NotificationsYou must be signed in to change notification settings
Fork425
Star2k

Commit2031686

Teddy Reed

committed

Add HTTP client options for SSL/TLS options/ciphers

1 parentf45fdb3 commit2031686Copy full SHA for 2031686

File tree

14 files changed

+133

-48

lines changed

boost/network/protocol/http
- client
- policies

14 files changed

+133

-48

lines changed

`‎boost/network/protocol/http/client/async_impl.hpp`

Lines changed: 8 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -42,7 +42,8 @@ struct async_client`
`42`	`42`	`optional<string_type>const& certificate_filename,`
`43`	`43`	`optional<string_type>const& verify_path,`
`44`	`44`	`optional<string_type>const& certificate_file,`
`45`		`- optional<string_type>const& private_key_file)`
	`45`	`+ optional<string_type>const& private_key_file,`
	`46`	`+ optional<string_type>const& ciphers,long ssl_options)`
`46`	`47`	`: connection_base(cache_resolved, follow_redirect, timeout),`
`47`	`48`	`service_ptr(service.get()`
`48`	`49`	`? service`
`@@ -54,6 +55,8 @@ struct async_client`
`54`	`55`	`verify_path_(verify_path),`
`55`	`56`	`certificate_file_(certificate_file),`
`56`	`57`	`private_key_file_(private_key_file),`
	`58`	`+ ciphers_(ciphers),`
	`59`	`+ ssl_options_(ssl_options),`
`57`	`60`	`always_verify_peer_(always_verify_peer) {`
`58`	`61`	`connection_base::resolver_strand_.reset(`
`59`	`62`	`newboost::asio::io_service::strand(service_));`
`@@ -79,7 +82,8 @@ struct async_client`
`79`	`82`	`typename connection_base::connection_ptr connection_;`
`80`	`83`	`connection_ =connection_base::get_connection(`
`81`	`84`	`resolver_, request_, always_verify_peer_, certificate_filename_,`
`82`		`- verify_path_, certificate_file_, private_key_file_);`
	`85`	`+ verify_path_, certificate_file_, private_key_file_, ciphers_,`
	`86`	`+ ssl_options_);`
`83`	`87`	`return connection_->send_request(method, request_, get_body, callback,`
`84`	`88`	`generator);`
`85`	`89`	`}`
`@@ -93,6 +97,8 @@ struct async_client`
`93`	`97`	`optional<string_type> verify_path_;`
`94`	`98`	`optional<string_type> certificate_file_;`
`95`	`99`	`optional<string_type> private_key_file_;`
	`100`	`+ optional<string_type> ciphers_;`
	`101`	`+long ssl_options_;`
`96`	`102`	`bool always_verify_peer_;`
`97`	`103`	`};`
`98`	`104`	`}// namespace impl`

`‎boost/network/protocol/http/client/connection/async_base.hpp`

Lines changed: 4 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -43,7 +43,9 @@ struct async_connection_base {`
`43`	`43`	`optional<string_type> certificate_filename = optional<string_type>(),`
`44`	`44`	`optional<string_type>const &verify_path = optional<string_type>(),`
`45`	`45`	`optional<string_type> certificate_file = optional<string_type>(),`
`46`		`- optional<string_type> private_key_file = optional<string_type>()) {`
	`46`	`+ optional<string_type> private_key_file = optional<string_type>(),`
	`47`	`+ optional<string_type> ciphers = optional<string_type>(),`
	`48`	`+ long ssl_options = 0) {`
`47`	`49`	`typedef http_async_connection<Tag, version_major, version_minor>`
`48`	`50`	`async_connection;`
`49`	`51`	`typedeftypename delegate_factory<Tag>::type delegate_factory_type;`
`@@ -53,7 +55,7 @@ struct async_connection_base {`
`53`	`55`	`delegate_factory_type::new_connection_delegate(`
`54`	`56`	`resolver.get_io_service(), https, always_verify_peer,`
`55`	`57`	`certificate_filename, verify_path, certificate_file,`
`56`		`- private_key_file)));`
	`58`	`+ private_key_file, ciphers, ssl_options)));`
`57`	`59`	`BOOST_ASSERT(temp.get() !=0);`
`58`	`60`	`return temp;`
`59`	`61`	`}`

