VER >= 1200)
#include <boost/asio/detail/config.hpp>
-#include <boost/scoped_ptr.hpp>
#include <boost/asio/io_service.hpp>
#include <boost/asio/detail/mutex.hpp>
#include <boost/asio/detail/op_queue.hpp>
#include <boost/asio/detail/operation.hpp>
+#include <boost/asio/detail/scoped_ptr.hpp>
#include <boost/asio/detail/push_options.hpp>
@@ -100,8 +100,8 @@
// Number of implementations shared between all strand objects.
enum { num_implementations = 193 };
- // The head of a linked list of all implementations.
- boost::scoped_ptr<strand_impl> implementations_[num_implementations];
+ // Pool of implementations.
+ scoped_ptr<strand_impl> implementations_[num_implementations];
// Extra value used when hashing to prevent recycled memory locations from
// getting the same strand implementation.
Modified: trunk/boost/asio/detail/task_io_service.hpp
==============================================================================
--- trunk/boost/asio/detail/task_io_service.hpp (original)
+++ trunk/boost/asio/detail/task_io_service.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -19,9 +19,9 @@
#if !defined(BOOST_ASIO_HAS_IOCP)
-#include <boost/detail/atomic_count.hpp>
#include <boost/system/error_code.hpp>
#include <boost/asio/io_service.hpp>
+#include <boost/asio/detail/atomic_count.hpp>
#include <boost/asio/detail/mutex.hpp>
#include <boost/asio/detail/op_queue.hpp>
#include <boost/asio/detail/reactor_fwd.hpp>
@@ -150,7 +150,7 @@
bool task_interrupted_;
// The count of unfinished work.
- boost::detail::atomic_count outstanding_work_;
+ atomic_count outstanding_work_;
// The queue of handlers that are ready to be delivered.
op_queue<operation> op_queue_;
Modified: trunk/boost/asio/detail/weak_ptr.hpp
==============================================================================
--- trunk/boost/asio/detail/weak_ptr.hpp (original)
+++ trunk/boost/asio/detail/weak_ptr.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -16,23 +16,22 @@
#endif // defined(_MSC_VER) && (_MSC_VER >= 1200)
#include <boost/asio/detail/config.hpp>
-#include <boost/version.hpp>
-#if defined(_MSC_VER) && (_MSC_VER >= 1600)
+#if defined(BOOST_ASIO_HAS_STD_SHARED_PTR)
# include <memory>
-#else
+#else // defined(BOOST_ASIO_HAS_STD_SHARED_PTR)
# include <boost/weak_ptr.hpp>
-#endif
+#endif // defined(BOOST_ASIO_HAS_STD_SHARED_PTR)
namespace boost {
namespace asio {
namespace detail {
-#if defined(_MSC_VER) && (_MSC_VER >= 1600)
+#if defined(BOOST_ASIO_HAS_STD_SHARED_PTR)
using std::weak_ptr;
-#else
+#else // defined(BOOST_ASIO_HAS_STD_SHARED_PTR)
using boost::weak_ptr;
-#endif
+#endif // defined(BOOST_ASIO_HAS_STD_SHARED_PTR)
} // namespace detail
} // namespace asio
Modified: trunk/boost/asio/detail/win_iocp_io_service.hpp
==============================================================================
--- trunk/boost/asio/detail/win_iocp_io_service.hpp (original)
+++ trunk/boost/asio/detail/win_iocp_io_service.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -20,10 +20,10 @@
#if defined(BOOST_ASIO_HAS_IOCP)
#include <boost/limits.hpp>
-#include <boost/scoped_ptr.hpp>
#include <boost/asio/io_service.hpp>
#include <boost/asio/detail/mutex.hpp>
#include <boost/asio/detail/op_queue.hpp>
+#include <boost/asio/detail/scoped_ptr.hpp>
#include <boost/asio/detail/socket_types.hpp>
#include <boost/asio/detail/timer_op.hpp>
#include <boost/asio/detail/timer_queue_base.hpp>
@@ -241,7 +241,7 @@
friend struct timer_thread_function;
// Background thread used for processing timeouts.
- boost::scoped_ptr<thread> timer_thread_;
+ scoped_ptr<thread> timer_thread_;
// A waitable timer object used for waiting for timeouts.
auto_handle waitable_timer_;
Modified: trunk/boost/asio/ip/address_v4.hpp
==============================================================================
--- trunk/boost/asio/ip/address_v4.hpp (original)
+++ trunk/boost/asio/ip/address_v4.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -17,7 +17,7 @@
#include <boost/asio/detail/config.hpp>
#include <string>
-#include <boost/array.hpp>
+#include <boost/asio/detail/array.hpp>
#include <boost/asio/detail/socket_types.hpp>
#include <boost/asio/detail/winsock_init.hpp>
#include <boost/system/error_code.hpp>
@@ -45,7 +45,15 @@
{
public:
/// The type used to represent an address as an array of bytes.
- typedef boost::array<unsigned char, 4> bytes_type;
+ /**
+ * @note This type is defined in terms of the C++0x template @c std::array
+ * when it is available. Otherwise, it uses @c boost:array.
+ */
+#if defined(GENERATING_DOCUMENTATION)
+ typedef array<unsigned char, 4> bytes_type;
+#else
+ typedef boost::asio::detail::array<unsigned char, 4> bytes_type;
+#endif
/// Default constructor.
address_v4()
Modified: trunk/boost/asio/ip/address_v6.hpp
==============================================================================
--- trunk/boost/asio/ip/address_v6.hpp (original)
+++ trunk/boost/asio/ip/address_v6.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -17,7 +17,7 @@
#include <boost/asio/detail/config.hpp>
#include <string>
-#include <boost/array.hpp>
+#include <boost/asio/detail/array.hpp>
#include <boost/asio/detail/socket_types.hpp>
#include <boost/asio/detail/winsock_init.hpp>
#include <boost/system/error_code.hpp>
@@ -46,7 +46,15 @@
{
public:
/// The type used to represent an address as an array of bytes.
- typedef boost::array<unsigned char, 16> bytes_type;
+ /**
+ * @note This type is defined in terms of the C++0x template @c std::array
+ * when it is available. Otherwise, it uses @c boost:array.
+ */
+#if defined(GENERATING_DOCUMENTATION)
+ typedef array<unsigned char, 16> bytes_type;
+#else
+ typedef boost::asio::detail::array<unsigned char, 16> bytes_type;
+#endif
/// Default constructor.
BOOST_ASIO_DECL address_v6();
Modified: trunk/boost/asio/ip/detail/impl/endpoint.ipp
==============================================================================
--- trunk/boost/asio/ip/detail/impl/endpoint.ipp (original)
+++ trunk/boost/asio/ip/detail/impl/endpoint.ipp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -91,7 +91,7 @@
data_.v6.sin6_flowinfo = 0;
boost::asio::ip::address_v6 v6_addr = addr.to_v6();
boost::asio::ip::address_v6::bytes_type bytes = v6_addr.to_bytes();
- memcpy(data_.v6.sin6_addr.s6_addr, bytes.elems, 16);
+ memcpy(data_.v6.sin6_addr.s6_addr, bytes.data(), 16);
data_.v6.sin6_scope_id = v6_addr.scope_id();
}
}
@@ -145,7 +145,11 @@
else
{
boost::asio::ip::address_v6::bytes_type bytes;
+#if defined(BOOST_ASIO_HAS_STD_ARRAY)
+ memcpy(bytes.data(), data_.v6.sin6_addr.s6_addr, 16);
+#else // defined(BOOST_ASIO_HAS_STD_ARRAY)
memcpy(bytes.elems, data_.v6.sin6_addr.s6_addr, 16);
+#endif // defined(BOOST_ASIO_HAS_STD_ARRAY)
return boost::asio::ip::address_v6(bytes, data_.v6.sin6_scope_id);
}
}
Modified: trunk/boost/asio/ip/detail/socket_option.hpp
==============================================================================
--- trunk/boost/asio/ip/detail/socket_option.hpp (original)
+++ trunk/boost/asio/ip/detail/socket_option.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -18,6 +18,7 @@
#include <boost/asio/detail/config.hpp>
#include <cstddef>
#include <cstring>
+#include <stdexcept>
#include <boost/throw_exception.hpp>
#include <boost/asio/detail/socket_ops.hpp>
#include <boost/asio/detail/socket_types.hpp>
@@ -400,7 +401,7 @@
using namespace std; // For memcpy.
boost::asio::ip::address_v6 ipv6_address = multicast_address.to_v6();
boost::asio::ip::address_v6::bytes_type bytes = ipv6_address.to_bytes();
- memcpy(ipv6_value_.ipv6mr_multiaddr.s6_addr, bytes.elems, 16);
+ memcpy(ipv6_value_.ipv6mr_multiaddr.s6_addr, bytes.data(), 16);
ipv6_value_.ipv6mr_interface = 0;
}
else
@@ -438,7 +439,7 @@
using namespace std; // For memcpy.
boost::asio::ip::address_v6::bytes_type bytes =
multicast_address.to_bytes();
- memcpy(ipv6_value_.ipv6mr_multiaddr.s6_addr, bytes.elems, 16);
+ memcpy(ipv6_value_.ipv6mr_multiaddr.s6_addr, bytes.data(), 16);
ipv6_value_.ipv6mr_interface = network_interface;
}
Modified: trunk/boost/asio/ip/impl/address_v4.ipp
==============================================================================
--- trunk/boost/asio/ip/impl/address_v4.ipp (original)
+++ trunk/boost/asio/ip/impl/address_v4.ipp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -42,7 +42,7 @@
#endif // UCHAR_MAX > 0xFF
using namespace std; // For memcpy.
- memcpy(&addr_.s_addr, bytes.elems, 4);
+ memcpy(&addr_.s_addr, bytes.data(), 4);
}
address_v4::address_v4(unsigned long addr)
@@ -62,7 +62,11 @@
{
using namespace std; // For memcpy.
bytes_type bytes;
+#if defined(BOOST_ASIO_HAS_STD_ARRAY)
+ memcpy(bytes.data(), &addr_.s_addr, 4);
+#else // defined(BOOST_ASIO_HAS_STD_ARRAY)
memcpy(bytes.elems, &addr_.s_addr, 4);
+#endif // defined(BOOST_ASIO_HAS_STD_ARRAY)
return bytes;
}
Modified: trunk/boost/asio/ip/impl/address_v6.ipp
==============================================================================
--- trunk/boost/asio/ip/impl/address_v6.ipp (original)
+++ trunk/boost/asio/ip/impl/address_v6.ipp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -53,7 +53,7 @@
#endif // UCHAR_MAX > 0xFF
using namespace std; // For memcpy.
- memcpy(addr_.s6_addr, bytes.elems, 16);
+ memcpy(addr_.s6_addr, bytes.data(), 16);
}
address_v6::address_v6(const address_v6& other)
@@ -73,7 +73,11 @@
{
using namespace std; // For memcpy.
bytes_type bytes;
+#if defined(BOOST_ASIO_HAS_STD_ARRAY)
+ memcpy(bytes.data(), addr_.s6_addr, 16);
+#else // defined(BOOST_ASIO_HAS_STD_ARRAY)
memcpy(bytes.elems, addr_.s6_addr, 16);
+#endif // defined(BOOST_ASIO_HAS_STD_ARRAY)
return bytes;
}
Modified: trunk/boost/asio/ssl.hpp
==============================================================================
--- trunk/boost/asio/ssl.hpp (original)
+++ trunk/boost/asio/ssl.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -20,8 +20,11 @@
#include <boost/asio/ssl/context_base.hpp>
#include <boost/asio/ssl/context_service.hpp>
#include <boost/asio/ssl/error.hpp>
+#include <boost/asio/ssl/rfc2818_verification.hpp>
#include <boost/asio/ssl/stream.hpp>
#include <boost/asio/ssl/stream_base.hpp>
#include <boost/asio/ssl/stream_service.hpp>
+#include <boost/asio/ssl/verify_context.hpp>
+#include <boost/asio/ssl/verify_mode.hpp>
#endif // BOOST_ASIO_SSL_HPP
Modified: trunk/boost/asio/ssl/context.hpp
==============================================================================
--- trunk/boost/asio/ssl/context.hpp (original)
+++ trunk/boost/asio/ssl/context.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -27,8 +27,12 @@
# include <boost/asio/ssl/detail/openssl_types.hpp>
# include <boost/asio/ssl/detail/openssl_init.hpp>
# include <boost/asio/ssl/detail/password_callback.hpp>
+# include <boost/asio/ssl/detail/verify_callback.hpp>
+# include <boost/asio/ssl/verify_mode.hpp>
#endif // defined(BOOST_ASIO_ENABLE_OLD_SSL)
+#include <boost/asio/detail/push_options.hpp>
+
namespace boost {
namespace asio {
namespace ssl {
@@ -48,6 +52,9 @@
/// The native handle type of the SSL context.
typedef SSL_CTX* native_handle_type;
+ /// (Deprecated: Use native_handle_type.) The native type of the SSL context.
+ typedef SSL_CTX* impl_type;
+
/// Constructor.
BOOST_ASIO_DECL explicit context(method m);
@@ -93,6 +100,15 @@
*/
BOOST_ASIO_DECL native_handle_type native_handle();
+ /// (Deprecated: Use native_handle().) Get the underlying implementation in
+ /// the native type.
+ /**
+ * This function may be used to obtain the underlying implementation of the
+ * context. This is intended to allow access to context functionality that is
+ * not otherwise provided.
+ */
+ BOOST_ASIO_DECL impl_type impl();
+
/// Set options on the context.
/**
* This function may be used to configure the SSL options used by the context.
@@ -102,6 +118,8 @@
* value for the options.
*
* @throws boost::system::system_error Thrown on failure.
+ *
+ * @note Calls @c SSL_CTX_set_options.
*/
BOOST_ASIO_DECL void set_options(options o);
@@ -114,6 +132,8 @@
* value for the options.
*
* @param ec Set to indicate what error occurred, if any.
+ *
+ * @note Calls @c SSL_CTX_set_options.
*/
BOOST_ASIO_DECL boost::system::error_code set_options(options o,
boost::system::error_code& ec);
@@ -123,10 +143,12 @@
* This function may be used to configure the peer verification mode used by
* the context.
*
- * @param v A bitmask of peer verification modes. The available verify_mode
- * values are defined in the context_base class.
+ * @param v A bitmask of peer verification modes. See @ref verify_mode for
+ * available values.
*
* @throws boost::system::system_error Thrown on failure.
+ *
+ * @note Calls @c SSL_CTX_set_verify.
*/
BOOST_ASIO_DECL void set_verify_mode(verify_mode v);
@@ -135,14 +157,59 @@
* This function may be used to configure the peer verification mode used by
* the context.
*
- * @param v A bitmask of peer verification modes. The available verify_mode
- * values are defined in the context_base class.
+ * @param v A bitmask of peer verification modes. See @ref verify_mode for
+ * available values.
*
* @param ec Set to indicate what error occurred, if any.
+ *
+ * @note Calls @c SSL_CTX_set_verify.
*/
BOOST_ASIO_DECL boost::system::error_code set_verify_mode(
verify_mode v, boost::system::error_code& ec);
+ /// Set the callback used to verify peer certificates.
+ /**
+ * This function is used to specify a callback function that will be called
+ * by the implementation when it needs to verify a peer certificate.
+ *
+ * @param callback The function object to be used for verifying a certificate.
+ * The function signature of the handler must be:
+ * @code bool verify_callback(
+ * bool preverified, // True if the certificate passed pre-verification.
+ * verify_context& ctx // The peer certificate and other context.
+ * ); @endcode
+ * The return value of the callback is true if the certificate has passed
+ * verification, false otherwise.
+ *
+ * @throws boost::system::system_error Thrown on failure.
+ *
+ * @note Calls @c SSL_CTX_set_verify.
+ */
+ template <typename VerifyCallback>
+ void set_verify_callback(VerifyCallback callback);
+
+ /// Set the callback used to verify peer certificates.
+ /**
+ * This function is used to specify a callback function that will be called
+ * by the implementation when it needs to verify a peer certificate.
+ *
+ * @param callback The function object to be used for verifying a certificate.
+ * The function signature of the handler must be:
+ * @code bool verify_callback(
+ * bool preverified, // True if the certificate passed pre-verification.
+ * verify_context& ctx // The peer certificate and other context.
