Ark Server API (ASE) - Wiki
Loading...
Searching...
No Matches
InvalidCertificateHandler.h
Go to the documentation of this file.
1//
2// InvalidCertificateHandler.h
3//
4// Library: NetSSL_OpenSSL
5// Package: SSLCore
6// Module: InvalidCertificateHandler
7//
8// Definition of the InvalidCertificateHandler class.
9//
10// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH.
11// and Contributors.
12//
13// SPDX-License-Identifier: BSL-1.0
14//
15
16
17#ifndef NetSSL_InvalidCertificateHandler_INCLUDED
18#define NetSSL_InvalidCertificateHandler_INCLUDED
19
20
21#include "Poco/Net/NetSSL.h"
22
23
24namespace Poco {
25namespace Net {
26
27
29
30
32 /// A InvalidCertificateHandler is invoked whenever an error occurs verifying the certificate. It allows the user
33 /// to inspect and accept/reject the certificate.
34 /// One can install one's own InvalidCertificateHandler by implementing this interface. Note that
35 /// in the implementation file of the subclass the following code must be present (assuming you use the namespace My_API
36 /// and the name of your handler class is MyGuiHandler):
37 ///
38 /// #include "Poco/Net/CertificateHandlerFactory.h"
39 /// ...
40 /// POCO_REGISTER_CHFACTORY(My_API, MyGuiHandler)
41 ///
42 /// One can either set the handler directly in the startup code of the main method of ones application by calling
43 ///
44 /// SSLManager::instance().initialize(mypassphraseHandler, myguiHandler, mySSLContext)
45 ///
46 /// or in case one uses Poco::Util::Application one can rely on an XML configuration and put the following entry
47 /// under the path openSSL.invalidCertificateHandler:
48 ///
49 /// <invalidCertificateHandler>
50 /// <name>MyGuiHandler<name>
51 /// <options>
52 /// [...] // Put optional config params for the handler here
53 /// </options>
54 /// </invalidCertificateHandler>
55 ///
56 /// Note that the name of the InvalidCertificateHandler must be same as the one provided to the POCO_REGISTER_CHFACTORY macro.
57{
58public:
59 InvalidCertificateHandler(bool handleErrorsOnServerSide);
60 /// Creates the InvalidCertificateHandler.
61 ///
62 /// Set handleErrorsOnServerSide to true if the certificate handler is used on the server side.
63 /// Automatically registers at one of the SSLManager::VerificationError events.
64
66 /// Destroys the InvalidCertificateHandler.
67
68 virtual void onInvalidCertificate(const void* pSender, VerificationErrorArgs& errorCert) = 0;
69 /// Receives the questionable certificate in parameter errorCert. If one wants to accept the
70 /// certificate, call errorCert.setIgnoreError(true).
71
72protected:
74 /// Stores if the certificate handler gets invoked by the server (i.e. a client certificate is wrong)
75 /// or the client (a server certificate is wrong)
76};
77
78
79} } // namespace Poco::Net
80
81
82#endif // NetSSL_InvalidCertificateHandler_INCLUDED
#define ARK_API
Definition Base.h:9
#define POCO_EXTERNAL_OPENSSL
Definition Config.h:189
#define POCO_NO_SOO
Definition Config.h:82
#define POCO_DO_JOIN2(X, Y)
Definition Foundation.h:134
#define POCO_DO_JOIN(X, Y)
Definition Foundation.h:133
#define Foundation_API
Definition Foundation.h:60
#define POCO_JOIN(X, Y)
Definition Foundation.h:132
#define POCO_HAVE_IPv6
Definition Net.h:64
#define Net_API
Definition Net.h:47
#define NetSSL_API
Definition NetSSL.h:48
#define POCO_OS_IRIX
Definition Platform.h:35
#define POCO_OS_TRU64
Definition Platform.h:30
#define POCO_OS_WINDOWS_NT
Definition Platform.h:43
#define POCO_OS_HPUX
Definition Platform.h:29
#define POCO_OS_CYGWIN
Definition Platform.h:39
#define POCO_OS_WINDOWS_CE
Definition Platform.h:44
#define POCO_UNUSED
Definition Platform.h:274
#define POCO_OS_VXWORKS
Definition Platform.h:38
#define POCO_OS_ANDROID
Definition Platform.h:41
#define POCO_OS_QNX
Definition Platform.h:37
#define POCO_OS_AIX
Definition Platform.h:28
#define POCO_OS_LINUX
Definition Platform.h:31
#define POCO_OS_SOLARIS
Definition Platform.h:36
#define POCO_ARCH_AMD64
Definition Platform.h:129
#define OPENSSL_VERSION_PREREQ(maj, min)
Definition Crypto.h:36
#define Crypto_API
Definition Crypto.h:82
RSAPaddingMode
The padding mode used for RSA public key encryption.
