Audio plugin host https://kx.studio/carla
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

759 lines
25KB

  1. //
  2. // ssl/context.hpp
  3. // ~~~~~~~~~~~~~~~
  4. //
  5. // Copyright (c) 2003-2019 Christopher M. Kohlhoff (chris at kohlhoff dot com)
  6. //
  7. // Distributed under the Boost Software License, Version 1.0. (See accompanying
  8. // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
  9. //
  10. #ifndef ASIO_SSL_CONTEXT_HPP
  11. #define ASIO_SSL_CONTEXT_HPP
  12. #if defined(_MSC_VER) && (_MSC_VER >= 1200)
  13. # pragma once
  14. #endif // defined(_MSC_VER) && (_MSC_VER >= 1200)
  15. #include "asio/detail/config.hpp"
  16. #include <string>
  17. #include "asio/buffer.hpp"
  18. #include "asio/io_context.hpp"
  19. #include "asio/ssl/context_base.hpp"
  20. #include "asio/ssl/detail/openssl_types.hpp"
  21. #include "asio/ssl/detail/openssl_init.hpp"
  22. #include "asio/ssl/detail/password_callback.hpp"
  23. #include "asio/ssl/detail/verify_callback.hpp"
  24. #include "asio/ssl/verify_mode.hpp"
  25. #include "asio/detail/push_options.hpp"
  26. namespace asio {
  27. namespace ssl {
  28. class context
  29. : public context_base,
  30. private noncopyable
  31. {
  32. public:
  33. /// The native handle type of the SSL context.
  34. typedef SSL_CTX* native_handle_type;
  35. /// Constructor.
  36. ASIO_DECL explicit context(method m);
  37. #if defined(ASIO_HAS_MOVE) || defined(GENERATING_DOCUMENTATION)
  38. /// Move-construct a context from another.
  39. /**
  40. * This constructor moves an SSL context from one object to another.
  41. *
  42. * @param other The other context object from which the move will occur.
  43. *
  44. * @note Following the move, the following operations only are valid for the
  45. * moved-from object:
  46. * @li Destruction.
  47. * @li As a target for move-assignment.
  48. */
  49. ASIO_DECL context(context&& other);
  50. /// Move-assign a context from another.
  51. /**
  52. * This assignment operator moves an SSL context from one object to another.
  53. *
  54. * @param other The other context object from which the move will occur.
  55. *
  56. * @note Following the move, the following operations only are valid for the
  57. * moved-from object:
  58. * @li Destruction.
  59. * @li As a target for move-assignment.
  60. */
  61. ASIO_DECL context& operator=(context&& other);
  62. #endif // defined(ASIO_HAS_MOVE) || defined(GENERATING_DOCUMENTATION)
  63. /// Destructor.
  64. ASIO_DECL ~context();
  65. /// Get the underlying implementation in the native type.
  66. /**
  67. * This function may be used to obtain the underlying implementation of the
  68. * context. This is intended to allow access to context functionality that is
  69. * not otherwise provided.
  70. */
  71. ASIO_DECL native_handle_type native_handle();
  72. /// Clear options on the context.
  73. /**
  74. * This function may be used to configure the SSL options used by the context.
  75. *
  76. * @param o A bitmask of options. The available option values are defined in
  77. * the context_base class. The specified options, if currently enabled on the
  78. * context, are cleared.
  79. *
  80. * @throws asio::system_error Thrown on failure.
  81. *
  82. * @note Calls @c SSL_CTX_clear_options.
  83. */
  84. ASIO_DECL void clear_options(options o);
  85. /// Clear options on the context.
  86. /**
  87. * This function may be used to configure the SSL options used by the context.
  88. *
  89. * @param o A bitmask of options. The available option values are defined in
  90. * the context_base class. The specified options, if currently enabled on the
  91. * context, are cleared.
  92. *
  93. * @param ec Set to indicate what error occurred, if any.
  94. *
  95. * @note Calls @c SSL_CTX_clear_options.
  96. */
  97. ASIO_DECL ASIO_SYNC_OP_VOID clear_options(options o,
  98. asio::error_code& ec);
  99. /// Set options on the context.