+ * ); @endcode
+ * The return value of the callback is true if the certificate has passed
+ * verification, false otherwise.
+ *
+ * @param ec Set to indicate what error occurred, if any.
+ *
+ * @note Calls @c SSL_CTX_set_verify.
+ */
+ template <typename VerifyCallback>
+ boost::system::error_code set_verify_callback(VerifyCallback callback,
+ boost::system::error_code& ec);
+
/// Load a certification authority file for performing verification.
/**
* This function is used to load one or more trusted certification authorities
@@ -152,6 +219,8 @@
* certificates in PEM format.
*
* @throws boost::system::system_error Thrown on failure.
+ *
+ * @note Calls @c SSL_CTX_load_verify_locations.
*/
BOOST_ASIO_DECL void load_verify_file(const std::string& filename);
@@ -164,10 +233,39 @@
* certificates in PEM format.
*
* @param ec Set to indicate what error occurred, if any.
+ *
+ * @note Calls @c SSL_CTX_load_verify_locations.
*/
BOOST_ASIO_DECL boost::system::error_code load_verify_file(
const std::string& filename, boost::system::error_code& ec);
+ /// Configures the context to use the default directories for finding
+ /// certification authority certificates.
+ /**
+ * This function specifies that the context should use the default,
+ * system-dependent directories for locating certification authority
+ * certificates.
+ *
+ * @throws boost::system::system_error Thrown on failure.
+ *
+ * @note Calls @c SSL_CTX_set_default_verify_paths.
+ */
+ BOOST_ASIO_DECL void set_default_verify_paths();
+
+ /// Configures the context to use the default directories for finding
+ /// certification authority certificates.
+ /**
+ * This function specifies that the context should use the default,
+ * system-dependent directories for locating certification authority
+ * certificates.
+ *
+ * @param ec Set to indicate what error occurred, if any.
+ *
+ * @note Calls @c SSL_CTX_set_default_verify_paths.
+ */
+ BOOST_ASIO_DECL boost::system::error_code set_default_verify_paths(
+ boost::system::error_code& ec);
+
/// Add a directory containing certificate authority files to be used for
/// performing verification.
/**
@@ -179,6 +277,8 @@
* @param path The name of a directory containing the certificates.
*
* @throws boost::system::system_error Thrown on failure.
+ *
+ * @note Calls @c SSL_CTX_load_verify_locations.
*/
BOOST_ASIO_DECL void add_verify_path(const std::string& path);
@@ -193,6 +293,8 @@
* @param path The name of a directory containing the certificates.
*
* @param ec Set to indicate what error occurred, if any.
+ *
+ * @note Calls @c SSL_CTX_load_verify_locations.
*/
BOOST_ASIO_DECL boost::system::error_code add_verify_path(
const std::string& path, boost::system::error_code& ec);
@@ -206,6 +308,8 @@
* @param format The file format (ASN.1 or PEM).
*
* @throws boost::system::system_error Thrown on failure.
+ *
+ * @note Calls @c SSL_CTX_use_certificate_file.
*/
BOOST_ASIO_DECL void use_certificate_file(
const std::string& filename, file_format format);
@@ -219,6 +323,8 @@
* @param format The file format (ASN.1 or PEM).
*
* @param ec Set to indicate what error occurred, if any.
+ *
+ * @note Calls @c SSL_CTX_use_certificate_file.
*/
BOOST_ASIO_DECL boost::system::error_code use_certificate_file(
const std::string& filename, file_format format,
@@ -233,6 +339,8 @@
* must use the PEM format.
*
* @throws boost::system::system_error Thrown on failure.
+ *
+ * @note Calls @c SSL_CTX_use_certificate_chain_file.
*/
BOOST_ASIO_DECL void use_certificate_chain_file(const std::string& filename);
@@ -245,6 +353,8 @@
* must use the PEM format.
*
* @param ec Set to indicate what error occurred, if any.
+ *
+ * @note Calls @c SSL_CTX_use_certificate_chain_file.
*/
BOOST_ASIO_DECL boost::system::error_code use_certificate_chain_file(
const std::string& filename, boost::system::error_code& ec);
@@ -258,6 +368,8 @@
* @param format The file format (ASN.1 or PEM).
*
* @throws boost::system::system_error Thrown on failure.
+ *
+ * @note Calls @c SSL_CTX_use_PrivateKey_file.
*/
BOOST_ASIO_DECL void use_private_key_file(
const std::string& filename, file_format format);
@@ -271,6 +383,8 @@
* @param format The file format (ASN.1 or PEM).
*
* @param ec Set to indicate what error occurred, if any.
+ *
+ * @note Calls @c SSL_CTX_use_PrivateKey_file.
*/
BOOST_ASIO_DECL boost::system::error_code use_private_key_file(
const std::string& filename, file_format format,
@@ -286,6 +400,8 @@
* @param format The file format (ASN.1 or PEM).
*
* @throws boost::system::system_error Thrown on failure.
+ *
+ * @note Calls @c SSL_CTX_use_RSAPrivateKey_file.
*/
BOOST_ASIO_DECL void use_rsa_private_key_file(
const std::string& filename, file_format format);
@@ -300,6 +416,8 @@
* @param format The file format (ASN.1 or PEM).
*
* @param ec Set to indicate what error occurred, if any.
+ *
+ * @note Calls @c SSL_CTX_use_RSAPrivateKey_file.
*/
BOOST_ASIO_DECL boost::system::error_code use_rsa_private_key_file(
const std::string& filename, file_format format,
@@ -314,6 +432,8 @@
* parameters. The file must use the PEM format.
*
* @throws boost::system::system_error Thrown on failure.
+ *
+ * @note Calls @c SSL_CTX_set_tmp_dh.
*/
BOOST_ASIO_DECL void use_tmp_dh_file(const std::string& filename);
@@ -326,6 +446,8 @@
* parameters. The file must use the PEM format.
*
* @param ec Set to indicate what error occurred, if any.
+ *
+ * @note Calls @c SSL_CTX_set_tmp_dh.
*/
BOOST_ASIO_DECL boost::system::error_code use_tmp_dh_file(
const std::string& filename, boost::system::error_code& ec);
@@ -344,6 +466,8 @@
* The return value of the callback is a string containing the password.
*
* @throws boost::system::system_error Thrown on failure.
+ *
+ * @note Calls @c SSL_CTX_set_default_passwd_cb.
*/
template <typename PasswordCallback>
void set_password_callback(PasswordCallback callback);
@@ -362,12 +486,22 @@
* The return value of the callback is a string containing the password.
*
* @param ec Set to indicate what error occurred, if any.
+ *
+ * @note Calls @c SSL_CTX_set_default_passwd_cb.
*/
template <typename PasswordCallback>
boost::system::error_code set_password_callback(PasswordCallback callback,
boost::system::error_code& ec);
private:
+ // Helper function used to set a peer certificate verification callback.
+ BOOST_ASIO_DECL boost::system::error_code do_set_verify_callback(
+ detail::verify_callback_base* callback, boost::system::error_code& ec);
+
+ // Callback used when the SSL implementation wants to verify a certificate.
+ BOOST_ASIO_DECL static int verify_callback_function(
+ int preverified, X509_STORE_CTX* ctx);
+
// Helper function used to set a password callback.
BOOST_ASIO_DECL boost::system::error_code do_set_password_callback(
detail::password_callback_base* callback, boost::system::error_code& ec);
Modified: trunk/boost/asio/ssl/context_base.hpp
==============================================================================
--- trunk/boost/asio/ssl/context_base.hpp (original)
+++ trunk/boost/asio/ssl/context_base.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -106,24 +106,11 @@
pem
};
- /// Bitmask type for peer verification.
+#if !defined(GENERATING_DOCUMENTATION)
+ // The following types and constants are preserved for backward compatibility.
+ // New programs should use the equivalents of the same names that are defined
+ // in the boost::asio::ssl namespace.
typedef int verify_mode;
-
-#if defined(GENERATING_DOCUMENTATION)
- /// No verification.
- static const int verify_none = implementation_defined;
-
- /// Verify the peer.
- static const int verify_peer = implementation_defined;
-
- /// Fail verification if the peer has no certificate. Ignored unless
- /// verify_peer is set.
- static const int verify_fail_if_no_peer_cert = implementation_defined;
-
- /// Do not request client certificate on renegotiation. Ignored unless
- /// verify_peer is set.
- static const int verify_client_once = implementation_defined;
-#else
BOOST_STATIC_CONSTANT(int, verify_none = SSL_VERIFY_NONE);
BOOST_STATIC_CONSTANT(int, verify_peer = SSL_VERIFY_PEER);
BOOST_STATIC_CONSTANT(int,
Modified: trunk/boost/asio/ssl/detail/engine.hpp
==============================================================================
--- trunk/boost/asio/ssl/detail/engine.hpp (original)
+++ trunk/boost/asio/ssl/detail/engine.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -21,7 +21,9 @@
# include <boost/asio/buffer.hpp>
# include <boost/asio/detail/static_mutex.hpp>
# include <boost/asio/ssl/detail/openssl_types.hpp>
+# include <boost/asio/ssl/detail/verify_callback.hpp>
# include <boost/asio/ssl/stream_base.hpp>
+# include <boost/asio/ssl/verify_mode.hpp>
#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL)
#include <boost/asio/detail/push_options.hpp>
@@ -67,6 +69,14 @@
// Get the underlying implementation in the native type.
BOOST_ASIO_DECL SSL* native_handle();
+ // Set the peer verification mode.
+ BOOST_ASIO_DECL boost::system::error_code set_verify_mode(
+ verify_mode v, boost::system::error_code& ec);
+
+ // Set a peer certificate verification callback.
+ BOOST_ASIO_DECL boost::system::error_code set_verify_callback(
+ verify_callback_base* callback, boost::system::error_code& ec);
+
// Perform an SSL handshake using either SSL_connect (client-side) or
// SSL_accept (server-side).
BOOST_ASIO_DECL want handshake(
@@ -102,6 +112,10 @@
engine(const engine&);
engine& operator=(const engine&);
+ // Callback used when the SSL implementation wants to verify a certificate.
+ BOOST_ASIO_DECL static int verify_callback_function(
+ int preverified, X509_STORE_CTX* ctx);
+
// The SSL_accept function may not be thread safe. This mutex is used to
// protect all calls to the SSL_accept function.
BOOST_ASIO_DECL static boost::asio::detail::static_mutex& accept_mutex();
Modified: trunk/boost/asio/ssl/detail/impl/engine.ipp
==============================================================================
--- trunk/boost/asio/ssl/detail/impl/engine.ipp (original)
+++ trunk/boost/asio/ssl/detail/impl/engine.ipp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -19,6 +19,7 @@
#if !defined(BOOST_ASIO_ENABLE_OLD_SSL)
# include <boost/asio/ssl/detail/engine.hpp>
+# include <boost/asio/ssl/verify_context.hpp>
#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL)
#include <boost/asio/detail/push_options.hpp>
@@ -44,6 +45,12 @@
engine::~engine()
{
+ if (SSL_get_app_data(ssl_))
+ {
+ delete static_cast<verify_callback_base*>(SSL_get_app_data(ssl_));
+ SSL_set_app_data(ssl_, 0);
+ }
+
::BIO_free(ext_bio_);
::SSL_free(ssl_);
}
@@ -53,6 +60,53 @@
return ssl_;
}
+boost::system::error_code engine::set_verify_mode(
+ verify_mode v, boost::system::error_code& ec)
+{
+ ::SSL_set_verify(ssl_, v, ::SSL_get_verify_callback(ssl_));
+
+ ec = boost::system::error_code();
+ return ec;
+}
+
+boost::system::error_code engine::set_verify_callback(
+ verify_callback_base* callback, boost::system::error_code& ec)
+{
+ if (SSL_get_app_data(ssl_))
+ delete static_cast<verify_callback_base*>(SSL_get_app_data(ssl_));
+
+ SSL_set_app_data(ssl_, callback);
+
+ ::SSL_set_verify(ssl_, ::SSL_get_verify_mode(ssl_),
+ &engine::verify_callback_function);
+
+ ec = boost::system::error_code();
+ return ec;
+}
+
+int engine::verify_callback_function(int preverified, X509_STORE_CTX* ctx)
+{
+ if (ctx)
+ {
+ if (SSL* ssl = static_cast<SSL*>(
+ ::X509_STORE_CTX_get_ex_data(
+ ctx, ::SSL_get_ex_data_X509_STORE_CTX_idx())))
+ {
+ if (SSL_get_app_data(ssl))
+ {
+ verify_callback_base* callback =
+ static_cast<verify_callback_base*>(
+ SSL_get_app_data(ssl));
+
+ verify_context verify_ctx(ctx);
+ return callback->call(preverified != 0, verify_ctx) ? 1 : 0;
+ }
+ }
+ }
+
+ return 0;
+}
+
engine::want engine::handshake(
stream_base::handshake_type type, boost::system::error_code& ec)
{
@@ -193,7 +247,7 @@
int engine::do_accept(void*, std::size_t)
{
- boost::asio::detail::static_mutex lock(accept_mutex());
+ boost::asio::detail::static_mutex::scoped_lock lock(accept_mutex());
return ::SSL_accept(ssl_);
}
Modified: trunk/boost/asio/ssl/detail/openssl_types.hpp
==============================================================================
--- trunk/boost/asio/ssl/detail/openssl_types.hpp (original)
+++ trunk/boost/asio/ssl/detail/openssl_types.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -20,6 +20,7 @@
#include <openssl/ssl.h>
#include <openssl/engine.h>
#include <openssl/err.h>
+#include <openssl/x509v3.h>
#include <boost/asio/detail/socket_types.hpp>
#endif // BOOST_ASIO_SSL_DETAIL_OPENSSL_TYPES_HPP
Added: trunk/boost/asio/ssl/detail/verify_callback.hpp
==============================================================================
--- (empty file)
+++ trunk/boost/asio/ssl/detail/verify_callback.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -0,0 +1,70 @@
+//
+// ssl/detail/verify_callback.hpp
+// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+//
+// Copyright (c) 2003-2011 Christopher M. Kohlhoff (chris at kohlhoff dot com)
+//
+// Distributed under the Boost Software License, Version 1.0. (See accompanying
+// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
+//
+
+#ifndef BOOST_ASIO_SSL_DETAIL_VERIFY_CALLBACK_HPP
+#define BOOST_ASIO_SSL_DETAIL_VERIFY_CALLBACK_HPP
+
+#if defined(_MSC_VER) && (_MSC_VER >= 1200)
+# pragma once
+#endif // defined(_MSC_VER) && (_MSC_VER >= 1200)
+
+#include <boost/asio/detail/config.hpp>
+
+#if !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+# include <boost/asio/ssl/verify_context.hpp>
+#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+
+#include <boost/asio/detail/push_options.hpp>
+
+namespace boost {
+namespace asio {
+namespace ssl {
+namespace detail {
+
+#if !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+
+class verify_callback_base
+{
+public:
+ virtual ~verify_callback_base()
+ {
+ }
+
+ virtual bool call(bool preverified, verify_context& ctx) = 0;
+};
+
+template <typename VerifyCallback>
+class verify_callback : public verify_callback_base
+{
+public:
+ explicit verify_callback(VerifyCallback callback)
+ : callback_(callback)
+ {
+ }
+
+ virtual bool call(bool preverified, verify_context& ctx)
+ {
+ return callback_(preverified, ctx);
+ }
+
+private:
+ VerifyCallback callback_;
+};
+
+#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+
+} // namespace detail
+} // namespace ssl
+} // namespace asio
+} // namespace boost
+
+#include <boost/asio/detail/pop_options.hpp>
+
+#endif // BOOST_ASIO_SSL_DETAIL_VERIFY_CALLBACK_HPP
Modified: trunk/boost/asio/ssl/impl/context.hpp
==============================================================================
--- trunk/boost/asio/ssl/impl/context.hpp (original)
+++ trunk/boost/asio/ssl/impl/context.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -30,6 +30,22 @@
#if !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+template <typename VerifyCallback>
+void context::set_verify_callback(VerifyCallback callback)
+{
+ boost::system::error_code ec;
+ this->set_verify_callback(callback, ec);