Definition Crypto.h:44
@ RSA_PADDING_PKCS1_OAEP
PKCS #1 v1.5 padding. This currently is the most widely used mode.
Definition Crypto.h:48
@ RSA_PADDING_NONE
Definition Crypto.h:52
@ RSA_PADDING_PKCS1
Definition Crypto.h:45
#define POCO_EXTERNAL_OPENSSL_SLPRO
Definition Crypto.h:24
#define poco_ntoh_32(x)
Definition SocketDefs.h:328
#define INADDR_NONE
Definition SocketDefs.h:291
#define INADDR_BROADCAST
Definition SocketDefs.h:299
#define INADDR_ANY
Definition SocketDefs.h:295
#define poco_ntoh_16(x)
Definition SocketDefs.h:326
#define INADDR_LOOPBACK
Definition SocketDefs.h:303
virtual std::unique_ptr< ArkApi::ICommands > & GetCommands()=0
std::mutex RequestMutex_
Definition Requests.cpp:47
void WriteRequest(std::function< void(bool, std::string)> callback, bool success, std::string result)
Definition Requests.cpp:73
std::string GetResponse(Poco::Net::HTTPClientSession *session, Poco::Net::HTTPResponse &response)
Definition Requests.cpp:107
Poco::Net::HTTPRequest ConstructRequest(const std::string &url, Poco::Net::HTTPClientSession *&session, const std::vector< std::string > &headers, const std::string &request_type)
Definition Requests.cpp:79
std::vector< RequestData > RequestsVec_
Definition Requests.cpp:46
Requests(Requests &&)=delete
ARK_API bool CreateGetRequest(const std::string &url, const std::function< void(bool, std::string)> &callback, std::vector< std::string > headers={})
Creates an async GET Request that runs in another thread but calls the callback from the main thread.
Definition Requests.cpp:129
ARK_API bool CreatePostRequest(const std::string &url, const std::function< void(bool, std::string)> &callback, const std::vector< std::string > &post_ids, const std::vector< std::string > &post_data, std::vector< std::string > headers={})
Creates an async POST Request that runs in another thread but calls the callback from the main thread...
Definition Requests.cpp:238
Requests & operator=(Requests &&)=delete
ARK_API bool CreateDeleteRequest(const std::string &url, const std::function< void(bool, std::string)> &callback, std::vector< std::string > headers={})
Creates an async DELETE Request that runs in another thread but calls the callback from the main thre...
Definition Requests.cpp:292
Requests & operator=(const Requests &)=delete
ARK_API bool CreatePostRequest(const std::string &url, const std::function< void(bool, std::string)> &callback, const std::string &post_data, std::vector< std::string > headers={})
Creates an async POST Request with application/x-www-form-urlencoded content type that runs in anothe...
Definition Requests.cpp:162
static ARK_API Requests & Get()
Definition Requests.cpp:67
ARK_API bool CreatePostRequest(const std::string &url, const std::function< void(bool, std::string)> &callback, const std::string &post_data, const std::string &content_type, std::vector< std::string > headers={})
Creates an async POST Request that runs in another thread but calls the callback from the main thread...
Definition Requests.cpp:200
std::unique_ptr< impl > pimpl
Definition Requests.h:84
Requests(const Requests &)=delete
virtual void AddOnTickCallback(const FString &id, const std::function< void(float)> &callback)=0
Added function will be called every frame.
virtual bool RemoveOnTickCallback(const FString &id)=0
Removes a on-tick callback.
