diff options
Diffstat (limited to 'vmime-master/examples/example6_certificateVerifier.hpp')
| -rw-r--r-- | vmime-master/examples/example6_certificateVerifier.hpp | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/vmime-master/examples/example6_certificateVerifier.hpp b/vmime-master/examples/example6_certificateVerifier.hpp new file mode 100644 index 0000000..3d8bf82 --- /dev/null +++ b/vmime-master/examples/example6_certificateVerifier.hpp @@ -0,0 +1,64 @@ + + +#if VMIME_HAVE_TLS_SUPPORT + +// Certificate verifier (TLS/SSL) +class interactiveCertificateVerifier : public vmime::security::cert::defaultCertificateVerifier { + +public: + + void verify( + const vmime::shared_ptr <vmime::security::cert::certificateChain>& chain, + const vmime::string& hostname + ) { + + try { + + setX509TrustedCerts(m_trustedCerts); + + defaultCertificateVerifier::verify(chain, hostname); + + } catch (vmime::security::cert::certificateException&) { + + // Obtain subject's certificate + vmime::shared_ptr <vmime::security::cert::certificate> cert = chain->getAt(0); + + std::cout << std::endl; + std::cout << "Server sent a '" << cert->getType() << "'" << " certificate." << std::endl; + std::cout << "Do you want to accept this certificate? (Y/n) "; + std::cout.flush(); + + std::string answer; + std::getline(std::cin, answer); + + if (answer.length() != 0 && + (answer[0] == 'Y' || answer[0] == 'y')) { + + // Accept it, and remember user's choice for later + if (cert->getType() == "X.509") { + + m_trustedCerts.push_back( + vmime::dynamicCast <vmime::security::cert::X509Certificate>(cert) + ); + + setX509TrustedCerts(m_trustedCerts); + defaultCertificateVerifier::verify(chain, hostname); + } + + return; + } + + throw vmime::security::cert::certificateException("User did not accept the certificate."); + } + } + +private: + + static std::vector <vmime::shared_ptr <vmime::security::cert::X509Certificate> > m_trustedCerts; +}; + + +std::vector <vmime::shared_ptr <vmime::security::cert::X509Certificate> > + interactiveCertificateVerifier::m_trustedCerts; + +#endif // VMIME_HAVE_TLS_SUPPORT |