+ boost::asio::detail::throw_error(ec, "set_verify_callback");
+}
+
+template <typename VerifyCallback>
+boost::system::error_code context::set_verify_callback(
+ VerifyCallback callback, boost::system::error_code& ec)
+{
+ return do_set_verify_callback(
+ new detail::verify_callback<VerifyCallback>(callback), ec);
+}
+
template <typename PasswordCallback>
void context::set_password_callback(PasswordCallback callback)
{
Modified: trunk/boost/asio/ssl/impl/context.ipp
==============================================================================
--- trunk/boost/asio/ssl/impl/context.ipp (original)
+++ trunk/boost/asio/ssl/impl/context.ipp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -125,6 +125,15 @@
handle_->default_passwd_callback_userdata = 0;
}
+ if (SSL_CTX_get_app_data(handle_))
+ {
+ detail::verify_callback_base* callback =
+ static_cast<detail::verify_callback_base*>(
+ SSL_CTX_get_app_data(handle_));
+ delete callback;
+ SSL_CTX_set_app_data(handle_, 0);
+ }
+
::SSL_CTX_free(handle_);
}
}
@@ -134,6 +143,11 @@
return handle_;
}
+context::impl_type context::impl()
+{
+ return handle_;
+}
+
void context::set_options(context::options o)
{
boost::system::error_code ec;
@@ -150,7 +164,7 @@
return ec;
}
-void context::set_verify_mode(context::verify_mode v)
+void context::set_verify_mode(verify_mode v)
{
boost::system::error_code ec;
set_verify_mode(v, ec);
@@ -158,9 +172,9 @@
}
boost::system::error_code context::set_verify_mode(
- context::verify_mode v, boost::system::error_code& ec)
+ verify_mode v, boost::system::error_code& ec)
{
- ::SSL_CTX_set_verify(handle_, v, 0);
+ ::SSL_CTX_set_verify(handle_, v, ::SSL_CTX_get_verify_callback(handle_));
ec = boost::system::error_code();
return ec;
@@ -187,6 +201,27 @@
return ec;
}
+void context::set_default_verify_paths()
+{
+ boost::system::error_code ec;
+ set_default_verify_paths(ec);
+ boost::asio::detail::throw_error(ec, "set_default_verify_paths");
+}
+
+boost::system::error_code context::set_default_verify_paths(
+ boost::system::error_code& ec)
+{
+ if (::SSL_CTX_set_default_verify_paths(handle_) != 1)
+ {
+ ec = boost::system::error_code(::ERR_get_error(),
+ boost::asio::error::get_ssl_category());
+ return ec;
+ }
+
+ ec = boost::system::error_code();
+ return ec;
+}
+
void context::add_verify_path(const std::string& path)
{
boost::system::error_code ec;
@@ -386,6 +421,51 @@
return ec;
}
+boost::system::error_code context::do_set_verify_callback(
+ detail::verify_callback_base* callback, boost::system::error_code& ec)
+{
+ if (SSL_CTX_get_app_data(handle_))
+ {
+ delete static_cast<detail::verify_callback_base*>(
+ SSL_CTX_get_app_data(handle_));
+ }
+
+ SSL_CTX_set_app_data(handle_, callback);
+
+ ::SSL_CTX_set_verify(handle_,
+ ::SSL_CTX_get_verify_mode(handle_),
+ &context::verify_callback_function);
+
+ ec = boost::system::error_code();
+ return ec;
+}
+
+int context::verify_callback_function(int preverified, X509_STORE_CTX* ctx)
+{
+ if (ctx)
+ {
+ if (SSL* ssl = static_cast<SSL*>(
+ ::X509_STORE_CTX_get_ex_data(
+ ctx, ::SSL_get_ex_data_X509_STORE_CTX_idx())))
+ {
+ if (SSL_CTX* handle = ::SSL_get_SSL_CTX(ssl))
+ {
+ if (SSL_CTX_get_app_data(handle))
+ {
+ detail::verify_callback_base* callback =
+ static_cast<detail::verify_callback_base*>(
+ SSL_CTX_get_app_data(handle));
+
+ verify_context verify_ctx(ctx);
+ return callback->call(preverified != 0, verify_ctx) ? 1 : 0;
+ }
+ }
+ }
+ }
+
+ return 0;
+}
+
boost::system::error_code context::do_set_password_callback(
detail::password_callback_base* callback, boost::system::error_code& ec)
{
@@ -414,8 +494,13 @@
std::string passwd = callback->call(static_cast<std::size_t>(size),
purpose ? context_base::for_writing : context_base::for_reading);
+#if BOOST_WORKAROUND(BOOST_MSVC, >= 1400) && !defined(UNDER_CE)
+ strcpy_s(buf, size, passwd.c_str());
+#else
*buf = '\0';
strncat(buf, passwd.c_str(), size);
+#endif
+
return strlen(buf);
}
Added: trunk/boost/asio/ssl/impl/rfc2818_verification.ipp
==============================================================================
--- (empty file)
+++ trunk/boost/asio/ssl/impl/rfc2818_verification.ipp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -0,0 +1,158 @@
+//
+// ssl/impl/rfc2818_verification.ipp
+// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+//
+// Copyright (c) 2003-2011 Christopher M. Kohlhoff (chris at kohlhoff dot com)
+//
+// Distributed under the Boost Software License, Version 1.0. (See accompanying
+// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
+//
+
+#ifndef BOOST_ASIO_SSL_IMPL_RFC2818_VERIFICATION_IPP
+#define BOOST_ASIO_SSL_IMPL_RFC2818_VERIFICATION_IPP
+
+#if defined(_MSC_VER) && (_MSC_VER >= 1200)
+# pragma once
+#endif // defined(_MSC_VER) && (_MSC_VER >= 1200)
+
+#include <boost/asio/detail/config.hpp>
+
+#if !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+# include <cctype>
+# include <cstring>
+# include <boost/asio/ip/address.hpp>
+# include <boost/asio/ssl/rfc2818_verification.hpp>
+# include <boost/asio/ssl/detail/openssl_types.hpp>
+#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+
+#include <boost/asio/detail/push_options.hpp>
+
+namespace boost {
+namespace asio {
+namespace ssl {
+
+#if !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+
+bool rfc2818_verification::operator()(
+ bool preverified, verify_context& ctx) const
+{
+ using namespace std; // For memcmp.
+
+ // Don't bother looking at certificates that have failed pre-verification.
+ if (!preverified)
+ return false;
+
+ // We're only interested in checking the certificate at the end of the chain.
+ int depth = X509_STORE_CTX_get_error_depth(ctx.native_handle());
+ if (depth > 0)
+ return true;
+
+ // Try converting the host name to an address. If it is an address then we
+ // need to look for an IP address in the certificate rather than a host name.
+ boost::system::error_code ec;
+ ip::address address = ip::address::from_string(host_, ec);
+ bool is_address = !ec;
+
+ X509* cert = X509_STORE_CTX_get_current_cert(ctx.native_handle());
+
+ // Go through the alternate names in the certificate looking for matching DNS
+ // or IP address entries.
+ GENERAL_NAMES* gens = static_cast<GENERAL_NAMES*>(
+ X509_get_ext_d2i(cert, NID_subject_alt_name, 0, 0));
+ for (int i = 0; i < sk_GENERAL_NAME_num(gens); ++i)
+ {
+ GENERAL_NAME* gen = sk_GENERAL_NAME_value(gens, i);
+ if (gen->type == GEN_DNS && !is_address)
+ {
+ ASN1_IA5STRING* domain = gen->d.dNSName;
+ if (domain->type == V_ASN1_IA5STRING && domain->data && domain->length)
+ {
+ const char* pattern = reinterpret_cast<const char*>(domain->data);
+ std::size_t pattern_length = domain->length;
+ if (match_pattern(pattern, pattern_length, host_.c_str()))
+ return true;
+ }
+ }
+ else if (gen->type == GEN_IPADD && is_address)
+ {
+ ASN1_OCTET_STRING* ip_address = gen->d.iPAddress;
+ if (ip_address->type == V_ASN1_OCTET_STRING && ip_address->data)
+ {
+ if (address.is_v4() && ip_address->length == 4)
+ {
+ ip::address_v4::bytes_type bytes = address.to_v4().to_bytes();
+ if (memcmp(bytes.data(), ip_address->data, 4) == 0)
+ return true;
+ }
+ else if (address.is_v6() && ip_address->length == 16)
+ {
+ ip::address_v6::bytes_type bytes = address.to_v6().to_bytes();
+ if (memcmp(bytes.data(), ip_address->data, 16) == 0)
+ return true;
+ }
+ }
+ }
+ }
+
+ // No match in the alternate names, so try the common names. We should only
+ // use the "most specific" common name, which is the last one in the list.
+ X509_NAME* name = X509_get_subject_name(cert);
+ int i = -1;
+ ASN1_STRING* common_name = 0;
+ while ((i = X509_NAME_get_index_by_NID(name, NID_commonName, i)) >= 0)
+ {
+ X509_NAME_ENTRY* name_entry = X509_NAME_get_entry(name, i);
+ common_name = X509_NAME_ENTRY_get_data(name_entry);
+ }
+ if (common_name && common_name->data && common_name->length)
+ {
+ const char* pattern = reinterpret_cast<const char*>(common_name->data);
+ std::size_t pattern_length = common_name->length;
+ if (match_pattern(pattern, pattern_length, host_.c_str()))
+ return true;
+ }
+
+ return false;
+}
+
+bool rfc2818_verification::match_pattern(const char* pattern,
+ std::size_t pattern_length, const char* host)
+{
+ using namespace std; // For tolower.
+
+ const char* p = pattern;
+ const char* p_end = p + pattern_length;
+ const char* h = host;
+
+ while (p != p_end && *h)
+ {
+ if (*p == '*')
+ {
+ ++p;
+ while (*h && *h != '.')
+ if (match_pattern(p, p_end - p, h++))
+ return true;
+ }
+ else if (tolower(*p) == tolower(*h))
+ {
+ ++p;
+ ++h;
+ }
+ else
+ {
+ return false;
+ }
+ }
+
+ return p == p_end && !*h;
+}
+
+#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+
+} // namespace ssl
+} // namespace asio
+} // namespace boost
+
+#include <boost/asio/detail/pop_options.hpp>
+
+#endif // BOOST_ASIO_SSL_IMPL_RFC2818_VERIFICATION_IPP
Modified: trunk/boost/asio/ssl/impl/src.hpp
==============================================================================
--- trunk/boost/asio/ssl/impl/src.hpp (original)
+++ trunk/boost/asio/ssl/impl/src.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -23,5 +23,6 @@
#include <boost/asio/ssl/impl/error.ipp>
#include <boost/asio/ssl/detail/impl/engine.ipp>
#include <boost/asio/ssl/detail/impl/openssl_init.ipp>
+#include <boost/asio/ssl/impl/rfc2818_verification.ipp>
#endif // BOOST_ASIO_IMPL_SRC_HPP
Modified: trunk/boost/asio/ssl/old/basic_context.hpp
==============================================================================
--- trunk/boost/asio/ssl/old/basic_context.hpp (original)
+++ trunk/boost/asio/ssl/old/basic_context.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -41,7 +41,7 @@
/// The type of the service that will be used to provide context operations.
typedef Service service_type;
- /// The native implementation type of the locking dispatcher.
+ /// The native implementation type of the SSL context.
typedef typename service_type::impl_type impl_type;
/// Constructor.
Added: trunk/boost/asio/ssl/rfc2818_verification.hpp
==============================================================================
--- (empty file)
+++ trunk/boost/asio/ssl/rfc2818_verification.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -0,0 +1,102 @@
+//
+// ssl/rfc2818_verification.hpp
+// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+//
+// Copyright (c) 2003-2011 Christopher M. Kohlhoff (chris at kohlhoff dot com)
+//
+// Distributed under the Boost Software License, Version 1.0. (See accompanying
+// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
+//
+
+#ifndef BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP
+#define BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP
+
+#if defined(_MSC_VER) && (_MSC_VER >= 1200)
+# pragma once
+#endif // defined(_MSC_VER) && (_MSC_VER >= 1200)
+
+#include <boost/asio/detail/config.hpp>
+
+#if !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+# include <string>
+# include <boost/asio/ssl/detail/openssl_types.hpp>
+# include <boost/asio/ssl/verify_context.hpp>
+#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+
+#include <boost/asio/detail/push_options.hpp>
+
+namespace boost {
+namespace asio {
+namespace ssl {
+
+#if !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+
+/// Verifies a certificate against a hostname according to the rules described
+/// in RFC 2818.
+/**
+ * @par Example
+ * The following example shows how to synchronously open a secure connection to
+ * a given host name:
+ * @code
+ * using boost::asio::ip::tcp;
+ * namespace ssl = boost::asio::ssl;
+ * typedef ssl::stream<tcp::socket> ssl_socket;
+ *
+ * // Create a context that uses the default paths for finding CA certificates.
+ * ssl::context ctx(ssl::context::sslv23);
+ * ctx.set_default_verify_paths();
+ *
+ * // Open a socket and connect it to the remote host.
+ * boost::asio::io_service io_service;
+ * ssl_socket sock(io_service, ctx);
+ * tcp::resolver resolver(io_service);
+ * tcp::resolver::query query("host.name", "https");
+ * boost::asio::connect(sock.lowest_layer(), resolver.resolve(query));
+ * sock.lowest_layer().set_option(tcp::no_delay(true));
+ *
+ * // Perform SSL handshake and verify the remote host's certificate.
+ * sock.set_verify_mode(ssl::verify_peer);
+ * sock.set_verify_callback(ssl::rfc2818_verification("host.name"));
+ * sock.handshake(ssl_socket::client);
+ *
+ * // ... read and write as normal ...
+ * @endcode
+ */
+class rfc2818_verification
+{
+public:
+ /// The type of the function object's result.
+ typedef bool result_type;
+
+ /// Constructor.
+ explicit rfc2818_verification(const std::string& host)
+ : host_(host)
+ {
+ }
+
+ /// Perform certificate verification.
+ BOOST_ASIO_DECL bool operator()(bool preverified, verify_context& ctx) const;
+
+private:
+ // Helper function to check a host name against a pattern.
+ BOOST_ASIO_DECL static bool match_pattern(const char* pattern,
+ std::size_t pattern_length, const char* host);
+
+ // Helper function to check a host name against an IPv4 address
+ // The host name to be checked.
+ std::string host_;
+};
+
+#endif // defined(BOOST_ASIO_ENABLE_OLD_SSL)
+
+} // namespace ssl
+} // namespace asio
+} // namespace boost
+
+#include <boost/asio/detail/pop_options.hpp>
+
+#if defined(BOOST_ASIO_HEADER_ONLY)
+# include <boost/asio/ssl/impl/rfc2818_verification.ipp>
+#endif // defined(BOOST_ASIO_HEADER_ONLY)
+
+#endif // BOOST_ASIO_SSL_RFC2818_VERIFICATION_HPP
Modified: trunk/boost/asio/ssl/stream.hpp
==============================================================================
--- trunk/boost/asio/ssl/stream.hpp (original)
+++ trunk/boost/asio/ssl/stream.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -77,6 +77,15 @@
/// The native handle type of the SSL stream.
typedef SSL* native_handle_type;
+ /// Structure for use with deprecated impl_type.
+ struct impl_struct
+ {
+ SSL* ssl;
+ };
+
+ /// (Deprecated: Use native_handle_type.) The underlying implementation type.
+ typedef impl_struct* impl_type;
+
/// The type of the next layer.
typedef typename boost::remove_reference<Stream>::type next_layer_type;
@@ -97,6 +106,7 @@
: next_layer_(arg),
core_(ctx.native_handle(), next_layer_.lowest_layer().get_io_service())
{
+ backwards_compatible_impl_.ssl = core_.engine_.native_handle();
}
/// Destructor.
@@ -122,12 +132,42 @@
* This function may be used to obtain the underlying implementation of the
* context. This is intended to allow access to context functionality that is
* not otherwise provided.
+ *
+ * @par Example
+ * The native_handle() function returns a pointer of type @c SSL* that is
+ * suitable for passing to functions such as @c SSL_get_verify_result and
+ * @c SSL_get_peer_certificate:
+ * @code
+ * boost::asio::ssl::stream<asio:ip::tcp::socket> sock(io_service, ctx);
+ *
+ * // ... establish connection and perform handshake ...
+ *
+ * if (X509* cert = SSL_get_peer_certificate(sock.native_handle()))
+ * {
+ * if (SSL_get_verify_result(sock.native_handle()) == X509_V_OK)
+ * {
+ * // ...