`‎boost/network/protocol/http/client/connection/connection_delegate_factory.hpp`

Lines changed: 5 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -35,13 +35,14 @@ struct connection_delegate_factory {`
`35`	`35`	`asio::io_service& service,bool https,bool always_verify_peer,`
`36`	`36`	`optional<string_type> certificate_filename,`
`37`	`37`	`optional<string_type> verify_path, optional<string_type> certificate_file,`
`38`		`- optional<string_type> private_key_file) {`
	`38`	`+ optional<string_type> private_key_file, optional<string_type> ciphers,`
	`39`	`+long ssl_options) {`
`39`	`40`	`connection_delegate_ptr delegate;`
`40`	`41`	`if (https) {`
`41`	`42`	`#ifdef BOOST_NETWORK_ENABLE_HTTPS`
`42`		`- delegate.reset(newssl_delegate(service, always_verify_peer,`
`43`		`- certificate_filename, verify_path,`
`44`		`-certificate_file, private_key_file));`
	`43`	`+ delegate.reset(newssl_delegate(`
	`44`	`+service, always_verify_peer, certificate_filename, verify_path,`
	`45`	`+ certificate_file, private_key_file, ciphers, ssl_options));`
`45`	`46`	`#else`
`46`	`47`	`BOOST_THROW_EXCEPTION(std::runtime_error("HTTPS not supported."));`
`47`	`48`	`#endif/* BOOST_NETWORK_ENABLE_HTTPS*/`

`‎boost/network/protocol/http/client/connection/ssl_delegate.hpp`

Lines changed: 4 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,8 @@ struct ssl_delegate : connection_delegate,`
`26`	`26`	`optional<std::string> certificate_filename,`
`27`	`27`	`optional<std::string> verify_path,`
`28`	`28`	`optional<std::string> certificate_file,`
`29`		`- optional<std::string> private_key_file);`
	`29`	`+ optional<std::string> private_key_file,`
	`30`	`+ optional<std::string> ciphers,long ssl_options);`
`30`	`31`
`31`	`32`	`virtualvoidconnect(asio::ip::tcp::endpoint &endpoint, std::string host,`
`32`	`33`	`function<void(system::error_codeconst &)> handler);`
`@@ -45,6 +46,8 @@ struct ssl_delegate : connection_delegate,`
`45`	`46`	`optional<std::string> verify_path_;`
`46`	`47`	`optional<std::string> certificate_file_;`
`47`	`48`	`optional<std::string> private_key_file_;`
	`49`	`+ optional<std::string> ciphers_;`
	`50`	`+long ssl_options_;`
`48`	`51`	`scoped_ptr<asio::ssl::context> context_;`
`49`	`52`	`scoped_ptr<asio::ssl::stream<asio::ip::tcp::socket> > socket_;`
`50`	`53`	`bool always_verify_peer_;`

