yuzu/cpp-httplib
1
0
Fork 0
mirror of https://github.com/yhirose/cpp-httplib synced 2024-11-21 14:29:10 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Changed the server certificate verification API

Browse source
This commit is contained in:
yhirose 2019-05-07 16:54:51 -04:00
parent 03a577cccd
commit b08e22ab00
3 changed files with 8 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -209,6 +209,8 @@ SSL support is available with `CPPHTTPLIB_OPENSSL_SUPPORT`. `libssl` and `libcry
SSLServer svr("./cert.pem", "./key.pem");
SSLClient cli("localhost", 8080);
cli.set_ca_cert_path("./ca-bundle.crt");
cli.enable_server_certificate_verification(true);
```
Zlib Support

2
example/client.cc
View file

@ -17,7 +17,7 @@ int main(void) {
httplib::SSLClient cli("localhost", 8080);
// httplib::SSLClient cli("google.com");
cli.set_ca_cert_path(CA_CERT_FILE);
cli.skip_server_certificate_verification(true);
cli.enable_server_certificate_verification(true);
#else
httplib::Client cli("localhost", 8080);
#endif

10
httplib.h
View file

@ -396,7 +396,7 @@ public:
virtual bool is_valid() const;
void set_ca_cert_path(const char *ca_cert_path);
void skip_server_certificate_verification(bool skip);
void enable_server_certificate_verification(bool enabled);
long get_openssl_verify_result() const;
@ -409,7 +409,7 @@ private:
bool verify_host(const std::string &host, X509 *server_cert) const;
std::string ca_cert_path_;
bool skip_server_certificate_verification_ = true;
bool server_certificate_verification_ = false;
SSL_CTX *ctx_;
std::mutex ctx_mutex_;
long verify_result_ = 0;
@ -2367,8 +2367,8 @@ inline void SSLClient::set_ca_cert_path(const char *ca_cert_path) {
ca_cert_path_ = ca_cert_path;
}
inline void SSLClient::skip_server_certificate_verification(bool skip) {
skip_server_certificate_verification_ = skip;
inline void SSLClient::enable_server_certificate_verification(bool enabled) {
server_certificate_verification_ = enabled;
}
inline long SSLClient::get_openssl_verify_result() const {
@ -2394,7 +2394,7 @@ inline bool SSLClient::read_and_close_socket(socket_t sock, Request &req,
if (SSL_connect(ssl) != 1) { return false; }
if (!skip_server_certificate_verification_) {
if (server_certificate_verification_) {
verify_result_ = SSL_get_verify_result(ssl);
if (verify_result_ != X509_V_OK) { return false; }