+ * }
+ * }
+ * @endcode
*/
native_handle_type native_handle()
{
return core_.engine_.native_handle();
}
+ /// (Deprecated: Use native_handle().) Get the underlying implementation in
+ /// the native type.
+ /**
+ * This function may be used to obtain the underlying implementation of the
+ * context. This is intended to allow access to stream functionality that is
+ * not otherwise provided.
+ */
+ impl_type impl()
+ {
+ return &backwards_compatible_impl_;
+ }
+
/// Get a reference to the next layer.
/**
* This function returns a reference to the next layer in a stack of stream
@@ -180,6 +220,95 @@
return next_layer_.lowest_layer();
}
+ /// Set the peer verification mode.
+ /**
+ * This function may be used to configure the peer verification mode used by
+ * the stream. The new mode will override the mode inherited from the context.
+ *
+ * @param v A bitmask of peer verification modes. See @ref verify_mode for
+ * available values.
+ *
+ * @throws boost::system::system_error Thrown on failure.
+ *
+ * @note Calls @c SSL_set_verify.
+ */
+ void set_verify_mode(verify_mode v)
+ {
+ boost::system::error_code ec;
+ set_verify_mode(v, ec);
+ boost::asio::detail::throw_error(ec, "set_verify_mode");
+ }
+
+ /// Set the peer verification mode.
+ /**
+ * This function may be used to configure the peer verification mode used by
+ * the stream. The new mode will override the mode inherited from the context.
+ *
+ * @param v A bitmask of peer verification modes. See @ref verify_mode for
+ * available values.
+ *
+ * @param ec Set to indicate what error occurred, if any.
+ *
+ * @note Calls @c SSL_set_verify.
+ */
+ boost::system::error_code set_verify_mode(
+ verify_mode v, boost::system::error_code& ec)
+ {
+ return core_.engine_.set_verify_mode(v, ec);
+ }
+
+ /// Set the callback used to verify peer certificates.
+ /**
+ * This function is used to specify a callback function that will be called
+ * by the implementation when it needs to verify a peer certificate.
+ *
+ * @param callback The function object to be used for verifying a certificate.
+ * The function signature of the handler must be:
+ * @code bool verify_callback(
+ * bool preverified, // True if the certificate passed pre-verification.
+ * verify_context& ctx // The peer certificate and other context.
+ * ); @endcode
+ * The return value of the callback is true if the certificate has passed
+ * verification, false otherwise.
+ *
+ * @throws boost::system::system_error Thrown on failure.
+ *
+ * @note Calls @c SSL_set_verify.
+ */
+ template <typename VerifyCallback>
+ void set_verify_callback(VerifyCallback callback)
+ {
+ boost::system::error_code ec;
+ this->set_verify_callback(callback, ec);
+ boost::asio::detail::throw_error(ec, "set_verify_callback");
+ }
+
+ /// Set the callback used to verify peer certificates.
+ /**
+ * This function is used to specify a callback function that will be called
+ * by the implementation when it needs to verify a peer certificate.
+ *
+ * @param callback The function object to be used for verifying a certificate.
+ * The function signature of the handler must be:
+ * @code bool verify_callback(
+ * bool preverified, // True if the certificate passed pre-verification.
+ * verify_context& ctx // The peer certificate and other context.
+ * ); @endcode
+ * The return value of the callback is true if the certificate has passed
+ * verification, false otherwise.
+ *
+ * @param ec Set to indicate what error occurred, if any.
+ *
+ * @note Calls @c SSL_set_verify.
+ */
+ template <typename VerifyCallback>
+ boost::system::error_code set_verify_callback(VerifyCallback callback,
+ boost::system::error_code& ec)
+ {
+ return core_.engine_.set_verify_callback(
+ new detail::verify_callback<VerifyCallback>(callback), ec);
+ }
+
/// Perform SSL handshaking.
/**
* This function is used to perform SSL handshaking on the stream. The
@@ -459,6 +588,7 @@
private:
Stream next_layer_;
detail::stream_core core_;
+ impl_struct backwards_compatible_impl_;
};
#endif // defined(BOOST_ASIO_ENABLE_OLD_SSL)
Added: trunk/boost/asio/ssl/verify_context.hpp
==============================================================================
--- (empty file)
+++ trunk/boost/asio/ssl/verify_context.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -0,0 +1,75 @@
+//
+// ssl/verify_context.hpp
+// ~~~~~~~~~~~~~~~~~~~~~~
+//
+// Copyright (c) 2003-2011 Christopher M. Kohlhoff (chris at kohlhoff dot com)
+//
+// Distributed under the Boost Software License, Version 1.0. (See accompanying
+// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
+//
+
+#ifndef BOOST_ASIO_SSL_VERIFY_CONTEXT_HPP
+#define BOOST_ASIO_SSL_VERIFY_CONTEXT_HPP
+
+#if defined(_MSC_VER) && (_MSC_VER >= 1200)
+# pragma once
+#endif // defined(_MSC_VER) && (_MSC_VER >= 1200)
+
+#include <boost/asio/detail/config.hpp>
+
+#if !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+# include <boost/asio/detail/noncopyable.hpp>
+# include <boost/asio/ssl/detail/openssl_types.hpp>
+#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+
+#include <boost/asio/detail/push_options.hpp>
+
+namespace boost {
+namespace asio {
+namespace ssl {
+
+#if !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+
+/// A simple wrapper around the X509_STORE_CTX type, used during verification of
+/// a peer certificate.
+/**
+ * @note The verify_context does not own the underlying X509_STORE_CTX object.
+ */
+class verify_context
+ : private noncopyable
+{
+public:
+ /// The native handle type of the verification context.
+ typedef X509_STORE_CTX* native_handle_type;
+
+ /// Constructor.
+ explicit verify_context(native_handle_type handle)
+ : handle_(handle)
+ {
+ }
+
+ /// Get the underlying implementation in the native type.
+ /**
+ * This function may be used to obtain the underlying implementation of the
+ * context. This is intended to allow access to context functionality that is
+ * not otherwise provided.
+ */
+ native_handle_type native_handle()
+ {
+ return handle_;
+ }
+
+private:
+ // The underlying native implementation.
+ native_handle_type handle_;
+};
+
+#endif // defined(BOOST_ASIO_ENABLE_OLD_SSL)
+
+} // namespace ssl
+} // namespace asio
+} // namespace boost
+
+#include <boost/asio/detail/pop_options.hpp>
+
+#endif // BOOST_ASIO_SSL_VERIFY_CONTEXT_HPP
Added: trunk/boost/asio/ssl/verify_mode.hpp
==============================================================================
--- (empty file)
+++ trunk/boost/asio/ssl/verify_mode.hpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -0,0 +1,64 @@
+//
+// ssl/verify_mode.hpp
+// ~~~~~~~~~~~~~~~~~~~
+//
+// Copyright (c) 2003-2011 Christopher M. Kohlhoff (chris at kohlhoff dot com)
+//
+// Distributed under the Boost Software License, Version 1.0. (See accompanying
+// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
+//
+
+#ifndef BOOST_ASIO_SSL_VERIFY_MODE_HPP
+#define BOOST_ASIO_SSL_VERIFY_MODE_HPP
+
+#if defined(_MSC_VER) && (_MSC_VER >= 1200)
+# pragma once
+#endif // defined(_MSC_VER) && (_MSC_VER >= 1200)
+
+#include <boost/asio/detail/config.hpp>
+#include <boost/asio/ssl/detail/openssl_types.hpp>
+
+#include <boost/asio/detail/push_options.hpp>
+
+namespace boost {
+namespace asio {
+namespace ssl {
+
+/// Bitmask type for peer verification.
+/**
+ * Possible values are:
+ * @li @ref verify_none
+ * @li @ref verify_peer
+ * @li @ref verify_fail_if_no_peer_cert
+ * @li @ref verify_client_once
+ */
+typedef int verify_mode;
+
+#if defined(GENERATING_DOCUMENTATION)
+/// No verification.
+const int verify_none = implementation_defined;
+
+/// Verify the peer.
+const int verify_peer = implementation_defined;
+
+/// Fail verification if the peer has no certificate. Ignored unless
+/// @ref verify_peer is set.
+const int verify_fail_if_no_peer_cert = implementation_defined;
+
+/// Do not request client certificate on renegotiation. Ignored unless
+/// @ref verify_peer is set.
+const int verify_client_once = implementation_defined;
+#else
+const int verify_none = SSL_VERIFY_NONE;
+const int verify_peer = SSL_VERIFY_PEER;
+const int verify_fail_if_no_peer_cert = SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
+const int verify_client_once = SSL_VERIFY_CLIENT_ONCE;
+#endif
+
+} // namespace ssl
+} // namespace asio
+} // namespace boost
+
+#include <boost/asio/detail/pop_options.hpp>
+
+#endif // BOOST_ASIO_SSL_VERIFY_MODE_HPP
Modified: trunk/libs/asio/doc/overview/ssl.qbk
==============================================================================
--- trunk/libs/asio/doc/overview/ssl.qbk (original)
+++ trunk/libs/asio/doc/overview/ssl.qbk 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -16,8 +16,8 @@
mode, certificate files, and so on. As an illustration, client-side
initialisation may look something like:
- ssl::context ctx(my_io_service, ssl::context::sslv23);
- ctx.set_verify_mode(ssl::context::verify_peer);
+ ssl::context ctx(ssl::context::sslv23);
+ ctx.set_verify_mode(ssl::verify_peer);
ctx.load_verify_file("ca.pem");
To use SSL with a TCP socket, one may write:
@@ -53,13 +53,9 @@
[heading See Also]
-[link boost_asio.reference.ssl__basic_context ssl::basic_context],
[link boost_asio.reference.ssl__context ssl::context],
-[link boost_asio.reference.ssl__context_base ssl::context_base],
-[link boost_asio.reference.ssl__context_service ssl::context_service],
+[link boost_asio.reference.ssl__rfc2818_verification ssl::rfc2818_verification],
[link boost_asio.reference.ssl__stream ssl::stream],
-[link boost_asio.reference.ssl__stream_base ssl::stream_base],
-[link boost_asio.reference.ssl__stream_service ssl::stream_service],
[link boost_asio.examples.ssl SSL example].
[heading Notes]
@@ -67,7 +63,7 @@
[@http://www.openssl.org OpenSSL] is required to make use of Boost.Asio's SSL
support. When an application needs to use OpenSSL functionality that is not
wrapped by Boost.Asio, the underlying OpenSSL types may be obtained by calling [link
-boost_asio.reference.ssl__basic_context.impl `ssl::context::impl()`] or [link
-boost_asio.reference.ssl__stream.impl `ssl::stream::impl()`].
+boost_asio.reference.ssl__context.native_handle `ssl::context::native_handle()`] or
+[link boost_asio.reference.ssl__stream.native_handle `ssl::stream::native_handle()`].
[endsect]
Modified: trunk/libs/asio/doc/quickref.xml
==============================================================================
--- trunk/libs/asio/doc/quickref.xml (original)
+++ trunk/libs/asio/doc/quickref.xml 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -304,7 +304,9 @@
<simplelist type="vert" columns="1">
<member><link linkend="boost_asio.reference.ssl__context">ssl::context</link></member>
<member><link linkend="boost_asio.reference.ssl__context_base">ssl::context_base</link></member>
+ <member><link linkend="boost_asio.reference.ssl__rfc2818_verification">ssl::rfc2818_verification</link></member>
<member><link linkend="boost_asio.reference.ssl__stream_base">ssl::stream_base</link></member>
+ <member><link linkend="boost_asio.reference.ssl__verify_context">ssl::verify_context</link></member>
</simplelist>
<bridgehead renderas="sect3">Class Templates</bridgehead>
<simplelist type="vert" columns="1">
Modified: trunk/libs/asio/doc/reference.qbk
==============================================================================
--- trunk/libs/asio/doc/reference.qbk (original)
+++ trunk/libs/asio/doc/reference.qbk 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -8670,7 +8670,7 @@
A deadline timer is always in one of two states: "expired" or "not expired". If the `wait()` or `async_wait()` function is called on an expired timer, the wait operation will complete immediately.
-Most applications will use the `boost::asio::deadline_timer` typedef.
+Most applications will use the [link boost_asio.reference.deadline_timer `deadline_timer`] typedef.
[heading Thread Safety]
@@ -23068,7 +23068,7 @@
The [link boost_asio.reference.basic_signal_set `basic_signal_set`] class template provides the ability to perform an asynchronous wait for one or more signals to occur.
-Most applications will use the `boost::asio::signal_set` typedef.
+Most applications will use the [link boost_asio.reference.signal_set `signal_set`] typedef.
[heading Thread Safety]
@@ -43050,50 +43050,95 @@
template<
typename PodType,
- typename Allocator>
+ std::size_t N>
mutable_buffers_1 ``[link boost_asio.reference.buffer.overload17 buffer]``(
- std::vector< PodType, Allocator > & data);
+ std::array< PodType, N > & data);
`` [''''»''' [link boost_asio.reference.buffer.overload17 more...]]``
template<
typename PodType,
- typename Allocator>
+ std::size_t N>
mutable_buffers_1 ``[link boost_asio.reference.buffer.overload18 buffer]``(
- std::vector< PodType, Allocator > & data,
+ std::array< PodType, N > & data,
std::size_t max_size_in_bytes);
`` [''''»''' [link boost_asio.reference.buffer.overload18 more...]]``
template<
typename PodType,
- typename Allocator>
+ std::size_t N>
const_buffers_1 ``[link boost_asio.reference.buffer.overload19 buffer]``(
- const std::vector< PodType, Allocator > & data);
+ std::array< const PodType, N > & data);
`` [''''»''' [link boost_asio.reference.buffer.overload19 more...]]``
template<
typename PodType,
- typename Allocator>
+ std::size_t N>
const_buffers_1 ``[link boost_asio.reference.buffer.overload20 buffer]``(
- const std::vector< PodType, Allocator > & data,
+ std::array< const PodType, N > & data,
std::size_t max_size_in_bytes);
`` [''''»''' [link boost_asio.reference.buffer.overload20 more...]]``
template<
+ typename PodType,
+ std::size_t N>
+ const_buffers_1 ``[link boost_asio.reference.buffer.overload21 buffer]``(
+ const std::array< PodType, N > & data);
+ `` [''''»''' [link boost_asio.reference.buffer.overload21 more...]]``
+
+ template<
+ typename PodType,
+ std::size_t N>
+ const_buffers_1 ``[link boost_asio.reference.buffer.overload22 buffer]``(
+ const std::array< PodType, N > & data,
+ std::size_t max_size_in_bytes);
+ `` [''''»''' [link boost_asio.reference.buffer.overload22 more...]]``
+
+ template<
+ typename PodType,
+ typename Allocator>
+ mutable_buffers_1 ``[link boost_asio.reference.buffer.overload23 buffer]``(
+ std::vector< PodType, Allocator > & data);
+ `` [''''»''' [link boost_asio.reference.buffer.overload23 more...]]``
+
+ template<
+ typename PodType,
+ typename Allocator>
+ mutable_buffers_1 ``[link boost_asio.reference.buffer.overload24 buffer]``(
+ std::vector< PodType, Allocator > & data,
+ std::size_t max_size_in_bytes);
+ `` [''''»''' [link boost_asio.reference.buffer.overload24 more...]]``
+
+ template<
+ typename PodType,
+ typename Allocator>
+ const_buffers_1 ``[link boost_asio.reference.buffer.overload25 buffer]``(
+ const std::vector< PodType, Allocator > & data);
+ `` [''''»''' [link boost_asio.reference.buffer.overload25 more...]]``
+
+ template<
+ typename PodType,
+ typename Allocator>
+ const_buffers_1 ``[link boost_asio.reference.buffer.overload26 buffer]``(
+ const std::vector< PodType, Allocator > & data,
+ std::size_t max_size_in_bytes);
+ `` [''''»''' [link boost_asio.reference.buffer.overload26 more...]]``
+
+ template<
typename Elem,
typename Traits,
typename Allocator>
- const_buffers_1 ``[link boost_asio.reference.buffer.overload21 buffer]``(
+ const_buffers_1 ``[link boost_asio.reference.buffer.overload27 buffer]``(
const std::basic_string< Elem, Traits, Allocator > & data);
- `` [''''»''' [link boost_asio.reference.buffer.overload21 more...]]``
+ `` [''''»''' [link boost_asio.reference.buffer.overload27 more...]]``
template<
typename Elem,
typename Traits,
typename Allocator>
- const_buffers_1 ``[link boost_asio.reference.buffer.overload22 buffer]``(
+ const_buffers_1 ``[link boost_asio.reference.buffer.overload28 buffer]``(
const std::basic_string< Elem, Traits, Allocator > & data,
std::size_t max_size_in_bytes);
- `` [''''»''' [link boost_asio.reference.buffer.overload22 more...]]``
+ `` [''''»''' [link boost_asio.reference.buffer.overload28 more...]]``
A buffer object represents a contiguous region of memory as a 2-tuple consisting of a pointer and size in bytes. A tuple of the form `{void*, size_t}` specifies a mutable (modifiable) region of memory. Similarly, a tuple of the form `{const void*, size_t}` specifies a const (non-modifiable) region of memory. These two forms correspond to the classes [link boost_asio.reference.mutable_buffer `mutable_buffer`] and [link boost_asio.reference.const_buffer `const_buffer`], respectively. To mirror C++'s conversion rules, a [link boost_asio.reference.mutable_buffer `mutable_buffer`] is implicitly convertible to a [link boost_asio.reference.const_buffer `const_buffer`], and the opposite conversion is not permitted.