`‎boost/network/protocol/http/client/connection/ssl_delegate.ipp`

Lines changed: 18 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -14,20 +14,31 @@`
`14`	`14`	`boost::network::http::impl::ssl_delegate::ssl_delegate(`
`15`	`15`	`asio::io_service &service,bool always_verify_peer,`
`16`	`16`	`optional<std::string> certificate_filename,`
`17`		`- optional<std::string> verify_path, optional<std::string> certificate_file,`
`18`		`- optional<std::string> private_key_file)`
	`17`	`+ optional<std::string> verify_path,`
	`18`	`+ optional<std::string> certificate_file,`
	`19`	`+ optional<std::string> private_key_file,`
	`20`	`+ optional<std::string> ciphers,`
	`21`	`+long ssl_options)`
`19`	`22`	`: service_(service),`
`20`	`23`	`certificate_filename_(certificate_filename),`
`21`	`24`	`verify_path_(verify_path),`
`22`	`25`	`certificate_file_(certificate_file),`
`23`	`26`	`private_key_file_(private_key_file),`
	`27`	`+ ciphers_(ciphers),`
	`28`	`+ ssl_options_(ssl_options),`
`24`	`29`	`always_verify_peer_(always_verify_peer) {}`
`25`	`30`
`26`	`31`	`voidboost::network::http::impl::ssl_delegate::connect(`
`27`	`32`	`asio::ip::tcp::endpoint &endpoint, std::string host,`
`28`	`33`	`function<void(system::error_codeconst &)> handler) {`
`29`	`34`	`context_.reset(`
`30`		`-newasio::ssl::context(service_, asio::ssl::context::sslv23_client));`
	`35`	`+newasio::ssl::context(service_, asio::ssl::context::tlsv1_client));`
	`36`	`+if (ciphers_) {`
	`37`	`+::SSL_CTX_set_cipher_list(context_->native_handle(), ciphers_->c_str());`
	`38`	`+ }`
	`39`	`+if (ssl_options_ !=0) {`
	`40`	`+ context_->set_options(ssl_options_);`
	`41`	`+ }`
`31`	`42`	`if (certificate_filename_ \|\| verify_path_) {`
`32`	`43`	`context_->set_verify_mode(asio::ssl::context::verify_peer);`
`33`	`44`	`if (certificate_filename_)`
`@@ -36,9 +47,10 @@ void boost::network::http::impl::ssl_delegate::connect(`
`36`	`47`	`}else {`
`37`	`48`	`if (always_verify_peer_) {`
`38`	`49`	`context_->set_verify_mode(asio::ssl::context::verify_peer);`
`39`		`- context_->set_default_verify_paths();// use openssl default verify paths. uses openssl environment variables SSL_CERT_DIR, SSL_CERT_FILE`
`40`		`-}`
`41`		`-else`
	`50`	`+// use openssl default verify paths. uses openssl environment variables`
	`51`	`+// SSL_CERT_DIR, SSL_CERT_FILE`
	`52`	`+ context_->set_default_verify_paths();`
	`53`	`+ }else`
`42`	`54`	`context_->set_verify_mode(asio::ssl::context::verify_none);`
`43`	`55`	`}`
`44`	`56`	`if (certificate_file_)`

`‎boost/network/protocol/http/client/connection/sync_base.hpp`

Lines changed: 13 additions & 9 deletions

Original file line number	Diff line number	Diff line change
`@@ -245,22 +245,26 @@ struct sync_connection_base {`
`245`	`245`	`// optional`
`246`	`246`	`// ranges`
`247`	`247`	`static sync_connection_base<Tag, version_major, version_minor>*`
`248`		`-new_connection(`
`249`		`- resolver_type& resolver, resolver_function_type resolve,bool https,`
`250`		`-bool always_verify_peer,int timeout,`
`251`		`- optional<string_type>const& certificate_filename =`
`252`		`- optional<string_type>(),`
`253`		`- optional<string_type>const& verify_path = optional<string_type>(),`
`254`		`- optional<string_type>const& certificate_file = optional<string_type>(),`
`255`		`- optional<string_type>const& private_key_file = optional<string_type>()) {`
	`248`	`+new_connection(`
	`249`	`+ resolver_type& resolver, resolver_function_type resolve,bool https,`
	`250`	`+bool always_verify_peer,int timeout,`
	`251`	`+ optional<string_type>const& certificate_filename =`
	`252`	`+ optional<string_type>(),`
	`253`	`+ optional<string_type>const& verify_path = optional<string_type>(),`
	`254`	`+ optional<string_type>const& certificate_file =`
	`255`	`+ optional<string_type>(),`
	`256`	`+ optional<string_type>const& private_key_file =`
	`257`	`+ optional<string_type>(),`
	`258`	`+ optional<string_type>const& ciphers = optional<string_type>(),`
	`259`	`+long ssl_options =0) {`
`256`	`260`	`if (https) {`
`257`	`261`	`#ifdef BOOST_NETWORK_ENABLE_HTTPS`
`258`	`262`	`returndynamic_cast<`
`259`	`263`	`sync_connection_base<Tag, version_major, version_minor>*>(`
`260`	`264`	`new https_sync_connection<Tag, version_major, version_minor>(`
`261`	`265`	`resolver, resolve, always_verify_peer, timeout,`
`262`	`266`	`certificate_filename, verify_path, certificate_file,`
`263`		`- private_key_file));`
	`267`	`+ private_key_file, ciphers, ssl_options));`
`264`	`268`	`#else`
`265`	`269`	`throwstd::runtime_error("HTTPS not supported.");`
`266`	`270`	`#endif`

