35 #include <boost/utility/string_ref.hpp> 36 #include <boost/asio/ip/tcp.hpp> 37 #include <boost/asio/ssl.hpp> 38 #include <boost/system/error_code.hpp> 40 #define SSL_FINGERPRINT_SIZE 32 76 std::vector<std::vector<std::uint8_t>> fingerprints_;
131 bool handshake(boost::asio::ssl::stream<boost::asio::ip::tcp::socket> &
socket, boost::asio::ssl::stream_base::handshake_type type,
const std::string& host = {})
const;
136 bool is_ssl(
const unsigned char *data,
size_t len);
bool ssl_support_from_string(ssl_support_t &ssl, boost::string_ref s)
constexpr size_t get_ssl_magic_size()
ssl_options_t(ssl_support_t support)
Verification is set to system ca unless SSL is disabled.
bool has_fingerprint(boost::asio::ssl::verify_context &ctx) const
Search against internal fingerprints. Always false if behavior() != user_certificate_check.
bool create_rsa_ssl_certificate(EVP_PKEY *&pkey, X509 *&cert)
std::unique_ptr< void, close > socket
Unique ZMQ socket handle, calls zmq_close on destruction.
void use_ssl_certificate(boost::asio::ssl::context &ssl_context) const
Load private_key_path and certificate_path into ssl_context.
std::string certificate_path
Certificate used for authentication to peer.
Verify peer via system ca only (do not inspect user certificates)
bool is_ssl(const unsigned char *data, size_t len)
Verify peer via specific (possibly chain) certificate(s) only.
ssl_authentication_t auth
bool handshake(boost::asio::ssl::stream< boost::asio::ip::tcp::socket > &socket, boost::asio::ssl::stream_base::handshake_type type, const std::string &host={}) const
std::unique_ptr< void, terminate > context
Unique ZMQ context handle, calls zmq_term on destruction.
Verify peer via specific (non-chain) certificate(s) only.
bool create_ec_ssl_certificate(EVP_PKEY *&pkey, X509 *&cert)
ssl_verification_t verification
bool has_strong_verification(boost::string_ref host) const noexcept
True if host can be verified using this configuration WITHOUT system "root" CAs.
std::string private_key_path
Private key used for authentication.
boost::asio::ssl::context create_context() const
ssl_options_t & operator=(const ssl_options_t &)=default