@@ -43253,7 +43298,7 @@
[*Convenience header: ][^boost/asio.hpp]
-[section:overload1 buffer (1 of 22 overloads)]
+[section:overload1 buffer (1 of 28 overloads)]
Create a new modifiable buffer from an existing buffer.
@@ -43275,7 +43320,7 @@
-[section:overload2 buffer (2 of 22 overloads)]
+[section:overload2 buffer (2 of 28 overloads)]
Create a new modifiable buffer from an existing buffer.
@@ -43305,7 +43350,7 @@
-[section:overload3 buffer (3 of 22 overloads)]
+[section:overload3 buffer (3 of 28 overloads)]
Create a new non-modifiable buffer from an existing buffer.
@@ -43327,7 +43372,7 @@
-[section:overload4 buffer (4 of 22 overloads)]
+[section:overload4 buffer (4 of 28 overloads)]
Create a new non-modifiable buffer from an existing buffer.
@@ -43357,7 +43402,7 @@
-[section:overload5 buffer (5 of 22 overloads)]
+[section:overload5 buffer (5 of 28 overloads)]
Create a new modifiable buffer that represents the given memory range.
@@ -43380,7 +43425,7 @@
-[section:overload6 buffer (6 of 22 overloads)]
+[section:overload6 buffer (6 of 28 overloads)]
Create a new non-modifiable buffer that represents the given memory range.
@@ -43403,7 +43448,7 @@
-[section:overload7 buffer (7 of 22 overloads)]
+[section:overload7 buffer (7 of 28 overloads)]
Create a new modifiable buffer that represents the given POD array.
@@ -43435,7 +43480,7 @@
-[section:overload8 buffer (8 of 22 overloads)]
+[section:overload8 buffer (8 of 28 overloads)]
Create a new modifiable buffer that represents the given POD array.
@@ -43468,7 +43513,7 @@
-[section:overload9 buffer (9 of 22 overloads)]
+[section:overload9 buffer (9 of 28 overloads)]
Create a new non-modifiable buffer that represents the given POD array.
@@ -43500,7 +43545,7 @@
-[section:overload10 buffer (10 of 22 overloads)]
+[section:overload10 buffer (10 of 28 overloads)]
Create a new non-modifiable buffer that represents the given POD array.
@@ -43533,7 +43578,7 @@
-[section:overload11 buffer (11 of 22 overloads)]
+[section:overload11 buffer (11 of 28 overloads)]
Create a new modifiable buffer that represents the given POD array.
@@ -43565,7 +43610,7 @@
-[section:overload12 buffer (12 of 22 overloads)]
+[section:overload12 buffer (12 of 28 overloads)]
Create a new modifiable buffer that represents the given POD array.
@@ -43598,7 +43643,7 @@
-[section:overload13 buffer (13 of 22 overloads)]
+[section:overload13 buffer (13 of 28 overloads)]
Create a new non-modifiable buffer that represents the given POD array.
@@ -43630,7 +43675,7 @@
-[section:overload14 buffer (14 of 22 overloads)]
+[section:overload14 buffer (14 of 28 overloads)]
Create a new non-modifiable buffer that represents the given POD array.
@@ -43663,7 +43708,7 @@
-[section:overload15 buffer (15 of 22 overloads)]
+[section:overload15 buffer (15 of 28 overloads)]
Create a new non-modifiable buffer that represents the given POD array.
@@ -43695,7 +43740,7 @@
-[section:overload16 buffer (16 of 22 overloads)]
+[section:overload16 buffer (16 of 28 overloads)]
Create a new non-modifiable buffer that represents the given POD array.
@@ -43728,7 +43773,202 @@
-[section:overload17 buffer (17 of 22 overloads)]
+[section:overload17 buffer (17 of 28 overloads)]
+
+
+Create a new modifiable buffer that represents the given POD array.
+
+
+ template<
+ typename PodType,
+ std::size_t N>
+ mutable_buffers_1 buffer(
+ std::array< PodType, N > & data);
+
+
+
+[heading Return Value]
+
+A [link boost_asio.reference.mutable_buffers_1 `mutable_buffers_1`] value equivalent to:
+
+ mutable_buffers_1(
+ data.data(),
+ data.size() * sizeof(PodType));
+
+
+
+
+
+
+
+[endsect]
+
+
+
+[section:overload18 buffer (18 of 28 overloads)]
+
+
+Create a new modifiable buffer that represents the given POD array.
+
+
+ template<
+ typename PodType,
+ std::size_t N>
+ mutable_buffers_1 buffer(
+ std::array< PodType, N > & data,
+ std::size_t max_size_in_bytes);
+
+
+
+[heading Return Value]
+
+A [link boost_asio.reference.mutable_buffers_1 `mutable_buffers_1`] value equivalent to:
+
+ mutable_buffers_1(
+ data.data(),
+ min(data.size() * sizeof(PodType), max_size_in_bytes));
+
+
+
+
+
+
+
+[endsect]
+
+
+
+[section:overload19 buffer (19 of 28 overloads)]
+
+
+Create a new non-modifiable buffer that represents the given POD array.
+
+
+ template<
+ typename PodType,
+ std::size_t N>
+ const_buffers_1 buffer(
+ std::array< const PodType, N > & data);
+
+
+
+[heading Return Value]
+
+A [link boost_asio.reference.const_buffers_1 `const_buffers_1`] value equivalent to:
+
+ const_buffers_1(
+ data.data(),
+ data.size() * sizeof(PodType));
+
+
+
+
+
+
+
+[endsect]
+
+
+
+[section:overload20 buffer (20 of 28 overloads)]
+
+
+Create a new non-modifiable buffer that represents the given POD array.
+
+
+ template<
+ typename PodType,
+ std::size_t N>
+ const_buffers_1 buffer(
+ std::array< const PodType, N > & data,
+ std::size_t max_size_in_bytes);
+
+
+
+[heading Return Value]
+
+A [link boost_asio.reference.const_buffers_1 `const_buffers_1`] value equivalent to:
+
+ const_buffers_1(
+ data.data(),
+ min(data.size() * sizeof(PodType), max_size_in_bytes));
+
+
+
+
+
+
+
+[endsect]
+
+
+
+[section:overload21 buffer (21 of 28 overloads)]
+
+
+Create a new non-modifiable buffer that represents the given POD array.
+
+
+ template<
+ typename PodType,
+ std::size_t N>
+ const_buffers_1 buffer(
+ const std::array< PodType, N > & data);
+
+
+
+[heading Return Value]
+
+A [link boost_asio.reference.const_buffers_1 `const_buffers_1`] value equivalent to:
+
+ const_buffers_1(
+ data.data(),
+ data.size() * sizeof(PodType));
+
+
+
+
+
+
+
+[endsect]
+
+
+
+[section:overload22 buffer (22 of 28 overloads)]
+
+
+Create a new non-modifiable buffer that represents the given POD array.
+
+
+ template<
+ typename PodType,
+ std::size_t N>
+ const_buffers_1 buffer(
+ const std::array< PodType, N > & data,
+ std::size_t max_size_in_bytes);
+
+
+
+[heading Return Value]
+
+A [link boost_asio.reference.const_buffers_1 `const_buffers_1`] value equivalent to:
+
+ const_buffers_1(
+ data.data(),
+ min(data.size() * sizeof(PodType), max_size_in_bytes));
+
+
+
+
+
+
+
+[endsect]
+
+
+
+[section:overload23 buffer (23 of 28 overloads)]
Create a new modifiable buffer that represents the given POD vector.
@@ -43765,7 +44005,7 @@
-[section:overload18 buffer (18 of 22 overloads)]
+[section:overload24 buffer (24 of 28 overloads)]
Create a new modifiable buffer that represents the given POD vector.
@@ -43803,7 +44043,7 @@
-[section:overload19 buffer (19 of 22 overloads)]
+[section:overload25 buffer (25 of 28 overloads)]
Create a new non-modifiable buffer that represents the given POD vector.
@@ -43840,7 +44080,7 @@
-[section:overload20 buffer (20 of 22 overloads)]
+[section:overload26 buffer (26 of 28 overloads)]
Create a new non-modifiable buffer that represents the given POD vector.
@@ -43878,7 +44118,7 @@
-[section:overload21 buffer (21 of 22 overloads)]
+[section:overload27 buffer (27 of 28 overloads)]
Create a new non-modifiable buffer that represents the given string.
@@ -43909,7 +44149,7 @@
-[section:overload22 buffer (22 of 22 overloads)]
+[section:overload28 buffer (28 of 28 overloads)]
Create a new non-modifiable buffer that represents the given string.
@@ -51254,7 +51494,7 @@
A deadline timer is always in one of two states: "expired" or "not expired". If the `wait()` or `async_wait()` function is called on an expired timer, the wait operation will complete immediately.
-Most applications will use the `boost::asio::deadline_timer` typedef.
+Most applications will use the [link boost_asio.reference.deadline_timer `deadline_timer`] typedef.
[heading Thread Safety]
@@ -52694,7 +52934,7 @@
* `boost::asio::ip::udp::socket`
-* `boost::asio::deadline_timer`.
+* [link boost_asio.reference.deadline_timer `deadline_timer`].
The [link boost_asio.reference.io_service `io_service`] class also includes facilities intended for developers of custom asynchronous services.
@@ -55345,7 +55585,14 @@
The type used to represent an address as an array of bytes.
- typedef boost::array< unsigned char, 4 > bytes_type;
+ typedef array< unsigned char, 4 > bytes_type;
+
+
+
+
+[heading Remarks]
+
+This type is defined in terms of the C++0x template `std::array` when it is available. Otherwise, it uses `boost:array`.
@@ -56127,7 +56374,14 @@
The type used to represent an address as an array of bytes.
- typedef boost::array< unsigned char, 16 > bytes_type;
+ typedef array< unsigned char, 16 > bytes_type;
+
+
+
+
+[heading Remarks]
+
+This type is defined in terms of the C++0x template `std::array` when it is available. Otherwise, it uses `boost:array`.
@@ -78401,7 +78655,7 @@
The [link boost_asio.reference.basic_signal_set `basic_signal_set`] class template provides the ability to perform an asynchronous wait for one or more signals to occur.
-Most applications will use the `boost::asio::signal_set` typedef.
+Most applications will use the [link boost_asio.reference.signal_set `signal_set`] typedef.
[heading Thread Safety]
@@ -80502,6 +80756,13 @@
[
+ [[link boost_asio.reference.ssl__context.impl_type [*impl_type]]]
+ [(Deprecated: Use native_handle_type.) The native type of the SSL context. ]
+
+ ]
+
+ [
+
[[link boost_asio.reference.ssl__context.method [*method]]]
[Different methods supported by a context. ]
@@ -80528,13 +80789,6 @@
]
- [
-
- [[link boost_asio.reference.ssl__context.verify_mode [*verify_mode]]]
- [Bitmask type for peer verification. ]
-
- ]
-
]
[heading Member Functions]
@@ -80556,6 +80810,11 @@
]
[
+ [[link boost_asio.reference.ssl__context.impl [*impl]]]
+ [(Deprecated: Use native_handle().) Get the underlying implementation in the native type. ]
+ ]
+
+ [
[[link boost_asio.reference.ssl__context.load_verify_file [*load_verify_file]]]
[Load a certification authority file for performing verification. ]
]
@@ -80571,6 +80830,11 @@
]
[
+ [[link boost_asio.reference.ssl__context.set_default_verify_paths [*set_default_verify_paths]]]
+ [Configures the context to use the default directories for finding certification authority certificates. ]
+ ]
+
+ [
[[link boost_asio.reference.ssl__context.set_options [*set_options]]]
[Set options on the context. ]
]
@@ -80581,6 +80845,11 @@
]
[
+ [[link boost_asio.reference.ssl__context.set_verify_callback [*set_verify_callback]]]
+ [Set the callback used to verify peer certificates. ]
+ ]
+
+ [
[[link boost_asio.reference.ssl__context.set_verify_mode [*set_verify_mode]]]
[Set the peer verification mode. ]
]
@@ -80646,26 +80915,6 @@
[Always create a new key when using tmp_dh parameters. ]
]
- [
- [[link boost_asio.reference.ssl__context.verify_client_once [*verify_client_once]]]
- [Do not request client certificate on renegotiation. Ignored unless verify_peer is set. ]
- ]
-
- [
- [[link boost_asio.reference.ssl__context.verify_fail_if_no_peer_cert [*verify_fail_if_no_peer_cert]]]
- [Fail verification if the peer has no certificate. Ignored unless verify_peer is set. ]
- ]
-
- [
- [[link boost_asio.reference.ssl__context.verify_none [*verify_none]]]
- [No verification. ]
- ]
-
- [
- [[link boost_asio.reference.ssl__context.verify_peer [*verify_peer]]]
- [Verify the peer. ]
- ]
-
]
[heading Requirements]
@@ -80718,11 +80967,16 @@
[variablelist
-[[boost::system::system_error][Thrown on failure. ]]
+[[boost::system::system_error][Thrown on failure.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_load_verify_locations`.
+
+
[endsect]
@@ -80750,11 +81004,16 @@
[[path][The name of a directory containing the certificates.]]
-[[ec][Set to indicate what error occurred, if any. ]]
+[[ec][Set to indicate what error occurred, if any.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_load_verify_locations`.
+
+
[endsect]
@@ -80907,6 +81166,43 @@
[endsect]
+
+[section:impl ssl::context::impl]
+
+[indexterm2 impl..ssl::context]
+(Deprecated: Use `native_handle()`.) Get the underlying implementation in the native type.
+
+
+ impl_type impl();
+
+
+This function may be used to obtain the underlying implementation of the context. This is intended to allow access to context functionality that is not otherwise provided.
+
+
+[endsect]
+
+
+
+[section:impl_type ssl::context::impl_type]
+
+[indexterm2 impl_type..ssl::context]
+(Deprecated: Use native\_handle\_type.) The native type of the SSL context.
+
+
+ typedef SSL_CTX * impl_type;
+
+
+
+[heading Requirements]
+
+[*Header: ][^boost/asio/ssl/context.hpp]
+
+[*Convenience header: ][^boost/asio/ssl.hpp]
+
+
+[endsect]
+
+
[section:load_verify_file ssl::context::load_verify_file]
[indexterm2 load_verify_file..ssl::context]
@@ -80951,11 +81247,16 @@
[variablelist
-[[boost::system::system_error][Thrown on failure. ]]
+[[boost::system::system_error][Thrown on failure.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_load_verify_locations`.
+
+
[endsect]
@@ -80983,11 +81284,16 @@
[[filename][The name of a file containing certification authority certificates in PEM format.]]
-[[ec][Set to indicate what error occurred, if any. ]]
+[[ec][Set to indicate what error occurred, if any.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_load_verify_locations`.
+
+
[endsect]
@@ -81258,6 +81564,88 @@
[endsect]
+[section:set_default_verify_paths ssl::context::set_default_verify_paths]
+
+[indexterm2 set_default_verify_paths..ssl::context]
+Configures the context to use the default directories for finding certification authority certificates.