`‎boost/network/protocol/http/client/connection/sync_ssl.hpp`

Lines changed: 9 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -56,7 +56,9 @@ struct https_sync_connection`
`56`	`56`	`optional<string_type>(),`
`57`	`57`	`optional<string_type>const& verify_path = optional<string_type>(),`
`58`	`58`	`optional<string_type>const& certificate_file = optional<string_type>(),`
`59`		`- optional<string_type>const& private_key_file = optional<string_type>())`
	`59`	`+ optional<string_type>const& private_key_file = optional<string_type>(),`
	`60`	`+ optional<string_type>const& ciphers = optional<string_type>(),`
	`61`	`+long ssl_options =0)`
`60`	`62`	`: connection_base(),`
`61`	`63`	`timeout_(timeout),`
`62`	`64`	`timer_(resolver.get_io_service()),`
`@@ -65,6 +67,12 @@ struct https_sync_connection`
`65`	`67`	`context_(resolver.get_io_service(),`
`66`	`68`	`boost::asio::ssl::context::sslv23_client),`
`67`	`69`	`socket_(resolver.get_io_service(), context_) {`
	`70`	`+if (ciphers) {`
	`71`	`+::SSL_CTX_set_cipher_list(context_.native_handle(), ciphers->c_str());`
	`72`	`+ }`
	`73`	`+if (ssl_options !=0) {`
	`74`	`+ context_.set_options(ssl_options);`
	`75`	`+ }`
`68`	`76`	`if (certificate_filename \|\| verify_path) {`
`69`	`77`	`context_.set_verify_mode(boost::asio::ssl::context::verify_peer);`
`70`	`78`	`// FIXME make the certificate filename and verify path parameters`

`‎boost/network/protocol/http/client/facade.hpp`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -162,8 +162,8 @@ struct basic_client_facade {`
`162`	`162`	`options.cache_resolved(), options.follow_redirects(),`
`163`	`163`	`options.always_verify_peer(), options.openssl_certificate(),`
`164`	`164`	`options.openssl_verify_path(), options.openssl_certificate_file(),`
`165`		`- options.openssl_private_key_file(), options.io_service(),`
`166`		`- options.timeout()));`
	`165`	`+ options.openssl_private_key_file(), options.openssl_ciphers(),`
	`166`	`+ options.openssl_options(), options.io_service(), options.timeout()));`
`167`	`167`	`}`
`168`	`168`	`};`
`169`	`169`