  100. /**
  101. * This function may be used to configure the SSL options used by the context.
  102. *
  103. * @param o A bitmask of options. The available option values are defined in
  104. * the context_base class. The options are bitwise-ored with any existing
  105. * value for the options.
  106. *
  107. * @throws asio::system_error Thrown on failure.
  108. *
  109. * @note Calls @c SSL_CTX_set_options.
  110. */
  111. ASIO_DECL void set_options(options o);
  112. /// Set options on the context.
  113. /**
  114. * This function may be used to configure the SSL options used by the context.
  115. *
  116. * @param o A bitmask of options. The available option values are defined in
  117. * the context_base class. The options are bitwise-ored with any existing
  118. * value for the options.
  119. *
  120. * @param ec Set to indicate what error occurred, if any.
  121. *
  122. * @note Calls @c SSL_CTX_set_options.
  123. */
  124. ASIO_DECL ASIO_SYNC_OP_VOID set_options(options o,
  125. asio::error_code& ec);
  126. /// Set the peer verification mode.
  127. /**
  128. * This function may be used to configure the peer verification mode used by
  129. * the context.
  130. *
  131. * @param v A bitmask of peer verification modes. See @ref verify_mode for
  132. * available values.
  133. *
  134. * @throws asio::system_error Thrown on failure.
  135. *
  136. * @note Calls @c SSL_CTX_set_verify.
  137. */
  138. ASIO_DECL void set_verify_mode(verify_mode v);
  139. /// Set the peer verification mode.
  140. /**
  141. * This function may be used to configure the peer verification mode used by
  142. * the context.
  143. *
  144. * @param v A bitmask of peer verification modes. See @ref verify_mode for
  145. * available values.
  146. *
  147. * @param ec Set to indicate what error occurred, if any.
  148. *
  149. * @note Calls @c SSL_CTX_set_verify.
  150. */
  151. ASIO_DECL ASIO_SYNC_OP_VOID set_verify_mode(
  152. verify_mode v, asio::error_code& ec);
  153. /// Set the peer verification depth.
  154. /**
  155. * This function may be used to configure the maximum verification depth
  156. * allowed by the context.
  157. *
  158. * @param depth Maximum depth for the certificate chain verification that
  159. * shall be allowed.
  160. *
  161. * @throws asio::system_error Thrown on failure.
  162. *
  163. * @note Calls @c SSL_CTX_set_verify_depth.
  164. */
  165. ASIO_DECL void set_verify_depth(int depth);
  166. /// Set the peer verification depth.
  167. /**
  168. * This function may be used to configure the maximum verification depth
  169. * allowed by the context.
  170. *
  171. * @param depth Maximum depth for the certificate chain verification that
  172. * shall be allowed.
  173. *
  174. * @param ec Set to indicate what error occurred, if any.
  175. *
  176. * @note Calls @c SSL_CTX_set_verify_depth.
  177. */
  178. ASIO_DECL ASIO_SYNC_OP_VOID set_verify_depth(
  179. int depth, asio::error_code& ec);
  180. /// Set the callback used to verify peer certificates.
  181. /**
  182. * This function is used to specify a callback function that will be called
  183. * by the implementation when it needs to verify a peer certificate.
  184. *
  185. * @param callback The function object to be used for verifying a certificate.
  186. * The function signature of the handler must be:
  187. * @code bool verify_callback(
  188. * bool preverified, // True if the certificate passed pre-verification.
  189. * verify_context& ctx // The peer certificate and other context.
  190. * ); @endcode
  191. * The return value of the callback is true if the certificate has passed
  192. * verification, false otherwise.
  193. *
  194. * @throws asio::system_error Thrown on failure.
  195. *
  196. * @note Calls @c SSL_CTX_set_verify.
  197. */
  198. template <typename VerifyCallback>
  199. void set_verify_callback(VerifyCallback callback);
  200. /// Set the callback used to verify peer certificates.
  201. /**
  202. * This function is used to specify a callback function that will be called
  203. * by the implementation when it needs to verify a peer certificate.
  204. *
  205. * @param callback The function object to be used for verifying a certificate.