Definition Logger.h:9
static std::shared_ptr< spdlog::logger > & GetLog()
Definition Logger.h:22
static std::string what(const char *msg, const char *file, int line, const char *text=0)
static void bugcheck(const char *msg, const char *file, int line)
static void nullPointer(const char *ptr, const char *file, int line)
static void debugger(const char *msg, const char *file, int line)
static void debugger(const char *file, int line)
static void bugcheck(const char *file, int line)
static void assertion(const char *cond, const char *file, int line, const char *text=0)
static void unexpected(const char *file, int line)
This class represents a X509 Certificate.
std::string displayText() const
Returns the exception code if defined.
void init(const Params &params)
void setSessionCacheSize(std::size_t size)
Returns true iff the session cache is enabled.
std::size_t getSessionCacheSize() const
Context::VerificationMode verificationMode() const
Returns true iff the context is for use by a server.
Definition Context.h:466
void requireMinimumProtocol(Protocols protocol)
void enableExtendedCertificateVerification(bool flag=true)
void setInvalidCertificateHandler(InvalidCertificateHandlerPtr pInvalidCertificageHandler)
Usage _usage
Create a SSL_CTX object according to Context configuration.
Definition Context.h:437
Usage usage() const
Returns the underlying OpenSSL SSL Context object.
Definition Context.h:449
SSL_CTX * sslContext() const
Definition Context.h:472
long getSessionTimeout() const
void usePrivateKey(const Poco::Crypto::RSAKey &key)
Add one trusted certification authority to be used by the Context.
void enableSessionCache(bool flag=true)
Returns the verification mode.
void addCertificateAuthority(const Poco::Crypto::X509Certificate &certificate)
Adds a certificate for certificate chain validation.
void usePrivateKey(const Poco::Crypto::EVPPKey &pkey)
bool extendedCertificateVerificationEnabled() const
Definition Context.h:478
bool isForServerUse() const
Definition Context.h:455
void addChainCertificate(const Poco::Crypto::X509Certificate &certificate)
bool _ocspStaplingResponseVerification
Definition Context.h:441
bool ocspStaplingResponseVerificationEnabled() const
Definition Context.h:484
bool _extendedCertificateVerification
Definition Context.h:440
VerificationMode _mode
Definition Context.h:438
@ SERVER_USE
DEPRECATED. Context is used by a client.
Definition Context.h:71
@ TLSV1_2_CLIENT_USE
DEPRECATED. Context is used by a server requiring TLSv1.1 (OpenSSL 1.0.0 or newer).
Definition Context.h:76
@ TLSV1_CLIENT_USE
DEPRECATED. Context is used by a server.
Definition Context.h:72
@ TLSV1_3_SERVER_USE
DEPRECATED. Context is used by a client requiring TLSv1.3 (OpenSSL 1.1.1 or newer).
Definition Context.h:79
@ CLIENT_USE
Context is used by a client for TLSv1 or higher. Use requireMinimumProtocol() or disableProtocols() t...
Definition Context.h:70
@ TLSV1_2_SERVER_USE
DEPRECATED. Context is used by a client requiring TLSv1.2 (OpenSSL 1.0.1 or newer).
Definition Context.h:77
@ TLSV1_SERVER_USE
DEPRECATED. Context is used by a client requiring TLSv1.
Definition Context.h:73
@ TLSV1_3_CLIENT_USE
DEPRECATED. Context is used by a server requiring TLSv1.2 (OpenSSL 1.0.1 or newer).
Definition Context.h:78
@ TLS_SERVER_USE
Context is used by a client for TLSv1 or higher. Use requireMinimumProtocol() or disableProtocols() t...
Definition Context.h:69
@ TLSV1_1_CLIENT_USE
DEPRECATED. Context is used by a server requiring TLSv1.
Definition Context.h:74
@ TLSV1_1_SERVER_USE
DEPRECATED. Context is used by a client requiring TLSv1.1 (OpenSSL 1.0.0 or newer).
Definition Context.h:75
void useCertificate(const Poco::Crypto::X509Certificate &certificate)
Destroys the Context.
void preferServerCiphers()
Context(Usage usage, const Params &params)
InvalidCertificateHandlerPtr _pInvalidCertificateHandler
Definition Context.h:442
void setSessionTimeout(long seconds)
InvalidCertificateHandlerPtr getInvalidCertificateHandler() const
Definition Context.h:490
void disableStatelessSessionResumption()
bool sessionCacheEnabled() const
void disableProtocols(int protocols)
SSL_CTX * _pSSLContext
Definition Context.h:439
virtual std::istream & receiveResponse(HTTPResponse &response)
virtual std::ostream & sendRequest(HTTPRequest &request)
Returns the connection timeout for HTTP connections.
static const std::string HTTP_1_1
void setContentLength(std::streamsize length)
Returns the HTTP version for this message.