`‎boost/network/protocol/http/client/options.hpp`

Lines changed: 24 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -27,6 +27,8 @@ struct client_options {`
`27`	`27`	`openssl_verify_path_(),`
`28`	`28`	`openssl_certificate_file_(),`
`29`	`29`	`openssl_private_key_file_(),`
	`30`	`+ openssl_ciphers_(),`
	`31`	`+ openssl_options_(0),`
`30`	`32`	`io_service_(),`
`31`	`33`	`always_verify_peer_(false),`
`32`	`34`	`timeout_(0) {}`
`@@ -38,6 +40,8 @@ struct client_options {`
`38`	`40`	`openssl_verify_path_(other.openssl_verify_path_),`
`39`	`41`	`openssl_certificate_file_(other.openssl_certificate_file_),`
`40`	`42`	`openssl_private_key_file_(other.openssl_private_key_file_),`
	`43`	`+ openssl_ciphers_(other.openssl_ciphers_),`
	`44`	`+ openssl_options_(other.openssl_options_),`
`41`	`45`	`io_service_(other.io_service_),`
`42`	`46`	`always_verify_peer_(other.always_verify_peer_),`
`43`	`47`	`timeout_(other.timeout_) {}`
`@@ -55,6 +59,8 @@ struct client_options {`
`55`	`59`	`swap(openssl_verify_path_, other.openssl_verify_path_);`
`56`	`60`	`swap(openssl_certificate_file_, other.openssl_certificate_file_);`
`57`	`61`	`swap(openssl_private_key_file_, other.openssl_private_key_file_);`
	`62`	`+swap(openssl_ciphers_, other.openssl_ciphers_);`
	`63`	`+swap(openssl_options_, other.openssl_options_);`
`58`	`64`	`swap(io_service_, other.io_service_);`
`59`	`65`	`swap(always_verify_peer_, other.always_verify_peer_);`
`60`	`66`	`swap(timeout_, other.timeout_);`
`@@ -90,6 +96,16 @@ struct client_options {`
`90`	`96`	`return *this;`
`91`	`97`	`}`
`92`	`98`
	`99`	`+ client_options&openssl_ciphers(string_typeconst& v) {`
	`100`	`+ openssl_ciphers_ = v;`
	`101`	`+return *this;`
	`102`	`+ }`
	`103`	`+`
	`104`	`+ client_options&openssl_options(long o) {`
	`105`	`+ openssl_options_ ^= o;`
	`106`	`+return *this;`
	`107`	`+ }`
	`108`	`+`
`93`	`109`	`client_options&io_service(boost::shared_ptr<boost::asio::io_service> v) {`
`94`	`110`	`io_service_ = v;`
`95`	`111`	`return *this;`
`@@ -125,6 +141,12 @@ struct client_options {`
`125`	`141`	`return openssl_private_key_file_;`
`126`	`142`	`}`
`127`	`143`
	`144`	`+ boost::optional<string_type>openssl_ciphers()const {`
	`145`	`+return openssl_ciphers_;`
	`146`	`+ }`
	`147`	`+`
	`148`	`+longopenssl_options()const {return openssl_options_; }`
	`149`	`+`
`128`	`150`	`boost::shared_ptr<boost::asio::io_service>io_service()const {`
`129`	`151`	`return io_service_;`
`130`	`152`	`}`
`@@ -140,6 +162,8 @@ struct client_options {`
`140`	`162`	`boost::optional<string_type> openssl_verify_path_;`
`141`	`163`	`boost::optional<string_type> openssl_certificate_file_;`
`142`	`164`	`boost::optional<string_type> openssl_private_key_file_;`
	`165`	`+ boost::optional<string_type> openssl_ciphers_;`
	`166`	`+long openssl_options_;`
`143`	`167`	`boost::shared_ptr<boost::asio::io_service> io_service_;`
`144`	`168`	`bool always_verify_peer_;`
`145`	`169`	`int timeout_;`

`‎boost/network/protocol/http/client/pimpl.hpp`

Lines changed: 2 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -71,11 +71,12 @@ struct basic_client_impl`
`71`	`71`	`optional<string_type>const& verify_path,`
`72`	`72`	`optional<string_type>const& certificate_file,`
`73`	`73`	`optional<string_type>const& private_key_file,`
	`74`	`+ optional<string_type>const& ciphers,long ssl_options,`
`74`	`75`	`boost::shared_ptr<boost::asio::io_service> service,`
`75`	`76`	`int timeout)`
`76`	`77`	`: base_type(cache_resolved, follow_redirect, always_verify_peer, timeout,`
`77`	`78`	`service, certificate_filename, verify_path, certificate_file,`
`78`		`- private_key_file) {}`
	`79`	`+ private_key_file, ciphers, ssl_options) {}`
`79`	`80`
`80`	`81`	`~basic_client_impl() {}`
`81`	`82`	`};`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit2031686

File tree

14 files changed

14 files changed

`‎boost/network/protocol/http/client/async_impl.hpp`

`‎boost/network/protocol/http/client/connection/async_base.hpp`

`‎boost/network/protocol/http/client/connection/connection_delegate_factory.hpp`

`‎boost/network/protocol/http/client/connection/ssl_delegate.hpp`

`‎boost/network/protocol/http/client/connection/ssl_delegate.ipp`

`‎boost/network/protocol/http/client/connection/sync_base.hpp`

`‎boost/network/protocol/http/client/connection/sync_ssl.hpp`

`‎boost/network/protocol/http/client/facade.hpp`

`‎boost/network/protocol/http/client/options.hpp`

`‎boost/network/protocol/http/client/pimpl.hpp`

0 commit comments