+
+
+ void ``[link boost_asio.reference.ssl__context.set_default_verify_paths.overload1 set_default_verify_paths]``();
+ `` [''''»''' [link boost_asio.reference.ssl__context.set_default_verify_paths.overload1 more...]]``
+
+ boost::system::error_code ``[link boost_asio.reference.ssl__context.set_default_verify_paths.overload2 set_default_verify_paths]``(
+ boost::system::error_code & ec);
+ `` [''''»''' [link boost_asio.reference.ssl__context.set_default_verify_paths.overload2 more...]]``
+
+
+[section:overload1 ssl::context::set_default_verify_paths (1 of 2 overloads)]
+
+
+Configures the context to use the default directories for finding certification authority certificates.
+
+
+ void set_default_verify_paths();
+
+
+This function specifies that the context should use the default, system-dependent directories for locating certification authority certificates.
+
+
+[heading Exceptions]
+
+
+[variablelist
+
+[[boost::system::system_error][Thrown on failure.]]
+
+]
+
+
+[heading Remarks]
+
+Calls `SSL_CTX_set_default_verify_paths`.
+
+
+
+
+[endsect]
+
+
+
+[section:overload2 ssl::context::set_default_verify_paths (2 of 2 overloads)]
+
+
+Configures the context to use the default directories for finding certification authority certificates.
+
+
+ boost::system::error_code set_default_verify_paths(
+ boost::system::error_code & ec);
+
+
+This function specifies that the context should use the default, system-dependent directories for locating certification authority certificates.
+
+
+[heading Parameters]
+
+
+[variablelist
+
+[[ec][Set to indicate what error occurred, if any.]]
+
+]
+
+
+[heading Remarks]
+
+Calls `SSL_CTX_set_default_verify_paths`.
+
+
+
+
+[endsect]
+
+
+[endsect]
+
[section:set_options ssl::context::set_options]
[indexterm2 set_options..ssl::context]
@@ -81302,11 +81690,16 @@
[variablelist
-[[boost::system::system_error][Thrown on failure. ]]
+[[boost::system::system_error][Thrown on failure.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_set_options`.
+
+
[endsect]
@@ -81334,11 +81727,16 @@
[[o][A bitmask of options. The available option values are defined in the [link boost_asio.reference.ssl__context_base `ssl::context_base`] class. The options are bitwise-ored with any existing value for the options.]]
-[[ec][Set to indicate what error occurred, if any. ]]
+[[ec][Set to indicate what error occurred, if any.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_set_options`.
+
+
[endsect]
@@ -81403,11 +81801,16 @@
[variablelist
-[[boost::system::system_error][Thrown on failure. ]]
+[[boost::system::system_error][Thrown on failure.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_set_default_passwd_cb`.
+
+
[endsect]
@@ -81444,11 +81847,16 @@
``
The return value of the callback is a string containing the password.]]
-[[ec][Set to indicate what error occurred, if any. ]]
+[[ec][Set to indicate what error occurred, if any.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_set_default_passwd_cb`.
+
+
[endsect]
@@ -81456,33 +81864,39 @@
[endsect]
-[section:set_verify_mode ssl::context::set_verify_mode]
+[section:set_verify_callback ssl::context::set_verify_callback]
-[indexterm2 set_verify_mode..ssl::context]
-Set the peer verification mode.
+[indexterm2 set_verify_callback..ssl::context]
+Set the callback used to verify peer certificates.
- void ``[link boost_asio.reference.ssl__context.set_verify_mode.overload1 set_verify_mode]``(
- verify_mode v);
- `` [''''»''' [link boost_asio.reference.ssl__context.set_verify_mode.overload1 more...]]``
+ template<
+ typename VerifyCallback>
+ void ``[link boost_asio.reference.ssl__context.set_verify_callback.overload1 set_verify_callback]``(
+ VerifyCallback callback);
+ `` [''''»''' [link boost_asio.reference.ssl__context.set_verify_callback.overload1 more...]]``
- boost::system::error_code ``[link boost_asio.reference.ssl__context.set_verify_mode.overload2 set_verify_mode]``(
- verify_mode v,
+ template<
+ typename VerifyCallback>
+ boost::system::error_code ``[link boost_asio.reference.ssl__context.set_verify_callback.overload2 set_verify_callback]``(
+ VerifyCallback callback,
boost::system::error_code & ec);
- `` [''''»''' [link boost_asio.reference.ssl__context.set_verify_mode.overload2 more...]]``
+ `` [''''»''' [link boost_asio.reference.ssl__context.set_verify_callback.overload2 more...]]``
-[section:overload1 ssl::context::set_verify_mode (1 of 2 overloads)]
+[section:overload1 ssl::context::set_verify_callback (1 of 2 overloads)]
-Set the peer verification mode.
+Set the callback used to verify peer certificates.
- void set_verify_mode(
- verify_mode v);
+ template<
+ typename VerifyCallback>
+ void set_verify_callback(
+ VerifyCallback callback);
-This function may be used to configure the peer verification mode used by the context.
+This function is used to specify a callback function that will be called by the implementation when it needs to verify a peer certificate.
[heading Parameters]
@@ -81490,7 +81904,14 @@
[variablelist
-[[v][A bitmask of peer verification modes. The available verify\_mode values are defined in the [link boost_asio.reference.ssl__context_base `ssl::context_base`] class.]]
+[[callback][The function object to be used for verifying a certificate. The function signature of the handler must be:
+``
+ bool verify_callback(
+ bool preverified, // True if the certificate passed pre-verification.
+ verify_context& ctx // The peer certificate and other context.
+ );
+``
+The return value of the callback is true if the certificate has passed verification, false otherwise.]]
]
@@ -81500,29 +81921,36 @@
[variablelist
-[[boost::system::system_error][Thrown on failure. ]]
+[[boost::system::system_error][Thrown on failure.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_set_verify`.
+
+
[endsect]
-[section:overload2 ssl::context::set_verify_mode (2 of 2 overloads)]
+[section:overload2 ssl::context::set_verify_callback (2 of 2 overloads)]
-Set the peer verification mode.
+Set the callback used to verify peer certificates.
- boost::system::error_code set_verify_mode(
- verify_mode v,
+ template<
+ typename VerifyCallback>
+ boost::system::error_code set_verify_callback(
+ VerifyCallback callback,
boost::system::error_code & ec);
-This function may be used to configure the peer verification mode used by the context.
+This function is used to specify a callback function that will be called by the implementation when it needs to verify a peer certificate.
[heading Parameters]
@@ -81530,61 +81958,59 @@
[variablelist
-[[v][A bitmask of peer verification modes. The available verify\_mode values are defined in the [link boost_asio.reference.ssl__context_base `ssl::context_base`] class.]]
+[[callback][The function object to be used for verifying a certificate. The function signature of the handler must be:
+``
+ bool verify_callback(
+ bool preverified, // True if the certificate passed pre-verification.
+ verify_context& ctx // The peer certificate and other context.
+ );
+``
+The return value of the callback is true if the certificate has passed verification, false otherwise.]]
-[[ec][Set to indicate what error occurred, if any. ]]
+[[ec][Set to indicate what error occurred, if any.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_set_verify`.
-[endsect]
[endsect]
-[section:single_dh_use ssl::context::single_dh_use]
-
-[indexterm2 single_dh_use..ssl::context]
-Always create a new key when using tmp\_dh parameters.
-
-
- static const int single_dh_use = implementation_defined;
-
-
-
[endsect]
+[section:set_verify_mode ssl::context::set_verify_mode]
-[section:use_certificate_chain_file ssl::context::use_certificate_chain_file]
-
-[indexterm2 use_certificate_chain_file..ssl::context]
-Use a certificate chain from a file.
+[indexterm2 set_verify_mode..ssl::context]
+Set the peer verification mode.
- void ``[link boost_asio.reference.ssl__context.use_certificate_chain_file.overload1 use_certificate_chain_file]``(
- const std::string & filename);
- `` [''''»''' [link boost_asio.reference.ssl__context.use_certificate_chain_file.overload1 more...]]``
+ void ``[link boost_asio.reference.ssl__context.set_verify_mode.overload1 set_verify_mode]``(
+ verify_mode v);
+ `` [''''»''' [link boost_asio.reference.ssl__context.set_verify_mode.overload1 more...]]``
- boost::system::error_code ``[link boost_asio.reference.ssl__context.use_certificate_chain_file.overload2 use_certificate_chain_file]``(
- const std::string & filename,
+ boost::system::error_code ``[link boost_asio.reference.ssl__context.set_verify_mode.overload2 set_verify_mode]``(
+ verify_mode v,
boost::system::error_code & ec);
- `` [''''»''' [link boost_asio.reference.ssl__context.use_certificate_chain_file.overload2 more...]]``
+ `` [''''»''' [link boost_asio.reference.ssl__context.set_verify_mode.overload2 more...]]``
-[section:overload1 ssl::context::use_certificate_chain_file (1 of 2 overloads)]
+[section:overload1 ssl::context::set_verify_mode (1 of 2 overloads)]
-Use a certificate chain from a file.
+Set the peer verification mode.
- void use_certificate_chain_file(
- const std::string & filename);
+ void set_verify_mode(
+ verify_mode v);
-This function is used to load a certificate chain into the context from a file.
+This function may be used to configure the peer verification mode used by the context.
[heading Parameters]
@@ -81592,7 +82018,7 @@
[variablelist
-[[filename][The name of the file containing the certificate. The file must use the PEM format.]]
+[[v][A bitmask of peer verification modes. See [link boost_asio.reference.ssl__verify_mode `ssl::verify_mode`] for available values.]]
]
@@ -81602,26 +82028,98 @@
[variablelist
-[[boost::system::system_error][Thrown on failure. ]]
+[[boost::system::system_error][Thrown on failure.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_set_verify`.
-[endsect]
+[endsect]
-[section:overload2 ssl::context::use_certificate_chain_file (2 of 2 overloads)]
-Use a certificate chain from a file.
+[section:overload2 ssl::context::set_verify_mode (2 of 2 overloads)]
- boost::system::error_code use_certificate_chain_file(
- const std::string & filename,
- boost::system::error_code & ec);
+Set the peer verification mode.
+
+
+ boost::system::error_code set_verify_mode(
+ verify_mode v,
+ boost::system::error_code & ec);
+
+
+This function may be used to configure the peer verification mode used by the context.
+
+
+[heading Parameters]
+
+
+[variablelist
+
+[[v][A bitmask of peer verification modes. See [link boost_asio.reference.ssl__verify_mode `ssl::verify_mode`] for available values.]]
+
+[[ec][Set to indicate what error occurred, if any.]]
+
+]
+
+
+[heading Remarks]
+
+Calls `SSL_CTX_set_verify`.
+
+
+
+
+[endsect]
+
+
+[endsect]
+
+
+[section:single_dh_use ssl::context::single_dh_use]
+
+[indexterm2 single_dh_use..ssl::context]
+Always create a new key when using tmp\_dh parameters.
+
+
+ static const int single_dh_use = implementation_defined;
+
+
+
+[endsect]
+
+
+[section:use_certificate_chain_file ssl::context::use_certificate_chain_file]
+
+[indexterm2 use_certificate_chain_file..ssl::context]
+Use a certificate chain from a file.
+
+
+ void ``[link boost_asio.reference.ssl__context.use_certificate_chain_file.overload1 use_certificate_chain_file]``(
+ const std::string & filename);
+ `` [''''»''' [link boost_asio.reference.ssl__context.use_certificate_chain_file.overload1 more...]]``
+
+ boost::system::error_code ``[link boost_asio.reference.ssl__context.use_certificate_chain_file.overload2 use_certificate_chain_file]``(
+ const std::string & filename,
+ boost::system::error_code & ec);
+ `` [''''»''' [link boost_asio.reference.ssl__context.use_certificate_chain_file.overload2 more...]]``
+
+
+[section:overload1 ssl::context::use_certificate_chain_file (1 of 2 overloads)]
+
+
+Use a certificate chain from a file.
+
+
+ void use_certificate_chain_file(
+ const std::string & filename);
This function is used to load a certificate chain into the context from a file.
@@ -81634,11 +82132,61 @@
[[filename][The name of the file containing the certificate. The file must use the PEM format.]]
-[[ec][Set to indicate what error occurred, if any. ]]
+]
+
+
+[heading Exceptions]
+
+
+[variablelist
+
+[[boost::system::system_error][Thrown on failure.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_use_certificate_chain_file`.
+
+
+
+
+[endsect]
+
+
+
+[section:overload2 ssl::context::use_certificate_chain_file (2 of 2 overloads)]
+
+
+Use a certificate chain from a file.
+
+
+ boost::system::error_code use_certificate_chain_file(
+ const std::string & filename,
+ boost::system::error_code & ec);
+
+
+This function is used to load a certificate chain into the context from a file.
+
+
+[heading Parameters]
+
+
+[variablelist
+
+[[filename][The name of the file containing the certificate. The file must use the PEM format.]]
+
+[[ec][Set to indicate what error occurred, if any.]]
+
+]
+
+
+[heading Remarks]
+
+Calls `SSL_CTX_use_certificate_chain_file`.
+
+
[endsect]
@@ -81695,11 +82243,16 @@
[variablelist
-[[boost::system::system_error][Thrown on failure. ]]
+[[boost::system::system_error][Thrown on failure.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_use_certificate_file`.
+
+
[endsect]
@@ -81730,11 +82283,16 @@
[[format][The file format (ASN.1 or PEM).]]
-[[ec][Set to indicate what error occurred, if any. ]]
+[[ec][Set to indicate what error occurred, if any.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_use_certificate_file`.
+
+
[endsect]
@@ -81791,11 +82349,16 @@
[variablelist
-[[boost::system::system_error][Thrown on failure. ]]
+[[boost::system::system_error][Thrown on failure.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_use_PrivateKey_file`.
+
+
[endsect]
@@ -81826,11 +82389,16 @@
[[format][The file format (ASN.1 or PEM).]]
-[[ec][Set to indicate what error occurred, if any. ]]
+[[ec][Set to indicate what error occurred, if any.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_use_PrivateKey_file`.
+
+
[endsect]
@@ -81887,11 +82455,16 @@
[variablelist
-[[boost::system::system_error][Thrown on failure. ]]
+[[boost::system::system_error][Thrown on failure.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_use_RSAPrivateKey_file`.
+
+
[endsect]
@@ -81922,11 +82495,16 @@
[[format][The file format (ASN.1 or PEM).]]
-[[ec][Set to indicate what error occurred, if any. ]]
+[[ec][Set to indicate what error occurred, if any.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_use_RSAPrivateKey_file`.
+
+
[endsect]
@@ -81978,11 +82556,16 @@
[variablelist
-[[boost::system::system_error][Thrown on failure. ]]
+[[boost::system::system_error][Thrown on failure.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_set_tmp_dh`.
+
+
[endsect]
@@ -82010,96 +82593,24 @@
[[filename][The name of the file containing the Diffie-Hellman parameters. The file must use the PEM format.]]
-[[ec][Set to indicate what error occurred, if any. ]]
+[[ec][Set to indicate what error occurred, if any.]]
]
+[heading Remarks]
+
+Calls `SSL_CTX_set_tmp_dh`.
-[endsect]
-
-
-[endsect]
-
-
-[section:verify_client_once ssl::context::verify_client_once]
-
-[indexterm2 verify_client_once..ssl::context]
-Do not request client certificate on renegotiation. Ignored unless verify\_peer is set.
-
-
- static const int verify_client_once = implementation_defined;
-
-
-
-[endsect]
-
-
-
-[section:verify_fail_if_no_peer_cert ssl::context::verify_fail_if_no_peer_cert]
-
-[indexterm2 verify_fail_if_no_peer_cert..ssl::context]
-Fail verification if the peer has no certificate. Ignored unless verify\_peer is set.
-
-
- static const int verify_fail_if_no_peer_cert = implementation_defined;
-
-
-
-[endsect]
-
-
-
-[section:verify_mode ssl::context::verify_mode]
-
-[indexterm2 verify_mode..ssl::context]
-Bitmask type for peer verification.
-
-
- typedef int verify_mode;
-
-
-
-[heading Requirements]
-
-[*Header: ][^boost/asio/ssl/context.hpp]
-
-[*Convenience header: ][^boost/asio/ssl.hpp]
-
-
-[endsect]
-
-
-
-[section:verify_none ssl::context::verify_none]
-
-[indexterm2 verify_none..ssl::context]
-No verification.