  206. * The function signature of the handler must be:
  207. * @code bool verify_callback(
  208. * bool preverified, // True if the certificate passed pre-verification.
  209. * verify_context& ctx // The peer certificate and other context.
  210. * ); @endcode
  211. * The return value of the callback is true if the certificate has passed
  212. * verification, false otherwise.
  213. *
  214. * @param ec Set to indicate what error occurred, if any.
  215. *
  216. * @note Calls @c SSL_CTX_set_verify.
  217. */
  218. template <typename VerifyCallback>
  219. ASIO_SYNC_OP_VOID set_verify_callback(VerifyCallback callback,
  220. asio::error_code& ec);
  221. /// Load a certification authority file for performing verification.
  222. /**
  223. * This function is used to load one or more trusted certification authorities
  224. * from a file.
  225. *
  226. * @param filename The name of a file containing certification authority
  227. * certificates in PEM format.
  228. *
  229. * @throws asio::system_error Thrown on failure.
  230. *
  231. * @note Calls @c SSL_CTX_load_verify_locations.
  232. */
  233. ASIO_DECL void load_verify_file(const std::string& filename);
  234. /// Load a certification authority file for performing verification.
  235. /**
  236. * This function is used to load the certificates for one or more trusted
  237. * certification authorities from a file.
  238. *
  239. * @param filename The name of a file containing certification authority
  240. * certificates in PEM format.
  241. *
  242. * @param ec Set to indicate what error occurred, if any.
  243. *
  244. * @note Calls @c SSL_CTX_load_verify_locations.
  245. */
  246. ASIO_DECL ASIO_SYNC_OP_VOID load_verify_file(
  247. const std::string& filename, asio::error_code& ec);
  248. /// Add certification authority for performing verification.
  249. /**
  250. * This function is used to add one trusted certification authority
  251. * from a memory buffer.
  252. *
  253. * @param ca The buffer containing the certification authority certificate.
  254. * The certificate must use the PEM format.
  255. *
  256. * @throws asio::system_error Thrown on failure.
  257. *
  258. * @note Calls @c SSL_CTX_get_cert_store and @c X509_STORE_add_cert.
  259. */
  260. ASIO_DECL void add_certificate_authority(const const_buffer& ca);
  261. /// Add certification authority for performing verification.
  262. /**
  263. * This function is used to add one trusted certification authority
  264. * from a memory buffer.
  265. *
  266. * @param ca The buffer containing the certification authority certificate.
  267. * The certificate must use the PEM format.
  268. *
  269. * @param ec Set to indicate what error occurred, if any.
  270. *
  271. * @note Calls @c SSL_CTX_get_cert_store and @c X509_STORE_add_cert.
  272. */
  273. ASIO_DECL ASIO_SYNC_OP_VOID add_certificate_authority(
  274. const const_buffer& ca, asio::error_code& ec);
  275. /// Configures the context to use the default directories for finding
  276. /// certification authority certificates.
  277. /**
  278. * This function specifies that the context should use the default,
  279. * system-dependent directories for locating certification authority
  280. * certificates.
  281. *
  282. * @throws asio::system_error Thrown on failure.
  283. *
  284. * @note Calls @c SSL_CTX_set_default_verify_paths.
  285. */
  286. ASIO_DECL void set_default_verify_paths();
  287. /// Configures the context to use the default directories for finding
  288. /// certification authority certificates.
  289. /**
  290. * This function specifies that the context should use the default,
  291. * system-dependent directories for locating certification authority
  292. * certificates.
  293. *
  294. * @param ec Set to indicate what error occurred, if any.
  295. *
  296. * @note Calls @c SSL_CTX_set_default_verify_paths.
  297. */
  298. ASIO_DECL ASIO_SYNC_OP_VOID set_default_verify_paths(
  299. asio::error_code& ec);
  300. /// Add a directory containing certificate authority files to be used for
  301. /// performing verification.
  302. /**
  303. * This function is used to specify the name of a directory containing
  304. * certification authority certificates. Each file in the directory must
  305. * contain a single certificate. The files must be named using the subject
  306. * name's hash and an extension of ".0".
