OpenSSL improvements

2025-10-16 18:56:52 +02:00 · 2008-09-18 15:54:03 +00:00
parent 5ae8225ece
commit 5f605414ff
6 changed files with 135 additions and 31 deletions
--- a/NetSSL_OpenSSL/include/Poco/Net/Context.h
+++ b/NetSSL_OpenSSL/include/Poco/Net/Context.h
@@ -1,7 +1,7 @@
 //
 // Context.h
 //
-// $Id: //poco/svn/NetSSL_OpenSSL/include/Poco/Net/Context.h#1 $
+// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/Context.h#3 $
 //
 // Library: NetSSL_OpenSSL
 // Package: SSLCore
@@ -41,6 +41,7 @@


 #include "Poco/Net/NetSSL.h"
+#include "Poco/SharedPtr.h"
 #include <openssl/ssl.h>


@@ -52,6 +53,7 @@ class NetSSL_API Context
 	/// This class encapsulates an SSL Context.
 {
 public:
+	typedef Poco::SharedPtr<Context> Ptr;
 	enum VerificationMode 
 	{
 		VERIFY_NONE    = SSL_VERIFY_NONE, 
@@ -80,10 +82,13 @@ public:
 		/// Destroys the Context.

 	SSL_CTX* sslContext() const;
+		/// Returns the OpenSSL SSL Context object.

 	Context::VerificationMode verificationMode() const;
+		/// Returns the verification mode.

 	bool serverContext() const;
+		/// Returns true iff the context is for a server.

 private:
 	SSL_CTX*                  _pSSLContext;
--- a/NetSSL_OpenSSL/include/Poco/Net/SecureSocketImpl.h
+++ b/NetSSL_OpenSSL/include/Poco/Net/SecureSocketImpl.h
@@ -1,7 +1,7 @@
 //
 // SecureSocketImpl.h
 //
-// $Id: //poco/svn/NetSSL_OpenSSL/include/Poco/Net/SecureSocketImpl.h#1 $
+// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/SecureSocketImpl.h#2 $
 //
 // Library: NetSSL_OpenSSL
 // Package: SSLSockets
@@ -42,6 +42,7 @@

 #include "Poco/Net/NetSSL.h"
 #include "Poco/Net/SocketImpl.h"
+#include "Poco/Net/SSLManager.h"
 #include <openssl/bio.h>
 #include <openssl/ssl.h>

@@ -164,6 +165,8 @@ public:
 		/// that works as a tunnel to the given endPoint.
 		/// Only call this method on disconnected sockets.

+	static long postConnectionCheck(SSLManager::ContextPtr pContext, X509* pCert, const std::string& hostName);
+
 protected:
 	void setSockfd(poco_socket_t sock);
 		/// Set a socket description iff no socket is already set.
--- a/NetSSL_OpenSSL/include/Poco/Net/X509Certificate.h
+++ b/NetSSL_OpenSSL/include/Poco/Net/X509Certificate.h
@@ -1,7 +1,7 @@
 //
 // X509Certificate.h
 //
-// $Id: //poco/svn/NetSSL_OpenSSL/include/Poco/Net/X509Certificate.h#1 $
+// $Id: //poco/1.3/NetSSL_OpenSSL/include/Poco/Net/X509Certificate.h#3 $
 //
 // Library: NetSSL_OpenSSL
 // Package: SSLCore
@@ -41,6 +41,8 @@


 #include "Poco/Net/NetSSL.h"
+#include "Poco/Net/Context.h"
+#include "Poco/SharedPtr.h"
 #include <openssl/ssl.h>


@@ -52,9 +54,18 @@ class NetSSL_API X509Certificate
 	/// This class represents an X509 Certificate.
 {
 public:
+	X509Certificate(const std::string& file);
+		/// Loads the X509Certificate from the file
+
 	X509Certificate(X509* pCert);
 		/// Creates the X509Certificate.

+	X509Certificate(const X509Certificate&);
+
+	X509Certificate& operator=(const X509Certificate&);
+
+	void swap(X509Certificate& cert);
+
 	~X509Certificate();
 		/// Destroys the X509Certificate.

@@ -66,6 +77,9 @@ public:
 		
 	const X509* certificate() const;
 		/// Returns the OpenSSL certificate.
+
+	bool verify(const std::string& hostName, Poco::SharedPtr<Context> ptr);
+		/// Verifies the validity of the certificate against the hostname.
 		
 private:
 	void initialize();
@@ -75,6 +89,7 @@ private:
 	std::string _issuerName;
 	std::string _subjectName;
 	X509*       _pCert;
+	std::string _file;
 };