-
-
- static const int verify_none = implementation_defined;
-
[endsect]
-
-[section:verify_peer ssl::context::verify_peer]
-
-[indexterm2 verify_peer..ssl::context]
-Verify the peer.
-
-
- static const int verify_peer = implementation_defined;
-
-
-
[endsect]
-
[section:_context ssl::context::~context]
[indexterm2 ~context..ssl::context]
@@ -82157,13 +82668,6 @@
]
- [
-
- [[link boost_asio.reference.ssl__context_base.verify_mode [*verify_mode]]]
- [Bitmask type for peer verification. ]
-
- ]
-
]
[heading Protected Member Functions]
@@ -82206,26 +82710,6 @@
[Always create a new key when using tmp_dh parameters. ]
]
- [
- [[link boost_asio.reference.ssl__context_base.verify_client_once [*verify_client_once]]]
- [Do not request client certificate on renegotiation. Ignored unless verify_peer is set. ]
- ]
-
- [
- [[link boost_asio.reference.ssl__context_base.verify_fail_if_no_peer_cert [*verify_fail_if_no_peer_cert]]]
- [Fail verification if the peer has no certificate. Ignored unless verify_peer is set. ]
- ]
-
- [
- [[link boost_asio.reference.ssl__context_base.verify_none [*verify_none]]]
- [No verification. ]
- ]
-
- [
- [[link boost_asio.reference.ssl__context_base.verify_peer [*verify_peer]]]
- [Verify the peer. ]
- ]
-
]
[heading Requirements]
@@ -82482,13 +82966,13 @@
-[section:verify_client_once ssl::context_base::verify_client_once]
+[section:_context_base ssl::context_base::~context_base]
-[indexterm2 verify_client_once..ssl::context_base]
-Do not request client certificate on renegotiation. Ignored unless verify\_peer is set.
+[indexterm2 ~context_base..ssl::context_base]
+Protected destructor to prevent deletion through this type.
- static const int verify_client_once = implementation_defined;
+ ~context_base();
@@ -82496,76 +82980,131 @@
-[section:verify_fail_if_no_peer_cert ssl::context_base::verify_fail_if_no_peer_cert]
+[endsect]
-[indexterm2 verify_fail_if_no_peer_cert..ssl::context_base]
-Fail verification if the peer has no certificate. Ignored unless verify\_peer is set.
+[section:ssl__rfc2818_verification ssl::rfc2818_verification]
- static const int verify_fail_if_no_peer_cert = implementation_defined;
+Verifies a certificate against a hostname according to the rules described in RFC 2818.
+ class rfc2818_verification
-[endsect]
+[heading Types]
+[table
+ [[Name][Description]]
+
+ [
+
+ [[link boost_asio.reference.ssl__rfc2818_verification.result_type [*result_type]]]
+ [The type of the function object's result. ]
+
+ ]
+]
-[section:verify_mode ssl::context_base::verify_mode]
+[heading Member Functions]
+[table
+ [[Name][Description]]
+
+ [
+ [[link boost_asio.reference.ssl__rfc2818_verification.operator_lp__rp_ [*operator()]]]
+ [Perform certificate verification. ]
+ ]
+
+ [
+ [[link boost_asio.reference.ssl__rfc2818_verification.rfc2818_verification [*rfc2818_verification]]]
+ [Constructor. ]
+ ]
+
+]
+
+
+[heading Example]
+
+The following example shows how to synchronously open a secure connection to a given host name:
+
+ using boost::asio::ip::tcp;
+ namespace ssl = boost::asio::ssl;
+ typedef ssl::stream<tcp::socket> ssl_socket;
+
+ // Create a context that uses the default paths for finding CA certificates.
+ ssl::context ctx(ssl::context::sslv23);
+ ctx.set_default_verify_paths();
+
+ // Open a socket and connect it to the remote host.
+ boost::asio::io_service io_service;
+ ssl_socket sock(io_service, ctx);
+ tcp::resolver resolver(io_service);
+ tcp::resolver::query query("host.name", "https");
+ boost::asio::connect(sock.lowest_layer(), resolver.resolve(query));
+ sock.lowest_layer().set_option(tcp::no_delay(true));
+
+ // Perform SSL handshake and verify the remote host's certificate.
+ sock.set_verify_mode(ssl::verify_peer);
+ sock.set_verify_callback(ssl::rfc2818_verification("host.name"));
+ sock.handshake(ssl_socket::client);
+
+ // ... read and write as normal ...
-[indexterm2 verify_mode..ssl::context_base]
-Bitmask type for peer verification.
- typedef int verify_mode;
[heading Requirements]
-[*Header: ][^boost/asio/ssl/context_base.hpp]
+[*Header: ][^boost/asio/ssl/rfc2818_verification.hpp]
[*Convenience header: ][^boost/asio/ssl.hpp]
-[endsect]
+[section:operator_lp__rp_ ssl::rfc2818_verification::operator()]
+[indexterm2 operator()..ssl::rfc2818_verification]
+Perform certificate verification.
-[section:verify_none ssl::context_base::verify_none]
+ bool operator()(
+ bool preverified,
+ verify_context & ctx) const;
-[indexterm2 verify_none..ssl::context_base]
-No verification.
- static const int verify_none = implementation_defined;
+[endsect]
-[endsect]
+[section:result_type ssl::rfc2818_verification::result_type]
+[indexterm2 result_type..ssl::rfc2818_verification]
+The type of the function object's result.
-[section:verify_peer ssl::context_base::verify_peer]
+ typedef bool result_type;
-[indexterm2 verify_peer..ssl::context_base]
-Verify the peer.
- static const int verify_peer = implementation_defined;
+[heading Requirements]
+[*Header: ][^boost/asio/ssl/rfc2818_verification.hpp]
+
+[*Convenience header: ][^boost/asio/ssl.hpp]
[endsect]
-[section:_context_base ssl::context_base::~context_base]
+[section:rfc2818_verification ssl::rfc2818_verification::rfc2818_verification]
-[indexterm2 ~context_base..ssl::context_base]
-Protected destructor to prevent deletion through this type.
+[indexterm2 rfc2818_verification..ssl::rfc2818_verification]
+Constructor.
- ~context_base();
+ rfc2818_verification(
+ const std::string & host);
@@ -82594,6 +83133,13 @@
[
+ [[link boost_asio.reference.ssl__stream__impl_struct [*impl_struct]]]
+ [Structure for use with deprecated impl_type. ]
+
+ ]
+
+ [
+
[[link boost_asio.reference.ssl__stream.handshake_type [*handshake_type]]]
[Different handshake types. ]
@@ -82601,6 +83147,13 @@
[
+ [[link boost_asio.reference.ssl__stream.impl_type [*impl_type]]]
+ [(Deprecated: Use native_handle_type.) The underlying implementation type. ]
+
+ ]
+
+ [
+
[[link boost_asio.reference.ssl__stream.lowest_layer_type [*lowest_layer_type]]]
[The type of the lowest layer. ]
@@ -82657,6 +83210,11 @@
]
[
+ [[link boost_asio.reference.ssl__stream.impl [*impl]]]
+ [(Deprecated: Use native_handle().) Get the underlying implementation in the native type. ]
+ ]
+
+ [
[[link boost_asio.reference.ssl__stream.lowest_layer [*lowest_layer]]]
[Get a reference to the lowest layer. ]
]
@@ -82677,6 +83235,16 @@
]
[
+ [[link boost_asio.reference.ssl__stream.set_verify_callback [*set_verify_callback]]]
+ [Set the callback used to verify peer certificates. ]
+ ]
+
+ [
+ [[link boost_asio.reference.ssl__stream.set_verify_mode [*set_verify_mode]]]
+ [Set the peer verification mode. ]
+ ]
+
+ [
[[link boost_asio.reference.ssl__stream.shutdown [*shutdown]]]
[Shut down SSL on the stream. ]
]
@@ -83042,6 +83610,43 @@
[endsect]
+
+[section:impl ssl::stream::impl]
+
+[indexterm2 impl..ssl::stream]
+(Deprecated: Use `native_handle()`.) Get the underlying implementation in the native type.
+
+
+ impl_type impl();
+
+
+This function may be used to obtain the underlying implementation of the context. This is intended to allow access to stream functionality that is not otherwise provided.
+
+
+[endsect]
+
+
+
+[section:impl_type ssl::stream::impl_type]
+
+[indexterm2 impl_type..ssl::stream]
+(Deprecated: Use native\_handle\_type.) The underlying implementation type.
+
+
+ typedef impl_struct * impl_type;
+
+
+
+[heading Requirements]
+
+[*Header: ][^boost/asio/ssl/stream.hpp]
+
+[*Convenience header: ][^boost/asio/ssl.hpp]
+
+
+[endsect]
+
+
[section:lowest_layer ssl::stream::lowest_layer]
[indexterm2 lowest_layer..ssl::stream]
@@ -83133,7 +83738,29 @@
native_handle_type native_handle();
-This function may be used to obtain the underlying implementation of the context. This is intended to allow access to context functionality that is not otherwise provided.
+This function may be used to obtain the underlying implementation of the context. This is intended to allow access to context functionality that is not otherwise provided.
+
+
+[heading Example]
+
+The `native_handle()` function returns a pointer of type `SSL*` that is suitable for passing to functions such as `SSL_get_verify_result` and `SSL_get_peer_certificate:`
+
+ boost::asio::ssl::stream<asio:ip::tcp::socket> sock(io_service, ctx);
+
+ // ... establish connection and perform handshake ...
+
+ if (X509* cert = SSL_get_peer_certificate(sock.native_handle()))
+ {
+ if (SSL_get_verify_result(sock.native_handle()) == X509_V_OK)
+ {
+ // ...
+ }
+ }
+
+
+
+
+
[endsect]
@@ -83357,6 +83984,224 @@
[endsect]
+[section:set_verify_callback ssl::stream::set_verify_callback]
+
+[indexterm2 set_verify_callback..ssl::stream]
+Set the callback used to verify peer certificates.
+
+
+ template<
+ typename VerifyCallback>
+ void ``[link boost_asio.reference.ssl__stream.set_verify_callback.overload1 set_verify_callback]``(
+ VerifyCallback callback);
+ `` [''''»''' [link boost_asio.reference.ssl__stream.set_verify_callback.overload1 more...]]``
+
+ template<
+ typename VerifyCallback>
+ boost::system::error_code ``[link boost_asio.reference.ssl__stream.set_verify_callback.overload2 set_verify_callback]``(
+ VerifyCallback callback,
+ boost::system::error_code & ec);
+ `` [''''»''' [link boost_asio.reference.ssl__stream.set_verify_callback.overload2 more...]]``
+
+
+[section:overload1 ssl::stream::set_verify_callback (1 of 2 overloads)]
+
+
+Set the callback used to verify peer certificates.
+
+
+ template<
+ typename VerifyCallback>
+ void set_verify_callback(
+ VerifyCallback callback);
+
+
+This function is used to specify a callback function that will be called by the implementation when it needs to verify a peer certificate.
+
+
+[heading Parameters]
+
+
+[variablelist
+
+[[callback][The function object to be used for verifying a certificate. The function signature of the handler must be:
+``
+ bool verify_callback(
+ bool preverified, // True if the certificate passed pre-verification.
+ verify_context& ctx // The peer certificate and other context.
+ );
+``
+The return value of the callback is true if the certificate has passed verification, false otherwise.]]
+
+]
+
+
+[heading Exceptions]
+
+
+[variablelist
+
+[[boost::system::system_error][Thrown on failure.]]
+
+]
+
+
+[heading Remarks]
+
+Calls `SSL_set_verify`.
+
+
+
+
+[endsect]
+
+
+
+[section:overload2 ssl::stream::set_verify_callback (2 of 2 overloads)]
+
+
+Set the callback used to verify peer certificates.
+
+
+ template<
+ typename VerifyCallback>
+ boost::system::error_code set_verify_callback(
+ VerifyCallback callback,
+ boost::system::error_code & ec);
+
+
+This function is used to specify a callback function that will be called by the implementation when it needs to verify a peer certificate.
+
+
+[heading Parameters]
+
+
+[variablelist
+
+[[callback][The function object to be used for verifying a certificate. The function signature of the handler must be:
+``
+ bool verify_callback(
+ bool preverified, // True if the certificate passed pre-verification.
+ verify_context& ctx // The peer certificate and other context.
+ );
+``
+The return value of the callback is true if the certificate has passed verification, false otherwise.]]
+
+[[ec][Set to indicate what error occurred, if any.]]
+
+]
+
+
+[heading Remarks]
+
+Calls `SSL_set_verify`.
+
+
+
+
+[endsect]
+
+
+[endsect]
+
+[section:set_verify_mode ssl::stream::set_verify_mode]
+
+[indexterm2 set_verify_mode..ssl::stream]
+Set the peer verification mode.
+
+
+ void ``[link boost_asio.reference.ssl__stream.set_verify_mode.overload1 set_verify_mode]``(
+ verify_mode v);
+ `` [''''»''' [link boost_asio.reference.ssl__stream.set_verify_mode.overload1 more...]]``
+
+ boost::system::error_code ``[link boost_asio.reference.ssl__stream.set_verify_mode.overload2 set_verify_mode]``(
+ verify_mode v,
+ boost::system::error_code & ec);
+ `` [''''»''' [link boost_asio.reference.ssl__stream.set_verify_mode.overload2 more...]]``
+
+
+[section:overload1 ssl::stream::set_verify_mode (1 of 2 overloads)]
+
+
+Set the peer verification mode.
+
+
+ void set_verify_mode(
+ verify_mode v);
+
+
+This function may be used to configure the peer verification mode used by the stream. The new mode will override the mode inherited from the context.
+
+
+[heading Parameters]
+
+
+[variablelist
+
+[[v][A bitmask of peer verification modes. See [link boost_asio.reference.ssl__verify_mode `ssl::verify_mode`] for available values.]]
+
+]
+
+
+[heading Exceptions]
+
+
+[variablelist
+
+[[boost::system::system_error][Thrown on failure.]]
+
+]
+
+
+[heading Remarks]
+
+Calls `SSL_set_verify`.
+
+
+
+
+[endsect]
+
+
+
+[section:overload2 ssl::stream::set_verify_mode (2 of 2 overloads)]
+
+
+Set the peer verification mode.
+
+
+ boost::system::error_code set_verify_mode(
+ verify_mode v,
+ boost::system::error_code & ec);
+
+
+This function may be used to configure the peer verification mode used by the stream. The new mode will override the mode inherited from the context.
+
+
+[heading Parameters]
+
+
+[variablelist
+
+[[v][A bitmask of peer verification modes. See [link boost_asio.reference.ssl__verify_mode `ssl::verify_mode`] for available values.]]
+
+[[ec][Set to indicate what error occurred, if any.]]
+
+]
+
+
+[heading Remarks]
+
+Calls `SSL_set_verify`.
+
+
+
+
+[endsect]
+
+
+[endsect]
+
[section:shutdown ssl::stream::shutdown]
[indexterm2 shutdown..ssl::stream]
@@ -83596,6 +84441,47 @@
[endsect]
+[section:ssl__stream__impl_struct ssl::stream::impl_struct]
+
+
+Structure for use with deprecated impl\_type.
+
+
+ struct impl_struct
+
+
+[heading Data Members]
+[table
+ [[Name][Description]]
+
+ [
+ [[link boost_asio.reference.ssl__stream__impl_struct.ssl [*ssl]]]
+ []
+ ]
+
+]
+
+[heading Requirements]
+
+[*Header: ][^boost/asio/ssl/stream.hpp]
+
+[*Convenience header: ][^boost/asio/ssl.hpp]
+
+
+[section:ssl ssl::stream::impl_struct::ssl]
+
+[indexterm2 ssl..ssl::stream::impl_struct]
+
+ SSL * ssl;
+
+
+
+[endsect]
+
+
+
+[endsect]
+
[section:ssl__stream_base ssl::stream_base]
@@ -83685,6 +84571,225 @@
[endsect]
+[section:ssl__verify_client_once ssl::verify_client_once]
+
+[indexterm1 ssl::verify_client_once]
+Do not request client certificate on renegotiation. Ignored unless [link boost_asio.reference.ssl__verify_peer `ssl::verify_peer`] is set.