  307. *
  308. * @param path The name of a directory containing the certificates.
  309. *
  310. * @throws asio::system_error Thrown on failure.
  311. *
  312. * @note Calls @c SSL_CTX_load_verify_locations.
  313. */
  314. ASIO_DECL void add_verify_path(const std::string& path);
  315. /// Add a directory containing certificate authority files to be used for
  316. /// performing verification.
  317. /**
  318. * This function is used to specify the name of a directory containing
  319. * certification authority certificates. Each file in the directory must
  320. * contain a single certificate. The files must be named using the subject
  321. * name's hash and an extension of ".0".
  322. *
  323. * @param path The name of a directory containing the certificates.
  324. *
  325. * @param ec Set to indicate what error occurred, if any.
  326. *
  327. * @note Calls @c SSL_CTX_load_verify_locations.
  328. */
  329. ASIO_DECL ASIO_SYNC_OP_VOID add_verify_path(
  330. const std::string& path, asio::error_code& ec);
  331. /// Use a certificate from a memory buffer.
  332. /**
  333. * This function is used to load a certificate into the context from a buffer.
  334. *
  335. * @param certificate The buffer containing the certificate.
  336. *
  337. * @param format The certificate format (ASN.1 or PEM).
  338. *
  339. * @throws asio::system_error Thrown on failure.
  340. *
  341. * @note Calls @c SSL_CTX_use_certificate or SSL_CTX_use_certificate_ASN1.
  342. */
  343. ASIO_DECL void use_certificate(
  344. const const_buffer& certificate, file_format format);
  345. /// Use a certificate from a memory buffer.
  346. /**
  347. * This function is used to load a certificate into the context from a buffer.
  348. *
  349. * @param certificate The buffer containing the certificate.
  350. *
  351. * @param format The certificate format (ASN.1 or PEM).
  352. *
  353. * @param ec Set to indicate what error occurred, if any.
  354. *
  355. * @note Calls @c SSL_CTX_use_certificate or SSL_CTX_use_certificate_ASN1.
  356. */
  357. ASIO_DECL ASIO_SYNC_OP_VOID use_certificate(
  358. const const_buffer& certificate, file_format format,
  359. asio::error_code& ec);
  360. /// Use a certificate from a file.
  361. /**
  362. * This function is used to load a certificate into the context from a file.
  363. *
  364. * @param filename The name of the file containing the certificate.
  365. *
  366. * @param format The file format (ASN.1 or PEM).
  367. *
  368. * @throws asio::system_error Thrown on failure.
  369. *
  370. * @note Calls @c SSL_CTX_use_certificate_file.
  371. */
  372. ASIO_DECL void use_certificate_file(
  373. const std::string& filename, file_format format);
  374. /// Use a certificate from a file.
  375. /**
  376. * This function is used to load a certificate into the context from a file.
  377. *
  378. * @param filename The name of the file containing the certificate.
  379. *
  380. * @param format The file format (ASN.1 or PEM).
  381. *
  382. * @param ec Set to indicate what error occurred, if any.
  383. *
  384. * @note Calls @c SSL_CTX_use_certificate_file.
  385. */
  386. ASIO_DECL ASIO_SYNC_OP_VOID use_certificate_file(
  387. const std::string& filename, file_format format,
  388. asio::error_code& ec);
  389. /// Use a certificate chain from a memory buffer.
  390. /**
  391. * This function is used to load a certificate chain into the context from a
  392. * buffer.
  393. *
  394. * @param chain The buffer containing the certificate chain. The certificate
  395. * chain must use the PEM format.
  396. *
  397. * @throws asio::system_error Thrown on failure.
  398. *
  399. * @note Calls @c SSL_CTX_use_certificate and SSL_CTX_add_extra_chain_cert.
  400. */
  401. ASIO_DECL void use_certificate_chain(const const_buffer& chain);
  402. /// Use a certificate chain from a memory buffer.
  403. /**
  404. * This function is used to load a certificate chain into the context from a
  405. * buffer.
  406. *
  407. * @param chain The buffer containing the certificate chain. The certificate
  408. * chain must use the PEM format.
  409. *
  410. * @param ec Set to indicate what error occurred, if any.
  411. *
  412. * @note Calls @c SSL_CTX_use_certificate and SSL_CTX_add_extra_chain_cert.
  413. */
  414. ASIO_DECL ASIO_SYNC_OP_VOID use_certificate_chain(
  415. const const_buffer& chain, asio::error_code& ec);
  416. /// Use a certificate chain from a file.
  417. /**
  418. * This function is used to load a certificate chain into the context from a
  419. * file.
  420. *
  421. * @param filename The name of the file containing the certificate. The file
  422. * must use the PEM format.
  423. *
  424. * @throws asio::system_error Thrown on failure.
  425. *
  426. * @note Calls @c SSL_CTX_use_certificate_chain_file.
  427. */
  428. ASIO_DECL void use_certificate_chain_file(const std::string& filename);
  429. /// Use a certificate chain from a file.
  430. /**
  431. * This function is used to load a certificate chain into the context from a
  432. * file.
  433. *
  434. * @param filename The name of the file containing the certificate. The file
  435. * must use the PEM format.
  436. *
  437. * @param ec Set to indicate what error occurred, if any.
  438. *
  439. * @note Calls @c SSL_CTX_use_certificate_chain_file.
  440. */
  441. ASIO_DECL ASIO_SYNC_OP_VOID use_certificate_chain_file(
  442. const std::string& filename, asio::error_code& ec);
  443. /// Use a private key from a memory buffer.
  444. /**
  445. * This function is used to load a private key into the context from a buffer.
  446. *
  447. * @param private_key The buffer containing the private key.
  448. *
  449. * @param format The private key format (ASN.1 or PEM).
  450. *
  451. * @throws asio::system_error Thrown on failure.
  452. *
  453. * @note Calls @c SSL_CTX_use_PrivateKey or SSL_CTX_use_PrivateKey_ASN1.
  454. */
  455. ASIO_DECL void use_private_key(
  456. const const_buffer& private_key, file_format format);
  457. /// Use a private key from a memory buffer.
  458. /**
  459. * This function is used to load a private key into the context from a buffer.
  460. *
  461. * @param private_key The buffer containing the private key.
  462. *
  463. * @param format The private key format (ASN.1 or PEM).
  464. *
  465. * @param ec Set to indicate what error occurred, if any.
  466. *
  467. * @note Calls @c SSL_CTX_use_PrivateKey or SSL_CTX_use_PrivateKey_ASN1.
  468. */
  469. ASIO_DECL ASIO_SYNC_OP_VOID use_private_key(
  470. const const_buffer& private_key, file_format format,
  471. asio::error_code& ec);
  472. /// Use a private key from a file.
  473. /**
  474. * This function is used to load a private key into the context from a file.
  475. *
  476. * @param filename The name of the file containing the private key.
  477. *
  478. * @param format The file format (ASN.1 or PEM).
  479. *
  480. * @throws asio::system_error Thrown on failure.
  481. *
  482. * @note Calls @c SSL_CTX_use_PrivateKey_file.
  483. */
  484. ASIO_DECL void use_private_key_file(
  485. const std::string& filename, file_format format);
  486. /// Use a private key from a file.
  487. /**
  488. * This function is used to load a private key into the context from a file.
  489. *
  490. * @param filename The name of the file containing the private key.
  491. *
  492. * @param format The file format (ASN.1 or PEM).
  493. *
  494. * @param ec Set to indicate what error occurred, if any.
  495. *
  496. * @note Calls @c SSL_CTX_use_PrivateKey_file.
  497. */
  498. ASIO_DECL ASIO_SYNC_OP_VOID use_private_key_file(
  499. const std::string& filename, file_format format,
  500. asio::error_code& ec);
  501. /// Use an RSA private key from a memory buffer.
  502. /**
  503. * This function is used to load an RSA private key into the context from a
  504. * buffer.
  505. *
  506. * @param private_key The buffer containing the RSA private key.
  507. *
  508. * @param format The private key format (ASN.1 or PEM).
  509. *
  510. * @throws asio::system_error Thrown on failure.
  511. *
  512. * @note Calls @c SSL_CTX_use_RSAPrivateKey or SSL_CTX_use_RSAPrivateKey_ASN1.
  513. */
  514. ASIO_DECL void use_rsa_private_key(
  515. const const_buffer& private_key, file_format format);
  516. /// Use an RSA private key from a memory buffer.
  517. /**
  518. * This function is used to load an RSA private key into the context from a
  519. * buffer.
  520. *
  521. * @param private_key The buffer containing the RSA private key.
  522. *
  523. * @param format The private key format (ASN.1 or PEM).
  524. *
  525. * @param ec Set to indicate what error occurred, if any.
  526. *
  527. * @note Calls @c SSL_CTX_use_RSAPrivateKey or SSL_CTX_use_RSAPrivateKey_ASN1.
  528. */
  529. ASIO_DECL ASIO_SYNC_OP_VOID use_rsa_private_key(
  530. const const_buffer& private_key, file_format format,
  531. asio::error_code& ec);
  532. /// Use an RSA private key from a file.
  533. /**
  534. * This function is used to load an RSA private key into the context from a
  535. * file.
  536. *
  537. * @param filename The name of the file containing the RSA private key.
  538. *
  539. * @param format The file format (ASN.1 or PEM).
  540. *
  541. * @throws asio::system_error Thrown on failure.
  542. *
  543. * @note Calls @c SSL_CTX_use_RSAPrivateKey_file.
  544. */
  545. ASIO_DECL void use_rsa_private_key_file(
  546. const std::string& filename, file_format format);
  547. /// Use an RSA private key from a file.
  548. /**
  549. * This function is used to load an RSA private key into the context from a
  550. * file.
  551. *
  552. * @param filename The name of the file containing the RSA private key.
  553. *
  554. * @param format The file format (ASN.1 or PEM).
  555. *
  556. * @param ec Set to indicate what error occurred, if any.
  557. *
  558. * @note Calls @c SSL_CTX_use_RSAPrivateKey_file.
  559. */
  560. ASIO_DECL ASIO_SYNC_OP_VOID use_rsa_private_key_file(
  561. const std::string& filename, file_format format,
  562. asio::error_code& ec);
  563. /// Use the specified memory buffer to obtain the temporary Diffie-Hellman
  564. /// parameters.
  565. /**
  566. * This function is used to load Diffie-Hellman parameters into the context
  567. * from a buffer.
  568. *
  569. * @param dh The memory buffer containing the Diffie-Hellman parameters. The
  570. * buffer must use the PEM format.
  571. *
  572. * @throws asio::system_error Thrown on failure.
  573. *
  574. * @note Calls @c SSL_CTX_set_tmp_dh.
  575. */
  576. ASIO_DECL void use_tmp_dh(const const_buffer& dh);
  577. /// Use the specified memory buffer to obtain the temporary Diffie-Hellman
  578. /// parameters.
  579. /**
  580. * This function is used to load Diffie-Hellman parameters into the context
  581. * from a buffer.
  582. *
  583. * @param dh The memory buffer containing the Diffie-Hellman parameters. The
  584. * buffer must use the PEM format.
  585. *
  586. * @param ec Set to indicate what error occurred, if any.
  587. *
  588. * @note Calls @c SSL_CTX_set_tmp_dh.
  589. */
  590. ASIO_DECL ASIO_SYNC_OP_VOID use_tmp_dh(
  591. const const_buffer& dh, asio::error_code& ec);
  592. /// Use the specified file to obtain the temporary Diffie-Hellman parameters.
  593. /**
  594. * This function is used to load Diffie-Hellman parameters into the context
  595. * from a file.
  596. *
  597. * @param filename The name of the file containing the Diffie-Hellman
  598. * parameters. The file must use the PEM format.
  599. *
  600. * @throws asio::system_error Thrown on failure.
  601. *
  602. * @note Calls @c SSL_CTX_set_tmp_dh.
  603. */
  604. ASIO_DECL void use_tmp_dh_file(const std::string& filename);
  605. /// Use the specified file to obtain the temporary Diffie-Hellman parameters.
  606. /**
  607. * This function is used to load Diffie-Hellman parameters into the context
  608. * from a file.
  609. *
  610. * @param filename The name of the file containing the Diffie-Hellman
  611. * parameters. The file must use the PEM format.
  612. *
  613. * @param ec Set to indicate what error occurred, if any.
  614. *
  615. * @note Calls @c SSL_CTX_set_tmp_dh.
  616. */
  617. ASIO_DECL ASIO_SYNC_OP_VOID use_tmp_dh_file(
  618. const std::string& filename, asio::error_code& ec);
  619. /// Set the password callback.
  620. /**
  621. * This function is used to specify a callback function to obtain password
  622. * information about an encrypted key in PEM format.
  623. *
  624. * @param callback The function object to be used for obtaining the password.
  625. * The function signature of the handler must be:
  626. * @code std::string password_callback(
  627. * std::size_t max_length, // The maximum size for a password.
  628. * password_purpose purpose // Whether password is for reading or writing.
  629. * ); @endcode
  630. * The return value of the callback is a string containing the password.
  631. *
  632. * @throws asio::system_error Thrown on failure.
  633. *
  634. * @note Calls @c SSL_CTX_set_default_passwd_cb.
  635. */
  636. template <typename PasswordCallback>
  637. void set_password_callback(PasswordCallback callback);
  638. /// Set the password callback.
  639. /**
  640. * This function is used to specify a callback function to obtain password
  641. * information about an encrypted key in PEM format.
  642. *
  643. * @param callback The function object to be used for obtaining the password.
  644. * The function signature of the handler must be:
  645. * @code std::string password_callback(
  646. * std::size_t max_length, // The maximum size for a password.
  647. * password_purpose purpose // Whether password is for reading or writing.
  648. * ); @endcode
  649. * The return value of the callback is a string containing the password.
  650. *
  651. * @param ec Set to indicate what error occurred, if any.
  652. *
  653. * @note Calls @c SSL_CTX_set_default_passwd_cb.
  654. */
  655. template <typename PasswordCallback>
  656. ASIO_SYNC_OP_VOID set_password_callback(PasswordCallback callback,
  657. asio::error_code& ec);
  658. private:
  659. struct bio_cleanup;
  660. struct x509_cleanup;
  661. struct evp_pkey_cleanup;
  662. struct rsa_cleanup;
  663. struct dh_cleanup;
  664. // Helper function used to set a peer certificate verification callback.
  665. ASIO_DECL ASIO_SYNC_OP_VOID do_set_verify_callback(
  666. detail::verify_callback_base* callback, asio::error_code& ec);
  667. // Callback used when the SSL implementation wants to verify a certificate.
  668. ASIO_DECL static int verify_callback_function(
  669. int preverified, X509_STORE_CTX* ctx);
  670. // Helper function used to set a password callback.
  671. ASIO_DECL ASIO_SYNC_OP_VOID do_set_password_callback(
  672. detail::password_callback_base* callback, asio::error_code& ec);
  673. // Callback used when the SSL implementation wants a password.
  674. ASIO_DECL static int password_callback_function(
  675. char* buf, int size, int purpose, void* data);
  676. // Helper function to set the temporary Diffie-Hellman parameters from a BIO.
  677. ASIO_DECL ASIO_SYNC_OP_VOID do_use_tmp_dh(
  678. BIO* bio, asio::error_code& ec);
  679. // Helper function to make a BIO from a memory buffer.
  680. ASIO_DECL BIO* make_buffer_bio(const const_buffer& b);
  681. // The underlying native implementation.
  682. native_handle_type handle_;
  683. // Ensure openssl is initialised.
  684. asio::ssl::detail::openssl_init<> init_;
  685. };
  686. } // namespace ssl
  687. } // namespace asio
  688. #include "asio/detail/pop_options.hpp"
  689. #include "asio/ssl/impl/context.hpp"
  690. #if defined(ASIO_HEADER_ONLY)
  691. # include "asio/ssl/impl/context.ipp"
  692. #endif // defined(ASIO_HEADER_ONLY)
  693. #endif // ASIO_SSL_CONTEXT_HPP