aboutsummaryrefslogtreecommitdiffstats
path: root/contrib/libs/poco/NetSSL_OpenSSL/include/Poco/Net/InvalidCertificateHandler.h
blob: e10faf3cdb2836ca2c83097c3b30a4ddf4e67899 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
//
// InvalidCertificateHandler.h
//
// Library: NetSSL_OpenSSL
// Package: SSLCore
// Module:  InvalidCertificateHandler
//
// Definition of the InvalidCertificateHandler class.
//
// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier:	BSL-1.0
//


#ifndef NetSSL_InvalidCertificateHandler_INCLUDED
#define NetSSL_InvalidCertificateHandler_INCLUDED


#include "Poco/Net/NetSSL.h"
#include "Poco/Net/VerificationErrorArgs.h"


namespace Poco {
namespace Net {


class NetSSL_API InvalidCertificateHandler
	/// A InvalidCertificateHandler is invoked whenever an error occurs verifying the certificate. It allows the user
	/// to inspect and accept/reject the certificate.
	/// One can install one's own InvalidCertificateHandler by implementing this interface. Note that
	/// in the implementation file of the subclass the following code must be present (assuming you use the namespace My_API 
	/// and the name of your handler class is MyGuiHandler):
	///    
	///    #include "Poco/Net/CertificateHandlerFactory.h"
	///    ...
	///    POCO_REGISTER_CHFACTORY(My_API, MyGuiHandler)
	///
	/// One can either set the handler directly in the startup code of the main method of ones application by calling
	///
	///    SSLManager::instance().initialize(mypassphraseHandler, myguiHandler, mySSLContext)
	///
	/// or in case one uses Poco::Util::Application one can rely on an XML configuration and put the following entry
	/// under the path openSSL.invalidCertificateHandler:
	///    
	///    <invalidCertificateHandler>
	///        <name>MyGuiHandler<name>
	///        <options>
	///            [...] // Put optional config params for the handler here
	///        </options>
	///    </invalidCertificateHandler>
	///
	/// Note that the name of the InvalidCertificateHandler must be same as the one provided to the POCO_REGISTER_CHFACTORY macro.
{
public:
	InvalidCertificateHandler(bool handleErrorsOnServerSide);
		/// Creates the InvalidCertificateHandler.
		/// 
		/// Set handleErrorsOnServerSide to true if the certificate handler is used on the server side.
		/// Automatically registers at one of the SSLManager::VerificationError events.

	virtual ~InvalidCertificateHandler();
		/// Destroys the InvalidCertificateHandler.

	virtual void onInvalidCertificate(const void* pSender, VerificationErrorArgs& errorCert) = 0;
		/// Receives the questionable certificate in parameter errorCert. If one wants to accept the
		/// certificate, call errorCert.setIgnoreError(true).

protected:
	bool _handleErrorsOnServerSide;
		/// Stores if the certificate handler gets invoked by the server (i.e. a client certificate is wrong)
		/// or the client (a server certificate is wrong)
};


} } // namespace Poco::Net


#endif // NetSSL_InvalidCertificateHandler_INCLUDED