mirror of
https://github.com/boostorg/beast.git
synced 2025-07-29 20:37:31 +02:00
Verify certificates in client examples:
fix #1237 HTTP client examples now verify the server's certificate and generate an error if the certificate is invalid or expired: * Set certificate verify mode * Remove duplicate root certificate
This commit is contained in:
PeterW3
Vinnie Falco
@ -1,6 +1,7 @@
|
||||
Version 183:
|
||||
|
||||
* Fix a rare case of failed UTF8 validation
|
||||
* Verify certificates in client examples
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
|
||||
@ -15,6 +15,8 @@
|
||||
|
||||
* ([issue 1245]) Fix a rare case of incorrect UTF8 validation
|
||||
|
||||
* ([issue 1237]) Verify certificates in client examples
|
||||
|
||||
[heading Boost 1.68]
|
||||
|
||||
This version fixes a missing executor work guard in all composed operations
|
||||
|
||||
@ -70,26 +70,6 @@ load_root_certificates(ssl::context& ctx, boost::system::error_code& ec)
|
||||
Thumbprint(sha1):
|
||||
de 28 f4 a4 ff e5 b9 2f a3 c5 03 d1 a3 49 a7 f9 96 2a 82 12
|
||||
*/
|
||||
"-----BEGIN CERTIFICATE-----\n"
|
||||
"MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT\n"
|
||||
"MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i\n"
|
||||
"YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG\n"
|
||||
"EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg\n"
|
||||
"R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9\n"
|
||||
"9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq\n"
|
||||
"fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv\n"
|
||||
"iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU\n"
|
||||
"1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+\n"
|
||||
"bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW\n"
|
||||
"MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA\n"
|
||||
"ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l\n"
|
||||
"uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn\n"
|
||||
"Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS\n"
|
||||
"tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF\n"
|
||||
"PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un\n"
|
||||
"hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV\n"
|
||||
"5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==\n"
|
||||
"-----END CERTIFICATE-----\n"
|
||||
;
|
||||
|
||||
ctx.add_certificate_authority(
|
||||
|
||||
@ -225,6 +225,9 @@ int main(int argc, char** argv)
|
||||
|
||||
// This holds the root certificate used for verification
|
||||
load_root_certificates(ctx);
|
||||
|
||||
// Verify the remote server's certificate
|
||||
ctx.set_verify_mode(ssl::verify_peer);
|
||||
|
||||
// Launch the asynchronous operation
|
||||
std::make_shared<session>(ioc, ctx)->run(host, port, target, version);
|
||||
|
||||
@ -146,6 +146,9 @@ int main(int argc, char** argv)
|
||||
|
||||
// This holds the root certificate used for verification
|
||||
load_root_certificates(ctx);
|
||||
|
||||
// Verify the remote server's certificate
|
||||
ctx.set_verify_mode(ssl::verify_peer);
|
||||
|
||||
// Launch the asynchronous operation
|
||||
boost::asio::spawn(ioc, std::bind(
|
||||
|
||||
@ -59,7 +59,10 @@ int main(int argc, char** argv)
|
||||
// This holds the root certificate used for verification
|
||||
load_root_certificates(ctx);
|
||||
|
||||
// These objects perform our I/O
|
||||
// Verify the remote server's certificate
|
||||
ctx.set_verify_mode(ssl::verify_peer);
|
||||
|
||||
// These objects perform our I/O
|
||||
tcp::resolver resolver{ioc};
|
||||
ssl::stream<tcp::socket> stream{ioc, ctx};
|
||||
|
||||
|
||||
Reference in New Issue
Block a user