+
+
+ const int verify_client_once = implementation_defined;
+
+
+[heading Requirements]
+
+[*Header: ][^boost/asio/ssl/verify_mode.hpp]
+
+[*Convenience header: ][^boost/asio/ssl.hpp]
+
+
+[endsect]
+
+
+[section:ssl__verify_context ssl::verify_context]
+
+
+A simple wrapper around the X509\_STORE\_CTX type, used during verification of a peer certificate.
+
+
+ class verify_context :
+ noncopyable
+
+
+[heading Types]
+[table
+ [[Name][Description]]
+
+ [
+
+ [[link boost_asio.reference.ssl__verify_context.native_handle_type [*native_handle_type]]]
+ [The native handle type of the verification context. ]
+
+ ]
+
+]
+
+[heading Member Functions]
+[table
+ [[Name][Description]]
+
+ [
+ [[link boost_asio.reference.ssl__verify_context.native_handle [*native_handle]]]
+ [Get the underlying implementation in the native type. ]
+ ]
+
+ [
+ [[link boost_asio.reference.ssl__verify_context.verify_context [*verify_context]]]
+ [Constructor. ]
+ ]
+
+]
+
+
+[heading Remarks]
+
+The [link boost_asio.reference.ssl__verify_context `ssl::verify_context`] does not own the underlying X509\_STORE\_CTX object.
+
+
+
+[heading Requirements]
+
+[*Header: ][^boost/asio/ssl/verify_context.hpp]
+
+[*Convenience header: ][^boost/asio/ssl.hpp]
+
+
+[section:native_handle ssl::verify_context::native_handle]
+
+[indexterm2 native_handle..ssl::verify_context]
+Get the underlying implementation in the native type.
+
+
+ native_handle_type native_handle();
+
+
+This function may be used to obtain the underlying implementation of the context. This is intended to allow access to context functionality that is not otherwise provided.
+
+
+[endsect]
+
+
+
+[section:native_handle_type ssl::verify_context::native_handle_type]
+
+[indexterm2 native_handle_type..ssl::verify_context]
+The native handle type of the verification context.
+
+
+ typedef X509_STORE_CTX * native_handle_type;
+
+
+
+[heading Requirements]
+
+[*Header: ][^boost/asio/ssl/verify_context.hpp]
+
+[*Convenience header: ][^boost/asio/ssl.hpp]
+
+
+[endsect]
+
+
+
+[section:verify_context ssl::verify_context::verify_context]
+
+[indexterm2 verify_context..ssl::verify_context]
+Constructor.
+
+
+ verify_context(
+ native_handle_type handle);
+
+
+
+[endsect]
+
+
+
+[endsect]
+
+
+[section:ssl__verify_fail_if_no_peer_cert ssl::verify_fail_if_no_peer_cert]
+
+[indexterm1 ssl::verify_fail_if_no_peer_cert]
+Fail verification if the peer has no certificate. Ignored unless [link boost_asio.reference.ssl__verify_peer `ssl::verify_peer`] is set.
+
+
+ const int verify_fail_if_no_peer_cert = implementation_defined;
+
+
+[heading Requirements]
+
+[*Header: ][^boost/asio/ssl/verify_mode.hpp]
+
+[*Convenience header: ][^boost/asio/ssl.hpp]
+
+
+[endsect]
+
+
+
+[section:ssl__verify_mode ssl::verify_mode]
+
+[indexterm1 ssl::verify_mode]
+Bitmask type for peer verification.
+
+
+ typedef int verify_mode;
+
+
+
+Possible values are:
+* [link boost_asio.reference.ssl__verify_none `ssl::verify_none`]
+
+* [link boost_asio.reference.ssl__verify_peer `ssl::verify_peer`]
+
+* [link boost_asio.reference.ssl__verify_fail_if_no_peer_cert `ssl::verify_fail_if_no_peer_cert`]
+
+* [link boost_asio.reference.ssl__verify_client_once `ssl::verify_client_once`]
+
+
+
+[heading Requirements]
+
+[*Header: ][^boost/asio/ssl/verify_mode.hpp]
+
+[*Convenience header: ][^boost/asio/ssl.hpp]
+
+
+[endsect]
+
+
+
+[section:ssl__verify_none ssl::verify_none]
+
+[indexterm1 ssl::verify_none]
+No verification.
+
+
+ const int verify_none = implementation_defined;
+
+
+[heading Requirements]
+
+[*Header: ][^boost/asio/ssl/verify_mode.hpp]
+
+[*Convenience header: ][^boost/asio/ssl.hpp]
+
+
+[endsect]
+
+
+
+[section:ssl__verify_peer ssl::verify_peer]
+
+[indexterm1 ssl::verify_peer]
+Verify the peer.
+
+
+ const int verify_peer = implementation_defined;
+
+
+[heading Requirements]
+
+[*Header: ][^boost/asio/ssl/verify_mode.hpp]
+
+[*Convenience header: ][^boost/asio/ssl.hpp]
+
+
+[endsect]
+
+
+
[section:strand strand]
[indexterm1 strand]
Modified: trunk/libs/asio/doc/reference.xsl
==============================================================================
--- trunk/libs/asio/doc/reference.xsl (original)
+++ trunk/libs/asio/doc/reference.xsl 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -251,6 +251,18 @@
select="concat(substring-before($name, ']'), '_rb_', substring-after($name, ']'))"/>
</xsl:call-template>
</xsl:when>
+ <xsl:when test="contains($name, '(')">
+ <xsl:call-template name="make-id">
+ <xsl:with-param name="name"
+ select="concat(substring-before($name, '('), '_lp_', substring-after($name, '('))"/>
+ </xsl:call-template>
+ </xsl:when>
+ <xsl:when test="contains($name, ')')">
+ <xsl:call-template name="make-id">
+ <xsl:with-param name="name"
+ select="concat(substring-before($name, ')'), '_rp_', substring-after($name, ')'))"/>
+ </xsl:call-template>
+ </xsl:when>
<xsl:when test="contains($name, '+')">
<xsl:call-template name="make-id">
<xsl:with-param name="name"
@@ -639,16 +651,66 @@
<xsl:template match="ref[@kindref='member']" mode="markup">
- <xsl:text>`</xsl:text>
- <xsl:value-of select="."/>
- <xsl:text>`</xsl:text>
+ <xsl:variable name="dox-ref-id" select="@refid"/>
+ <xsl:variable name="memberdefs" select="/doxygen//compounddef/sectiondef/memberdef[@id=$dox-ref-id]"/>
+ <xsl:choose>
+ <xsl:when test="contains(@refid, 'namespaceboost_1_1asio') and count($memberdefs) > 0">
+ <xsl:variable name="dox-compound-name" select="($memberdefs)[1]/../../compoundname"/>
+ <xsl:variable name="dox-name" select="($memberdefs)[1]/name"/>
+ <xsl:variable name="ref-name">
+ <xsl:call-template name="strip-asio-ns">
+ <xsl:with-param name="name" select="concat($dox-compound-name,'::',$dox-name)"/>
+ </xsl:call-template>
+ </xsl:variable>
+ <xsl:variable name="ref-id">
+ <xsl:call-template name="make-id">
+ <xsl:with-param name="name" select="$ref-name"/>
+ </xsl:call-template>
+ </xsl:variable>
+ <xsl:text>[link boost_asio.reference.</xsl:text>
+ <xsl:value-of select="$ref-id"/>
+ <xsl:text> `</xsl:text>
+ <xsl:value-of name="text" select="$ref-name"/>
+ <xsl:text>`]</xsl:text>
+ </xsl:when>
+ <xsl:otherwise>
+ <xsl:text>`</xsl:text>
+ <xsl:value-of select="."/>
+ <xsl:text>`</xsl:text>
+ </xsl:otherwise>
+ </xsl:choose>
</xsl:template>
<xsl:template match="ref[@kindref='member']" mode="markup-nested">
- <xsl:text>`</xsl:text>
- <xsl:value-of select="."/>
- <xsl:text>`</xsl:text>
+ <xsl:variable name="dox-ref-id" select="@refid"/>
+ <xsl:variable name="memberdefs" select="/doxygen//compounddef/sectiondef/memberdef[@id=$dox-ref-id]"/>
+ <xsl:choose>
+ <xsl:when test="contains(@refid, 'namespaceboost_1_1asio') and count($memberdefs) > 0">
+ <xsl:variable name="dox-compound-name" select="($memberdefs)[1]/../../compoundname"/>
+ <xsl:variable name="dox-name" select="($memberdefs)[1]/name"/>
+ <xsl:variable name="ref-name">
+ <xsl:call-template name="strip-asio-ns">
+ <xsl:with-param name="name" select="concat($dox-compound-name,'::',$dox-name)"/>
+ </xsl:call-template>
+ </xsl:variable>
+ <xsl:variable name="ref-id">
+ <xsl:call-template name="make-id">
+ <xsl:with-param name="name" select="$ref-name"/>
+ </xsl:call-template>
+ </xsl:variable>
+ <xsl:text>[link boost_asio.reference.</xsl:text>
+ <xsl:value-of select="$ref-id"/>
+ <xsl:text> `</xsl:text>
+ <xsl:value-of name="text" select="$ref-name"/>
+ <xsl:text>`]</xsl:text>
+ </xsl:when>
+ <xsl:otherwise>
+ <xsl:text>`</xsl:text>
+ <xsl:value-of select="."/>
+ <xsl:text>`</xsl:text>
+ </xsl:otherwise>
+ </xsl:choose>
</xsl:template>
@@ -1344,6 +1406,9 @@
<xsl:when test="declname = 'Traits'">
<xsl:value-of select="declname"/>
</xsl:when>
+ <xsl:when test="declname = 'VerifyCallback'">
+ <xsl:value-of select="declname"/>
+ </xsl:when>
<xsl:when test="count(declname) = 0">
</xsl:when>
<xsl:otherwise>
Modified: trunk/libs/asio/example/ssl/client.cpp
==============================================================================
--- trunk/libs/asio/example/ssl/client.cpp (original)
+++ trunk/libs/asio/example/ssl/client.cpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -24,11 +24,34 @@
boost::asio::ip::tcp::resolver::iterator endpoint_iterator)
: socket_(io_service, context)
{
+ socket_.set_verify_mode(boost::asio::ssl::verify_peer);
+ socket_.set_verify_callback(
+ boost::bind(&client::verify_certificate, this, _1, _2));
+
boost::asio::async_connect(socket_.lowest_layer(), endpoint_iterator,
boost::bind(&client::handle_connect, this,
boost::asio::placeholders::error));
}
+ bool verify_certificate(bool preverified,
+ boost::asio::ssl::verify_context& ctx)
+ {
+ // The verify callback can be used to check whether the certificate that is
+ // being presented is valid for the peer. For example, RFC 2818 describes
+ // the steps involved in doing this for HTTPS. Consult the OpenSSL
+ // documentation for more details. Note that the callback is called once
+ // for each certificate in the certificate chain, starting from the root
+ // certificate authority.
+
+ // In this example we will simply print the certificate's subject name.
+ char subject_name[256];
+ X509* cert = X509_STORE_CTX_get_current_cert(ctx.native_handle());
+ X509_NAME_oneline(X509_get_subject_name(cert), subject_name, 256);
+ std::cout << "Verifying " << subject_name << "\n";
+
+ return preverified;
+ }
+
void handle_connect(const boost::system::error_code& error)
{
if (!error)
@@ -39,7 +62,7 @@
}
else
{
- std::cout << "Connect failed: " << error << "\n";
+ std::cout << "Connect failed: " << error.message() << "\n";
}
}
@@ -59,7 +82,7 @@
}
else
{
- std::cout << "Handshake failed: " << error << "\n";
+ std::cout << "Handshake failed: " << error.message() << "\n";
}
}
@@ -76,7 +99,7 @@
}
else
{
- std::cout << "Write failed: " << error << "\n";
+ std::cout << "Write failed: " << error.message() << "\n";
}
}
@@ -91,7 +114,7 @@
}
else
{
- std::cout << "Read failed: " << error << "\n";
+ std::cout << "Read failed: " << error.message() << "\n";
}
}
@@ -118,7 +141,6 @@
boost::asio::ip::tcp::resolver::iterator iterator = resolver.resolve(query);
boost::asio::ssl::context ctx(boost::asio::ssl::context::sslv23);
- ctx.set_verify_mode(boost::asio::ssl::context::verify_peer);
ctx.load_verify_file("ca.pem");
client c(io_service, ctx, iterator);
Modified: trunk/libs/asio/test/ssl/Jamfile
==============================================================================
--- trunk/libs/asio/test/ssl/Jamfile (original)
+++ trunk/libs/asio/test/ssl/Jamfile 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -41,6 +41,7 @@
run context_base.cpp <template>unit_test ;
run context_service.cpp <template>unit_test ;
run context.cpp <template>unit_test ;
+run rfc2818_verification.cpp <template>unit_test ;
run stream_base.cpp <template>unit_test ;
run stream_service.cpp <template>unit_test ;
run stream.cpp <template>unit_test ;
Modified: trunk/libs/asio/test/ssl/Jamfile.v2
==============================================================================
--- trunk/libs/asio/test/ssl/Jamfile.v2 (original)
+++ trunk/libs/asio/test/ssl/Jamfile.v2 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -58,6 +58,8 @@
[ compile context_service.cpp : $(USE_SELECT) : context_service_select ]
[ compile context.cpp ]
[ compile context.cpp : $(USE_SELECT) : context_select ]
+ [ compile rfc2818_verification.cpp ]
+ [ compile rfc2818_verification.cpp : $(USE_SELECT) : rfc2818_verification_select ]
[ compile stream_base.cpp ]
[ compile stream_base.cpp : $(USE_SELECT) : stream_base_select ]
[ compile stream_service.cpp ]
Added: trunk/libs/asio/test/ssl/rfc2818_verification.cpp
==============================================================================
--- (empty file)
+++ trunk/libs/asio/test/ssl/rfc2818_verification.cpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -0,0 +1,26 @@
+//
+// rfc2818_verification.cpp
+// ~~~~~~~~~~~~~~~~~~~~~~~~
+//
+// Copyright (c) 2003-2011 Christopher M. Kohlhoff (chris at kohlhoff dot com)
+//
+// Distributed under the Boost Software License, Version 1.0. (See accompanying
+// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
+//
+
+// Disable autolinking for unit tests.
+#if !defined(BOOST_ALL_NO_LIB)
+#define BOOST_ALL_NO_LIB 1
+#endif // !defined(BOOST_ALL_NO_LIB)
+
+// Test that header file is self-contained.
+#include <boost/asio/ssl/rfc2818_verification.hpp>
+
+#include "../unit_test.hpp"
+
+test_suite* init_unit_test_suite(int, char*[])
+{
+ test_suite* test = BOOST_TEST_SUITE("ssl/rfc2818_verification");
+ test->add(BOOST_TEST_CASE(&null_test));
+ return test;
+}
Modified: trunk/libs/asio/test/ssl/stream.cpp
==============================================================================
--- trunk/libs/asio/test/ssl/stream.cpp (original)
+++ trunk/libs/asio/test/ssl/stream.cpp 2011-03-21 21:21:50 EDT (Mon, 21 Mar 2011)
@@ -29,6 +29,13 @@
namespace ssl_stream_compile {
+#if !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+bool verify_callback(bool, boost::asio::ssl::verify_context&)
+{
+ return false;
+}
+#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+
void handshake_handler(const boost::system::error_code&)
{
}
@@ -71,6 +78,14 @@
// ssl::stream functions.
+#if !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+ SSL* ssl1 = stream1.native_handle();
+ (void)ssl1;
+#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+
+ SSL* ssl2 = stream1.impl()->ssl;
+ (void)ssl2;
+
ssl::stream<ip::tcp::socket>::lowest_layer_type& lowest_layer
= stream1.lowest_layer();
(void)lowest_layer;
@@ -80,6 +95,14 @@
= stream3.lowest_layer();
(void)lowest_layer2;
+#if !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+ stream1.set_verify_mode(ssl::verify_none);
+ stream1.set_verify_mode(ssl::verify_none, ec);
+
+ stream1.set_verify_callback(verify_callback);
+ stream1.set_verify_callback(verify_callback, ec);
+#endif // !defined(BOOST_ASIO_ENABLE_OLD_SSL)
+
stream1.handshake(ssl::stream_base::client);
stream1.handshake(ssl::stream_base::server);
stream1.handshake(ssl::stream_base::client, ec);
Boost-Commit list run by bdawes at acm.org, david.abrahams at rcn.com, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk