Commit e612154

authored

Issue1431 (yhirose#1926)

* Renamed enable_server_host_verification to enable_server_hostname_verification and added Error::SSLServerHostnameVerification * Add some Open SSL function calls * Code cleanup * Fix yhirose#1431

1 parent 82fcbe3 commit e612154Copy full SHA for e612154

File tree

1 file changed

+37

-18

lines changed

httplib.h

1 file changed

+37

-18

lines changed

`‎httplib.h`

Lines changed: 37 additions & 18 deletions

Original file line number	Diff line number	Diff line change
`@@ -1452,6 +1452,7 @@ class ClientImpl {`
`1452`	`1452`	`#ifdef CPPHTTPLIB_OPENSSL_SUPPORT`
`1453`	`1453`	`void enable_server_certificate_verification(bool enabled);`
`1454`	`1454`	`void enable_server_hostname_verification(bool enabled);`
	`1455`	`+ void set_server_certificate_verifier(std::function<bool(SSL *ssl)> verifier);`
`1455`	`1456`	`#endif`
`1456`	`1457`
`1457`	`1458`	`void set_logger(Logger logger);`
`@@ -1567,6 +1568,7 @@ class ClientImpl {`
`1567`	`1568`	`#ifdef CPPHTTPLIB_OPENSSL_SUPPORT`
`1568`	`1569`	`bool server_certificate_verification_ = true;`
`1569`	`1570`	`bool server_hostname_verification_ = true;`
	`1571`	`+ std::function<bool(SSL *ssl)> server_certificate_verifier_;`
`1570`	`1572`	`#endif`
`1571`	`1573`
`1572`	`1574`	`Logger logger_;`
`@@ -1873,6 +1875,7 @@ class Client {`
`1873`	`1875`	`#ifdef CPPHTTPLIB_OPENSSL_SUPPORT`
`1874`	`1876`	`void enable_server_certificate_verification(bool enabled);`
`1875`	`1877`	`void enable_server_hostname_verification(bool enabled);`
	`1878`	`+ void set_server_certificate_verifier(std::function<bool(SSL *ssl)> verifier);`
`1876`	`1879`	`#endif`
`1877`	`1880`
`1878`	`1881`	`void set_logger(Logger logger);`
`@@ -7219,6 +7222,7 @@ inline void ClientImpl::copy_settings(const ClientImpl &rhs) {`
`7219`	`7222`	`#ifdef CPPHTTPLIB_OPENSSL_SUPPORT`
`7220`	`7223`	`server_certificate_verification_ = rhs.server_certificate_verification_;`
`7221`	`7224`	`server_hostname_verification_ = rhs.server_hostname_verification_;`
	`7225`	`+ server_certificate_verifier_ = rhs.server_certificate_verifier_;`
`7222`	`7226`	`#endif`
`7223`	`7227`	`logger_ = rhs.logger_;`
`7224`	`7228`	`}`
`@@ -8700,9 +8704,7 @@ inline X509_STORE ClientImpl::create_ca_cert_store(const char ca_cert,`
`8700`	`8704`	`if (!mem) { return nullptr; }`
`8701`	`8705`
`8702`	`8706`	`auto inf = PEM_X509_INFO_read_bio(mem, nullptr, nullptr, nullptr);`
`8703`		`- if (!inf) {`
`8704`		`- return nullptr;`
`8705`		`- }`
	`8707`	`+ if (!inf) { return nullptr; }`
`8706`	`8708`
`8707`	`8709`	`auto cts = X509_STORE_new();`
`8708`	`8710`	`if (cts) {`
`@@ -8726,6 +8728,11 @@ inline void ClientImpl::enable_server_certificate_verification(bool enabled) {`
`8726`	`8728`	`inline void ClientImpl::enable_server_hostname_verification(bool enabled) {`
`8727`	`8729`	`server_hostname_verification_ = enabled;`
`8728`	`8730`	`}`
	`8731`	`+`
	`8732`	`+inline void ClientImpl::set_server_certificate_verifier(`
	`8733`	`+ std::function<bool(SSL *ssl)> verifier) {`
	`8734`	`+ server_certificate_verifier_ = verifier;`
	`8735`	`+}`
`8729`	`8736`	`#endif`
`8730`	`8737`
`8731`	`8738`	`inline void ClientImpl::set_logger(Logger logger) {`
`@@ -9311,26 +9318,33 @@ inline bool SSLClient::initialize_ssl(Socket &socket, Error &error) {`
`9311`	`9318`	`}`
`9312`	`9319`
`9313`	`9320`	`if (server_certificate_verification_) {`
`9314`		`- verify_result_ = SSL_get_verify_result(ssl2);`
`9315`		`-`
`9316`		`- if (verify_result_ != X509_V_OK) {`
`9317`		`- error = Error::SSLServerVerification;`
`9318`		`- return false;`
`9319`		`- }`
	`9321`	`+ if (server_certificate_verifier_) {`
	`9322`	`+ if (!server_certificate_verifier_(ssl2)) {`
	`9323`	`+ error = Error::SSLServerVerification;`
	`9324`	`+ return false;`
	`9325`	`+ }`
	`9326`	`+ } else {`
	`9327`	`+ verify_result_ = SSL_get_verify_result(ssl2);`
`9320`	`9328`
`9321`		`- auto server_cert = SSL_get1_peer_certificate(ssl2);`
`9322`		`- auto se = detail::scope_exit([&] { X509_free(server_cert); });`
	`9329`	`+ if (verify_result_ != X509_V_OK) {`
	`9330`	`+ error = Error::SSLServerVerification;`
	`9331`	`+ return false;`
	`9332`	`+ }`
`9323`	`9333`
`9324`		`- if (server_cert == nullptr) {`
`9325`		`- error = Error::SSLServerVerification;`
`9326`		`- return false;`
`9327`		`- }`
	`9334`	`+ auto server_cert = SSL_get1_peer_certificate(ssl2);`
	`9335`	`+ auto se = detail::scope_exit([&] { X509_free(server_cert); });`
`9328`	`9336`
`9329`		`- if (server_hostname_verification_) {`
`9330`		`- if (!verify_host(server_cert)) {`
`9331`		`- error = Error::SSLServerHostnameVerification;`
	`9337`	`+ if (server_cert == nullptr) {`
	`9338`	`+ error = Error::SSLServerVerification;`
`9332`	`9339`	`return false;`
`9333`	`9340`	`}`
	`9341`	`+`
	`9342`	`+ if (server_hostname_verification_) {`
	`9343`	`+ if (!verify_host(server_cert)) {`
	`9344`	`+ error = Error::SSLServerHostnameVerification;`
	`9345`	`+ return false;`
	`9346`	`+ }`
	`9347`	`+ }`
`9334`	`9348`	`}`
`9335`	`9349`	`}`
`9336`	`9350`
`@@ -10066,6 +10080,11 @@ inline void Client::enable_server_certificate_verification(bool enabled) {`
`10066`	`10080`	`inline void Client::enable_server_hostname_verification(bool enabled) {`
`10067`	`10081`	`cli_->enable_server_hostname_verification(enabled);`
`10068`	`10082`	`}`
	`10083`	`+`
	`10084`	`+inline void Client::set_server_certificate_verifier(`
	`10085`	`+ std::function<bool(SSL *ssl)> verifier) {`
	`10086`	`+ cli_->set_server_certificate_verifier(verifier);`
	`10087`	`+}`
`10069`	`10088`	`#endif`
`10070`	`10089`
`10071`	`10090`	`inline void Client::set_logger(Logger logger) {`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit e612154

File tree

1 file changed

1 file changed

`‎httplib.h`

0 commit comments