HTTPRequest(const std::string &method, const std::string &uri, const std::string &version)
Creates a HTTP/1.0 request with the given method and URI.
static const std::string HTTP_GET
static const std::string HTTP_DELETE
static const std::string HTTP_POST
const std::string & getReason() const
Sets the HTTP reason phrase.
HTTPResponse(HTTPStatus status)
HTTPStatus getStatus() const
HTTPSClientSession(const std::string &host, Poco::UInt16 port, Context::Ptr pContext, Session::Ptr pSession)
std::string proxyRequestPrefix() const
Sends the given HTTPRequest over an existing connection.
HTTPSClientSession(Context::Ptr pContext, Session::Ptr pSession)
HTTPSClientSession(Context::Ptr pContext)
Creates a HTTPSClientSession using the given host and port.
void proxyAuthenticate(HTTPRequest &request)
Checks if we can reuse a persistent connection.
int read(char *buffer, std::streamsize length)
HTTPSClientSession(const HTTPSClientSession &)
void connect(const SocketAddress &address)
Refills the internal buffer.
HTTPSClientSession(const SecureStreamSocket &socket, Session::Ptr pSession)
X509Certificate serverCertificate()
HTTPSClientSession & operator=(const HTTPSClientSession &)
HTTPSClientSession(const std::string &host, Poco::UInt16 port=HTTPS_PORT)
HTTPSClientSession(const SecureStreamSocket &socket)
Creates an unconnected HTTPSClientSession.
HTTPSClientSession(const std::string &host, Poco::UInt16 port, Context::Ptr pContext)
InvalidCertificateHandler(bool handleErrorsOnServerSide)
virtual void onInvalidCertificate(const void *pSender, VerificationErrorArgs &errorCert)=0
Destroys the InvalidCertificateHandler.
RejectCertificateHandler(bool handleErrorsOnServerSide)
void initializeClient(PrivateKeyPassphraseHandlerPtr ptrPassphraseHandler, InvalidCertificateHandlerPtr ptrHandler, Context::Ptr ptrContext)
static SSLManager & instance()
static std::string convertCertificateError(long errCode)
static std::string getLastError()
Converts an SSL certificate handling error code into an error message.
static void clearErrorStack()
Returns the last error from the error stack.
A utility class for certificate error handling.
This stream discards all characters written to it.
Definition NullStream.h:77
static std::streamsize copyStream(std::istream &istr, std::ostream &ostr, std::size_t bufferSize=8192)
const std::string & getHost() const
Sets the user-info part of the URI.
Definition URI.h:385
const std::string & getScheme() const
Definition URI.h:373
URI(const std::string &uri)
Creates an empty URI.
unsigned short getPort() const
Sets the host part of the URI.
std::string getPathAndQuery() const
Returns the encoded path, query and fragment parts of the URI.
void error(const T &)
Definition IBaseApi.h:9
std::unique_ptr< IBaseApi > game_api
Definition IBaseApi.h:25
void Crypto_API uninitializeCrypto()
void Crypto_API initializeCrypto()
std::vector< SocketBuf > SocketBufVec
Definition SocketDefs.h:365
void NetSSL_API initializeSSL()
void Net_API uninitializeNetwork()
void Net_API initializeNetwork()
void NetSSL_API uninitializeSSL()
Definition format.h:408
Definition json.hpp:4518
#define OPENSSL_VERSION_NUMBER
Definition opensslv.h:42
struct ssl_ctx_st SSL_CTX
Definition ossl_typ.h:149
#define SSL_VERIFY_NONE
Definition ssl.h:1099
#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT
Definition ssl.h:1101
#define SSL_VERIFY_PEER
Definition ssl.h:1100
#define SSL_VERIFY_CLIENT_ONCE
Definition ssl.h:1102
std::function< void(bool, std::string)> callback
Definition Requests.cpp:41
Family
Possible address families for socket addresses.
Definition SocketDefs.h:373
std::string privateKeyFile
Initializes the struct with default values.
Definition Context.h:134
std::string certificateFile
Definition Context.h:138
VerificationMode verificationMode
Definition Context.h:149
static std::string escape(const std::string &s, bool strictJSON=false)