thijn/SqMod
1
0
Fork 0
mirror of https://github.com/VCMP-SqMod/SqMod.git synced 2025-06-17 07:37:13 +02:00
Code Releases Activity

Major plugin refactor and cleanup.

Browse Source 
Switched to POCO library for unified platform/library interface.
Deprecated the external module API. It was creating more problems than solving.
Removed most built-in libraries in favor of system libraries for easier maintenance.
Cleaned and secured code with help from static analyzers.
This commit is contained in:
Sandu Liviu Catalin
2021-01-30 08:51:39 +02:00
parent e0e34b4030
commit 4a6bfc086c
6219 changed files with 1209835 additions and 454916 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
vendor/POCO/NetSSL_Win/include/Poco/Net/AcceptCertificateHandler.h vendored Normal file
View File

@ -0,0 +1,52 @@
//
// AcceptCertificateHandler.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: AcceptCertificateHandler
//
// Definition of the AcceptCertificateHandler class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_AcceptCertificateHandler_INCLUDED
#define NetSSL_AcceptCertificateHandler_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/InvalidCertificateHandler.h"
namespace Poco {
namespace Net {
class NetSSL_Win_API AcceptCertificateHandler: public InvalidCertificateHandler
/// A AcceptCertificateHandler is invoked whenever an error
/// occurs verifying the certificate. It always accepts
/// the certificate.
///
/// Should be using for testing purposes only.
{
public:
AcceptCertificateHandler(bool handleErrorsOnServerSide);
/// Creates the AcceptCertificateHandler
virtual ~AcceptCertificateHandler();
/// Destroys the AcceptCertificateHandler.
void onInvalidCertificate(const void* pSender, VerificationErrorArgs& errorCert);
/// Receives the questionable certificate in parameter errorCert. If one wants to accept the
/// certificate, call errorCert.setIgnoreError(true).
};
} } // namespace Poco::Net
#endif // NetSSL_AcceptCertificateHandler_INCLUDED

169
vendor/POCO/NetSSL_Win/include/Poco/Net/AutoSecBufferDesc.h vendored Normal file
View File

@ -0,0 +1,169 @@
//
// AutoSecBufferDesc.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: AutoSecBufferDesc
//
// Definition of the AutoSecBufferDesc class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_AutoSecBufferDesc_INCLUDED
#define NetSSL_AutoSecBufferDesc_INCLUDED
#include "Poco/Net/NetSSL.h"
#if defined(POCO_OS_FAMILY_WINDOWS)
#include <windows.h>
#include <wincrypt.h>
#ifndef SECURITY_WIN32
#define SECURITY_WIN32
#include <sspi.h>
#endif
#endif
namespace Poco {
namespace Net {
template <int numBufs>
class AutoSecBufferDesc: public SecBufferDesc
/// AutoSecBufferDesc is a helper class for automatic initialization and release of SecBuffer objects.
{
public:
AutoSecBufferDesc(SecurityFunctionTableW* pSec, bool autoRelease):
/// Creates a AutoSecBufferDesc. If autoRelease is true, the buffers will be released with the provided pSec function.
_pSec(pSec),
_autoRelease(autoRelease)
{
poco_check_ptr (_pSec);
poco_static_assert (numBufs > 0);
initBuffers();
cBuffers = numBufs;
pBuffers = _buffers;
ulVersion = SECBUFFER_VERSION;
}
~AutoSecBufferDesc()
/// Destroys the AutoSecBufferDesc
{
release();
}
void reset(bool autoRelease)
{
release();
_autoRelease = autoRelease;
initBuffers();
cBuffers = numBufs;
pBuffers = _buffers;
ulVersion = SECBUFFER_VERSION;
}
void release()
{
if (_autoRelease)
{
for (int i = 0; i < numBufs; ++i)
{
if (_buffers[i].pvBuffer)
{
_pSec->FreeContextBuffer(_buffers[i].pvBuffer);
}
}
_autoRelease = false;
}
}
SecBuffer& operator [] (Poco::UInt32 idx)
{
return _buffers[idx];
}
const SecBuffer& operator [] (Poco::UInt32 idx) const
{
return _buffers[idx];
}
void release(int idx)
/// Will release the buffer if necessary
{
release(idx, _autoRelease);
}
void setSecBufferEmpty(int idx)
{
release(idx, _autoRelease);
}
void setSecBufferData(int idx, void* pData, int len)
{
setContent(idx, pData, len, SECBUFFER_DATA);
}
void setSecBufferToken(int idx, void* pData, int len)
{
setContent(idx, pData, len, SECBUFFER_TOKEN);
}
void setSecBufferStreamHeader(int idx, void* pData, int len)
{
setContent(idx, pData, len, SECBUFFER_STREAM_HEADER);
}
void setSecBufferStreamTrailer(int idx, void* pData, int len)
{
setContent(idx, pData, len, SECBUFFER_STREAM_TRAILER);
}
private:
AutoSecBufferDesc(const AutoSecBufferDesc& desc);
AutoSecBufferDesc& operator = (const AutoSecBufferDesc& desc);
void release(int idx, bool force)
{
if (force && _buffers[idx].pvBuffer)
_pSec->FreeContextBuffer(_buffers[idx].pvBuffer);
_buffers[idx].pvBuffer = 0;
_buffers[idx].cbBuffer = 0;
_buffers[idx].BufferType = SECBUFFER_EMPTY;
}
void initBuffers()
{
for (int i = 0; i < numBufs; ++i)
{
_buffers[i].pvBuffer = 0;
_buffers[i].cbBuffer = 0;
_buffers[i].BufferType = SECBUFFER_EMPTY;
}
}
void setContent(int idx, void* pData, int len, unsigned long type)
{
release(idx, _autoRelease);
_buffers[idx].pvBuffer = pData;
_buffers[idx].cbBuffer = len;
_buffers[idx].BufferType = type;
}
private:
SecurityFunctionTableW* _pSec;
bool _autoRelease;
SecBuffer _buffers[numBufs];
};
} } // namespace Poco::Net
#endif // NetSSL_AutoSecBufferDesc_INCLUDED

93
vendor/POCO/NetSSL_Win/include/Poco/Net/CertificateHandlerFactory.h vendored Normal file
View File

@ -0,0 +1,93 @@
//
// CertificateHandlerFactory.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: CertificateHandlerFactory
//
// Definition of the CertificateHandlerFactory class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_CertificateHandlerFactory_INCLUDED
#define NetSSL_CertificateHandlerFactory_INCLUDED
#include "Poco/Net/NetSSL.h"
namespace Poco {
namespace Net {
class InvalidCertificateHandler;
class NetSSL_Win_API CertificateHandlerFactory
/// A CertificateHandlerFactory is responsible for creating InvalidCertificateHandlers.
///
/// You don't need to access this class directly. Use the macro
/// POCO_REGISTER_CHFACTORY(namespace, InvalidCertificateHandlerName)
/// instead (see the documentation of InvalidCertificateHandler for an example).
{
public:
CertificateHandlerFactory();
/// Creates the CertificateHandlerFactory.
virtual ~CertificateHandlerFactory();
/// Destroys the CertificateHandlerFactory.
virtual InvalidCertificateHandler* create(bool server) const = 0;
/// Creates a new InvalidCertificateHandler. Set server to true if the certificate handler is used on the server side.
};
class NetSSL_Win_API CertificateHandlerFactoryRegistrar
/// Registrar class which automatically registers CertificateHandlerFactory at the CertificateHandlerFactoryMgr.
/// You don't need to access this class directly. Use the macro
/// POCO_REGISTER_CHFACTORY(namespace, InvalidCertificateHandlerName)
/// instead (see the documentation of InvalidCertificateHandler for an example).
{
public:
CertificateHandlerFactoryRegistrar(const std::string& name, CertificateHandlerFactory* pFactory);
/// Registers the CertificateHandlerFactory with the given name at the factory manager.
virtual ~CertificateHandlerFactoryRegistrar();
/// Destroys the CertificateHandlerFactoryRegistrar.
};
template <typename T>
class CertificateHandlerFactoryImpl: public Poco::Net::CertificateHandlerFactory
{
public:
CertificateHandlerFactoryImpl()
{
}
~CertificateHandlerFactoryImpl()
{
}
InvalidCertificateHandler* create(bool server) const
{
return new T(server);
}
};
} } // namespace Poco::Net
// DEPRECATED: register the factory directly at the FactoryMgr:
// Poco::Net::SSLManager::instance().certificateHandlerFactoryMgr().setFactory(name, new Poco::Net::CertificateHandlerFactoryImpl<MyConsoleHandler>());
#define POCO_REGISTER_CHFACTORY(API, PKCLS) \
static Poco::Net::CertificateHandlerFactoryRegistrar aRegistrar(std::string(#PKCLS), new Poco::Net::CertificateHandlerFactoryImpl<PKCLS>());
#endif // NetSSL_CertificateHandlerFactory_INCLUDED

64
vendor/POCO/NetSSL_Win/include/Poco/Net/CertificateHandlerFactoryMgr.h vendored Normal file
View File

@ -0,0 +1,64 @@
//
// CertificateHandlerFactoryMgr.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: CertificateHandlerFactoryMgr
//
// Definition of the CertificateHandlerFactoryMgr class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_CertificateHandlerFactoryMgr_INCLUDED
#define NetSSL_CertificateHandlerFactoryMgr_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/CertificateHandlerFactory.h"
#include "Poco/SharedPtr.h"
#include <map>
namespace Poco {
namespace Net {
class NetSSL_Win_API CertificateHandlerFactoryMgr
/// A CertificateHandlerFactoryMgr manages all existing CertificateHandlerFactories.
{
public:
using FactoriesMap = std::map<std::string, Poco::SharedPtr<CertificateHandlerFactory>>;
CertificateHandlerFactoryMgr();
/// Creates the CertificateHandlerFactoryMgr.
~CertificateHandlerFactoryMgr();
/// Destroys the CertificateHandlerFactoryMgr.
void setFactory(const std::string& name, CertificateHandlerFactory* pFactory);
/// Registers the factory. Class takes ownership of the pointer.
/// If a factory with the same name already exists, an exception is thrown.
bool hasFactory(const std::string& name) const;
/// Returns true if for the given name a factory is already registered
const CertificateHandlerFactory* getFactory(const std::string& name) const;
/// Returns NULL if for the given name a factory does not exist, otherwise the factory is returned
void removeFactory(const std::string& name);
/// Removes the factory from the manager.
private:
FactoriesMap _factories;
};
} } // namespace Poco::Net
#endif // NetSSL_CertificateHandlerFactoryMgr_INCLUDED

50
vendor/POCO/NetSSL_Win/include/Poco/Net/ConsoleCertificateHandler.h vendored Normal file
View File

@ -0,0 +1,50 @@
//
// ConsoleCertificateHandler.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: ConsoleCertificateHandler
//
// Definition of the ConsoleCertificateHandler class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_ConsoleCertificateHandler_INCLUDED
#define NetSSL_ConsoleCertificateHandler_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/InvalidCertificateHandler.h"
namespace Poco {
namespace Net {
class NetSSL_Win_API ConsoleCertificateHandler: public InvalidCertificateHandler
/// A ConsoleCertificateHandler is invoked whenever an error occurs verifying the certificate.
///
/// The certificate is printed to stdout and the user is asked via console if he wants to accept it.
{
public:
ConsoleCertificateHandler(bool handleErrorsOnServerSide);
/// Creates the ConsoleCertificateHandler.
virtual ~ConsoleCertificateHandler();
/// Destroys the ConsoleCertificateHandler.
void onInvalidCertificate(const void* pSender, VerificationErrorArgs& errorCert);
/// Prints the certificate to stdout and waits for user input on the console
/// to decide if a certificate should be accepted/rejected.
};
} } // namespace Poco::Net
#endif // NetSSL_ConsoleCertificateHandler_INCLUDED

310
vendor/POCO/NetSSL_Win/include/Poco/Net/Context.h vendored Normal file
View File

@ -0,0 +1,310 @@
//
// Context.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: Context
//
// Definition of the Context class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_Context_INCLUDED
#define NetSSL_Context_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/X509Certificate.h"
#include "Poco/RefCountedObject.h"
#include "Poco/AutoPtr.h"
#include "Poco/Mutex.h"
#include <vector>
#if defined(POCO_OS_FAMILY_WINDOWS)
#include <windows.h>
#include <wincrypt.h>
#include <schannel.h>
#ifndef SECURITY_WIN32
#define SECURITY_WIN32
#endif
#include <security.h>
#include <sspi.h>
#endif
namespace Poco {
namespace Net {
class NetSSL_Win_API Context: public Poco::RefCountedObject
/// This class encapsulates context information for
/// an SSL server or client, such as the certificate
/// verification mode and which certificates and
/// protocols to use.
///
/// The Context class is also used to control
/// SSL session caching on the server and client side.
{
public:
using Ptr = Poco::AutoPtr<Context>;
enum Usage
{
TLS_CLIENT_USE, /// Context is used by a client for TLSv1 or higher. Use requireMinimumProtocol() or disableProtocols() to disable undesired older versions.
TLS_SERVER_USE, /// Context is used by a client for TLSv1 or higher. Use requireMinimumProtocol() or disableProtocols() to disable undesired older versions.
CLIENT_USE, /// DEPRECATED. Context is used by a client.
SERVER_USE, /// DEPRECATED. Context is used by a server.
TLSV1_CLIENT_USE, /// DEPRECATED. Context is used by a client requiring TLSv1.
TLSV1_SERVER_USE, /// DEPRECATED. Context is used by a server requiring TLSv1.
TLSV1_1_CLIENT_USE, /// DEPRECATED. Context is used by a client requiring TLSv1.1. Not supported on Windows Embedded Compact.
TLSV1_1_SERVER_USE, /// DEPRECATED. Context is used by a server requiring TLSv1.1. Not supported on Windows Embedded Compact.
TLSV1_2_CLIENT_USE, /// DEPRECATED. Context is used by a client requiring TLSv1.2. Not supported on Windows Embedded Compact.
TLSV1_2_SERVER_USE, /// DEPRECATED. Context is used by a server requiring TLSv1.2. Not supported on Windows Embedded Compact.
TLSV1_3_CLIENT_USE, /// DEPRECATED. Context is used by a client requiring TLSv1.3. Not supported on Windows Embedded Compact.
TLSV1_3_SERVER_USE /// DEPRECATED. Context is used by a server requiring TLSv1.3. Not supported on Windows Embedded Compact.
};
enum VerificationMode
{
VERIFY_NONE = 0,
/// Server: The server will not send a client certificate
/// request to the client, so the client will not send a certificate.
///
/// Client: If not using an anonymous cipher (by default disabled),
/// the server will send a certificate which will be checked, but
/// the result of the check will be ignored.
VERIFY_RELAXED = 1,
/// Server: The server sends a client certificate request to the
/// client. The certificate returned (if any) is checked.
/// If the verification process fails, the TLS/SSL handshake is
/// immediately terminated with an alert message containing the
/// reason for the verification failure.
///
/// Client: The server certificate is verified, if one is provided.
/// If the verification process fails, the TLS/SSL handshake is
/// immediately terminated with an alert message containing the
/// reason for the verification failure.
VERIFY_STRICT = 2,
/// Server: If the client did not return a certificate, the TLS/SSL
/// handshake is immediately terminated with a handshake failure
/// alert.
///
/// Client: Same as VERIFY_RELAXED.
VERIFY_ONCE = 1
/// Same as VERIFY_RELAXED (provided for interface compatibility with
/// the OpenSSL implementation.
};
enum Protocols
{
PROTO_SSLV2 = 0x01,
PROTO_SSLV3 = 0x02,
PROTO_TLSV1 = 0x04,
PROTO_TLSV1_1 = 0x08,
PROTO_TLSV1_2 = 0x10,
PROTO_TLSV1_3 = 0x20
};
enum Options
{
OPT_PERFORM_REVOCATION_CHECK = 0x01,
/// Check certificates against revocation list. Not supported (ignored) on Windows Embedded Compact.
OPT_TRUST_ROOTS_WIN_CERT_STORE = 0x02,
/// Trust root certificates from Windows root certificate store.
OPT_USE_MACHINE_STORE = 0x04,
/// If specified, the windows machine certificate store is used (server only).
/// Otherwise, the user's certificate store is used.
OPT_USE_STRONG_CRYPTO = 0x08,
/// Disable known weak cryptographic algorithms, cipher suites, and
/// SSL/TLS protocol versions that may be otherwise enabled for better interoperability.
OPT_LOAD_CERT_FROM_FILE = 0x10,
/// Load certificate and private key from a PKCS #12 (.pfx) file,
/// and not from the certificate store.
OPT_DEFAULTS = OPT_PERFORM_REVOCATION_CHECK | OPT_TRUST_ROOTS_WIN_CERT_STORE | OPT_USE_STRONG_CRYPTO
};
Context(Usage usage,
const std::string& certificateNameOrPath,
VerificationMode verMode = VERIFY_RELAXED,
int options = OPT_DEFAULTS,
const std::string& certificateStoreName = CERT_STORE_MY);
/// Creates a Context.
///
/// * usage specifies whether the context is used by a client or server,
/// as well as which protocol to use.
/// * certificateNameOrPath specifies either the subject name of the certificate to use,
/// or the path of a PKCS #12 file containing the certificate and corresponding private key.
/// If a subject name is specified, the certificate must be located in the certificate
/// store specified by certificateStoreName. If a path is given, the OPT_LOAD_CERT_FROM_FILE
/// option must be set.
/// * verificationMode specifies whether and how peer certificates are validated.
/// * options is a combination of Option flags.
/// * certificateStoreName specifies the name of the Windows certificate store
/// to use for loading the certificate. Predefined constants
/// CERT_STORE_MY, CERT_STORE_ROOT, etc. can be used.
///
/// Note: you can use OpenSSL to convert a certificate and private key in PEM format
/// into PKCS #12 format required to import into the Context:
///
/// openssl pkcs12 -export -inkey cert.key -in cert.crt -out cert.pfx
~Context();
/// Destroys the Context.
VerificationMode verificationMode() const;
/// Returns the certificate verification mode.
Usage usage() const;
/// Returns whether the context is for use by a client or by a server
/// and whether TLSv1.x is required.
bool isForServerUse() const;
/// Returns true iff the context is for use by a server.
bool sessionCacheEnabled() const;
/// Returns true iff the session cache is enabled.
void enableExtendedCertificateVerification(bool flag = true);
/// Enable or disable the automatic post-connection
/// extended certificate verification.
///
/// See X509Certificate::verify() for more information.
bool extendedCertificateVerificationEnabled() const;
/// Returns true iff automatic extended certificate
/// verification is enabled.
int options() const;
/// Returns the options flags.
void addTrustedCert(const Poco::Net::X509Certificate& cert);
/// Adds the certificate to the trusted certs. Takes ownership of pCert.
void disableProtocols(int protocols);
/// Disables the given protocols.
///
/// The protocols to be disabled are specified by OR-ing
/// values from the Protocols enumeration, e.g.:
///
/// context.disableProtocols(PROTO_SSLV2 | PROTO_SSLV3);
void requireMinimumProtocol(Protocols protocol);
/// Disables all protocol version lower than the given one.
/// To require at least TLS 1.2 or later:
///
/// context.requireMinimumProtocol(PROTO_TLSV1_2);
Poco::Net::X509Certificate certificate();
/// Loads or imports and returns the certificate specified in the constructor.
///
/// Throws a NoCertificateException if the certificate cannot
/// be found or no certificate name has been provided in the constructor.
///
/// May also throw a filesystem-related exception if the certificate file
/// cannot be found.
HCERTSTORE certificateStore() const;
/// Returns a handle to the certificate store.
CredHandle& credentials();
/// Returns a reference to the Schannel credentials for this Context.
static const std::string CERT_STORE_MY;
static const std::string CERT_STORE_ROOT;
static const std::string CERT_STORE_TRUST;
static const std::string CERT_STORE_CA;
static const std::string CERT_STORE_USERDS;
protected:
void init();
void loadCertificate();
void importCertificate();
void importCertificate(const char* pBuffer, std::size_t size);
void acquireSchannelCredentials(CredHandle& credHandle) const;
DWORD proto() const;
DWORD enabledProtocols() const;
private:
Context(const Context&);
Context& operator = (const Context&);
Usage _usage;
Context::VerificationMode _mode;
int _options;
int _disabledProtocols;
bool _extendedCertificateVerification;
std::string _certNameOrPath;
std::string _certStoreName;
HCERTSTORE _hMemCertStore;
HCERTSTORE _hCollectionCertStore;
HCERTSTORE _hRootCertStore;
HCERTSTORE _hCertStore;
PCCERT_CONTEXT _pCert;
CredHandle _hCreds;
SecurityFunctionTableW& _securityFunctions;
mutable Poco::FastMutex _mutex;
};
//
// inlines
//
inline Context::VerificationMode Context::verificationMode() const
{
return _mode;
}
inline Context::Usage Context::usage() const
{
return _usage;
}
inline int Context::options() const
{
return _options;
}
inline bool Context::isForServerUse() const
{
return _usage == SERVER_USE
|| _usage == TLS_SERVER_USE
|| _usage == TLSV1_SERVER_USE
|| _usage == TLSV1_1_SERVER_USE
|| _usage == TLSV1_2_SERVER_USE
|| _usage == TLSV1_3_SERVER_USE;
}
inline bool Context::extendedCertificateVerificationEnabled() const
{
return _extendedCertificateVerification;
}
inline bool Context::sessionCacheEnabled() const
{
return true;
/// Session cache is always enabled with Schannel.
}
inline HCERTSTORE Context::certificateStore() const
{
return _hCollectionCertStore;
}
} } // namespace Poco::Net
#endif // NetSSL_Context_INCLUDED

165
vendor/POCO/NetSSL_Win/include/Poco/Net/HTTPSClientSession.h vendored Normal file
View File

@ -0,0 +1,165 @@
//
// HTTPSClientSession.h
//
// Library: NetSSL_Win
// Package: HTTPSClient
// Module: HTTPSClientSession
//
// Definition of the HTTPSClientSession class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_HTTPSClientSession_INCLUDED
#define NetSSL_HTTPSClientSession_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/Utility.h"
#include "Poco/Net/HTTPClientSession.h"
#include "Poco/Net/Context.h"
#include "Poco/Net/Session.h"
#include "Poco/Net/X509Certificate.h"
namespace Poco {
namespace Net {
class SecureStreamSocket;
class HTTPRequest;
class HTTPResponse;
class NetSSL_Win_API HTTPSClientSession: public HTTPClientSession
/// This class implements the client-side of
/// a HTTPS session.
///
/// To send a HTTPS request to a HTTPS server, first
/// instantiate a HTTPSClientSession object and
/// specify the server's host name and port number.
///
/// Then create a HTTPRequest object, fill it accordingly,
/// and pass it as argument to the sendRequst() method.
///
/// sendRequest() will return an output stream that can
/// be used to send the request body, if there is any.
///
/// After you are done sending the request body, create
/// a HTTPResponse object and pass it to receiveResponse().
///
/// This will return an input stream that can be used to
/// read the response body.
///
/// See RFC 2616 <http://www.faqs.org/rfcs/rfc2616.html> for more
/// information about the HTTP protocol.
///
/// Note that sending requests that neither contain a content length
/// field in the header nor are using chunked transfer encoding will
/// result in a SSL protocol violation, as the framework shuts down
/// the socket after sending the message body. No orderly SSL shutdown
/// will be performed in this case.
///
/// If session caching has been enabled for the Context object passed
/// to the HTTPSClientSession, the HTTPSClientSession class will
/// attempt to reuse a previously obtained Session object in
/// case of a reconnect.
{
public:
enum
{
HTTPS_PORT = 443
};
HTTPSClientSession();
/// Creates an unconnected HTTPSClientSession.
explicit HTTPSClientSession(const SecureStreamSocket& socket);
/// Creates a HTTPSClientSession using the given socket.
/// The socket must not be connected. The session
/// takes ownership of the socket.
HTTPSClientSession(const SecureStreamSocket& socket, Session::Ptr pSession);
/// Creates a HTTPSClientSession using the given socket.
/// The socket must not be connected. The session
/// takes ownership of the socket.
///
/// The given Session is reused, if possible (client session
/// caching is enabled for the given Context, and the server
/// agrees to reuse the session).
HTTPSClientSession(const std::string& host, Poco::UInt16 port = HTTPS_PORT);
/// Creates a HTTPSClientSession using the given host and port.
explicit HTTPSClientSession(Context::Ptr pContext);
/// Creates an unconnected HTTPSClientSession, using the
/// give SSL context.
HTTPSClientSession(Context::Ptr pContext, Session::Ptr pSession);
/// Creates an unconnected HTTPSClientSession, using the
/// give SSL context.
///
/// The given Session is reused, if possible (client session
/// caching is enabled for the given Context, and the server
/// agrees to reuse the session).
HTTPSClientSession(const std::string& host, Poco::UInt16 port, Context::Ptr pContext);
/// Creates a HTTPSClientSession using the given host and port,
/// using the given SSL context.
HTTPSClientSession(const std::string& host, Poco::UInt16 port, Context::Ptr pContext, Session::Ptr pSession);
/// Creates a HTTPSClientSession using the given host and port,
/// using the given SSL context.
///
/// The given Session is reused, if possible (client session
/// caching is enabled for the given Context, and the server
/// agrees to reuse the session).
~HTTPSClientSession();
/// Destroys the HTTPSClientSession and closes
/// the underlying socket.
bool secure() const;
/// Return true iff the session uses SSL or TLS,
/// or false otherwise.
X509Certificate serverCertificate();
/// Returns the server's certificate.
///
/// The certificate is available after the first request has been sent.
Session::Ptr sslSession();
/// Returns the SSL Session object for the current
/// connection, if session caching has been enabled for
/// the HTTPSClientSession's Context. A null pointer is
/// returned otherwise.
///
/// The Session object can be obtained after the first request has
/// been sent.
// HTTPSession
void abort();
protected:
void connect(const SocketAddress& address);
std::string proxyRequestPrefix() const;
void proxyAuthenticate(HTTPRequest& request);
int read(char* buffer, std::streamsize length);
private:
HTTPSClientSession(const HTTPSClientSession&);
HTTPSClientSession& operator = (const HTTPSClientSession&);
Context::Ptr _pContext;
Session::Ptr _pSession;
};
} } // namespace Poco::Net
#endif // Net_HTTPSClientSession_INCLUDED

65
vendor/POCO/NetSSL_Win/include/Poco/Net/HTTPSSessionInstantiator.h vendored Normal file
View File

@ -0,0 +1,65 @@
//
// HTTPSSessionInstantiator.h
//
// Library: NetSSL_Win
// Package: HTTPSClient
// Module: HTTPSSessionInstantiator
//
// Definition of the HTTPSSessionInstantiator class.
//
// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef Net_HTTPSSessionInstantiator_INCLUDED
#define Net_HTTPSSessionInstantiator_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/Context.h"
#include "Poco/Net/Utility.h"
#include "Poco/Net/HTTPSessionInstantiator.h"
#include "Poco/URI.h"
namespace Poco {
namespace Net {
class NetSSL_Win_API HTTPSSessionInstantiator: public HTTPSessionInstantiator
/// The HTTPSessionInstantiator for HTTPSClientSession.
{
public:
HTTPSSessionInstantiator();
/// Creates the HTTPSSessionInstantiator.
HTTPSSessionInstantiator(Context::Ptr pContext);
/// Creates the HTTPSSessionInstantiator using the given SSL context.
~HTTPSSessionInstantiator();
/// Destroys the HTTPSSessionInstantiator.
HTTPClientSession* createClientSession(const Poco::URI& uri);
/// Creates a HTTPSClientSession for the given URI.
static void registerInstantiator();
/// Registers the instantiator with the global HTTPSessionFactory.
static void registerInstantiator(Context::Ptr pContext);
/// Registers the instantiator with the global HTTPSessionFactory using the given SSL context.
static void unregisterInstantiator();
/// Unregisters the factory with the global HTTPSessionFactory.
private:
Context::Ptr _pContext;
};
} } // namespace Poco::Net
#endif // Net_HTTPSSessionInstantiator_INCLUDED

83
vendor/POCO/NetSSL_Win/include/Poco/Net/HTTPSStreamFactory.h vendored Normal file
View File

@ -0,0 +1,83 @@
//
// HTTPSStreamFactory.h
//
// Library: NetSSL_Win
// Package: HTTPSClient
// Module: HTTPSStreamFactory
//
// Definition of the HTTPSStreamFactory class.
//
// Copyright (c) 2006-2009, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_HTTPSStreamFactory_INCLUDED
#define NetSSL_HTTPSStreamFactory_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/HTTPSession.h"
#include "Poco/URIStreamFactory.h"
namespace Poco {
namespace Net {
class NetSSL_Win_API HTTPSStreamFactory: public Poco::URIStreamFactory
/// An implementation of the URIStreamFactory interface
/// that handles secure Hyper-Text Transfer Protocol (https) URIs.
{
public:
HTTPSStreamFactory();
/// Creates the HTTPSStreamFactory.
HTTPSStreamFactory(const std::string& proxyHost, Poco::UInt16 proxyPort = HTTPSession::HTTP_PORT);
/// Creates the HTTPSStreamFactory.
///
/// HTTPS connections will use the given proxy.
HTTPSStreamFactory(const std::string& proxyHost, Poco::UInt16 proxyPort, const std::string& proxyUsername, const std::string& proxyPassword);
/// Creates the HTTPSStreamFactory.
///
/// HTTPS connections will use the given proxy and
/// will be authorized against the proxy using Basic authentication
/// with the given proxyUsername and proxyPassword.
~HTTPSStreamFactory();
/// Destroys the HTTPSStreamFactory.
std::istream* open(const Poco::URI& uri);
/// Creates and opens a HTTPS stream for the given URI.
/// The URI must be a https://... URI.
///
/// Throws a NetException if anything goes wrong.
static void registerFactory();
/// Registers the HTTPSStreamFactory with the
/// default URIStreamOpener instance.
static void unregisterFactory();
/// Unregisters the HTTPSStreamFactory with the
/// default URIStreamOpener instance.
private:
enum
{
MAX_REDIRECTS = 10
};
std::string _proxyHost;
Poco::UInt16 _proxyPort;
std::string _proxyUsername;
std::string _proxyPassword;
};
} } // namespace Poco::Net
#endif // Net_HTTPSStreamFactory_INCLUDED

80
vendor/POCO/NetSSL_Win/include/Poco/Net/InvalidCertificateHandler.h vendored Normal file
View File

@ -0,0 +1,80 @@
//
// InvalidCertificateHandler.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: InvalidCertificateHandler
//
// Definition of the InvalidCertificateHandler class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_InvalidCertificateHandler_INCLUDED
#define NetSSL_InvalidCertificateHandler_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/VerificationErrorArgs.h"
namespace Poco {
namespace Net {
class NetSSL_Win_API InvalidCertificateHandler
/// A InvalidCertificateHandler is invoked whenever an error occurs verifying the certificate. It allows the user
/// to inspect and accept/reject the certificate.
/// One can install one's own InvalidCertificateHandler by implementing this interface. Note that
/// in the implementation file of the subclass the following code must be present (assuming you use the namespace My_API
/// and the name of your handler class is MyGuiHandler):
///
/// #include "Poco/Net/CertificateHandlerFactory.h"
/// ...
/// POCO_REGISTER_CHFACTORY(My_API, MyGuiHandler)
///
/// One can either set the handler directly in the startup code of the main method of ones application by calling
///
/// SSLManager::instance().initialize(mypassphraseHandler, myguiHandler, mySSLContext)
///
/// or in case one uses Poco::Util::Application one can rely on an XML configuration and put the following entry
/// under the path openSSL.invalidCertificateHandler:
///
/// <invalidCertificateHandler>
/// <name>MyGuiHandler<name>
/// <options>
/// [...] // Put optional config params for the handler here
/// </options>
/// </invalidCertificateHandler>
///
/// Note that the name of the InvalidCertificateHandler must be same as the one provided to the POCO_REGISTER_CHFACTORY macro.
{
public:
InvalidCertificateHandler(bool handleErrorsOnServerSide);
/// Creates the InvalidCertificateHandler.
///
/// Set handleErrorsOnServerSide to true if the certificate handler is used on the server side.
/// Automatically registers at one of the SSLManager::VerificationError events.
virtual ~InvalidCertificateHandler();
/// Destroys the InvalidCertificateHandler.
virtual void onInvalidCertificate(const void* pSender, VerificationErrorArgs& errorCert) = 0;
/// Receives the questionable certificate in parameter errorCert. If one wants to accept the
/// certificate, call errorCert.setIgnoreError(true).
protected:
bool _handleErrorsOnServerSide;
/// Stores if the certificate handler gets invoked by the server (i.e. a client certificate is wrong)
/// or the client (a server certificate is wrong)
};
} } // namespace Poco::Net
#endif // NetSSL_InvalidCertificateHandler_INCLUDED

47
vendor/POCO/NetSSL_Win/include/Poco/Net/KeyConsoleHandler.h vendored Normal file
View File

@ -0,0 +1,47 @@
//
// KeyConsoleHandler.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: KeyConsoleHandler
//
// Definition of the KeyConsoleHandler class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_KeyConsoleHandler_INCLUDED
#define NetSSL_KeyConsoleHandler_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/PrivateKeyPassphraseHandler.h"
namespace Poco {
namespace Net {
class NetSSL_Win_API KeyConsoleHandler: public PrivateKeyPassphraseHandler
/// An implementation of PrivateKeyPassphraseHandler that
/// reads the key for a certificate from the console.
{
public:
KeyConsoleHandler(bool server);
/// Creates the KeyConsoleHandler.
~KeyConsoleHandler();
/// Destroys the KeyConsoleHandler.
void onPrivateKeyRequested(const void* pSender, std::string& privateKey);
};
} } // namespace Poco::Net
#endif // NetSSL_KeyConsoleHandler_INCLUDED

51
vendor/POCO/NetSSL_Win/include/Poco/Net/KeyFileHandler.h vendored Normal file
View File

@ -0,0 +1,51 @@
//
// KeyFileHandler.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: KeyFileHandler
//
// Definition of the KeyFileHandler class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_KeyFileHandler_INCLUDED
#define NetSSL_KeyFileHandler_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/PrivateKeyPassphraseHandler.h"
namespace Poco {
namespace Net {
class NetSSL_Win_API KeyFileHandler: public PrivateKeyPassphraseHandler
/// An implementation of PrivateKeyPassphraseHandler that
/// reads the key for a certificate from a configuration file
/// under the path "openSSL.privateKeyPassphraseHandler.options.password".
{
public:
KeyFileHandler(bool server);
/// Creates the KeyFileHandler.
virtual ~KeyFileHandler();
/// Destroys the KeyFileHandler.
void onPrivateKeyRequested(const void* pSender, std::string& privateKey);
private:
static const std::string CFG_PRIV_KEY_FILE;
};
} } // namespace Poco::Net
#endif // NetSSL_KeyFileHandler_INCLUDED

89
vendor/POCO/NetSSL_Win/include/Poco/Net/NetSSL.h vendored Normal file
View File

@ -0,0 +1,89 @@
//
// NetSSL.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: SSLCore
//
// Basic definitions for the Poco NetSSL library.
// This file must be the first file included by every other NetSSL
// header file.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_NetSSL_INCLUDED
#define NetSSL_NetSSL_INCLUDED
#include "Poco/Net/Net.h"
//
// The following block is the standard way of creating macros which make exporting
// from a DLL simpler. All files within this DLL are compiled with the NetSSL_Win_EXPORTS
// symbol defined on the command line. this symbol should not be defined on any project
// that uses this DLL. This way any other project whose source files include this file see
// NetSSL_Win_API functions as being imported from a DLL, wheras this DLL sees symbols
// defined with this macro as being exported.
//
#if (defined(_WIN32) || defined(__CYGWIN__)) && defined(POCO_DLL)
#if defined(NetSSL_Win_EXPORTS)
#define NetSSL_Win_API __declspec(dllexport)
#else
#define NetSSL_Win_API __declspec(dllimport)
#endif
#endif
#if !defined(NetSSL_Win_API)
#if !defined(POCO_NO_GCC_API_ATTRIBUTE) && defined (__GNUC__) && (__GNUC__ >= 4)
#define NetSSL_Win_API __attribute__ ((visibility ("default")))
#else
#define NetSSL_Win_API
#endif
#endif
//
// Allow detection of NetSSL_Win at compile time
//
#define POCO_NETSSL_WIN 1
//
// Automatically link NetSSL library.
//
#if defined(_MSC_VER)
#if !defined(POCO_NO_AUTOMATIC_LIBS) && !defined(NetSSL_Win_EXPORTS)
#pragma comment(lib, "PocoNetSSLWin" POCO_LIB_SUFFIX)
#endif
#endif
namespace Poco {
namespace Net {
void NetSSL_Win_API initializeSSL();
/// Initialize the NetSSL library, as well as the underlying Windows
/// libraries.
///
/// Can be called multiple times; however, for every call to
/// initializeSSL(), a matching call to uninitializeSSL()
/// must be performed.
void NetSSL_Win_API uninitializeSSL();
/// Uninitializes the NetSSL library and
/// shutting down the SSLManager.
} } // namespace Poco::Net
#endif // NetSSL_NetSSL_INCLUDED

95
vendor/POCO/NetSSL_Win/include/Poco/Net/PrivateKeyFactory.h vendored Normal file
View File

@ -0,0 +1,95 @@
//
// PrivateKeyFactory.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: PrivateKeyFactory
//
// Definition of the PrivateKeyFactory class.
//
// Copyright (c) 2006-214, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_PrivateKeyFactory_INCLUDED
#define NetSSL_PrivateKeyFactory_INCLUDED
#include "Poco/Net/NetSSL.h"
namespace Poco {
namespace Net {
class PrivateKeyPassphraseHandler;
class NetSSL_Win_API PrivateKeyFactory
/// A PrivateKeyFactory is responsible for creating PrivateKeyPassphraseHandlers.
///
/// You don't need to access this class directly. Use the macro
/// POCO_REGISTER_KEYFACTORY(namespace, PrivateKeyPassphraseHandlerName)
/// instead (see the documentation of PrivateKeyPassphraseHandler for an example).
{
public:
PrivateKeyFactory();
/// Creates the PrivateKeyFactory.
virtual ~PrivateKeyFactory();
/// Destroys the PrivateKeyFactory.
virtual PrivateKeyPassphraseHandler* create(bool onServer) const = 0;
/// Creates a new PrivateKeyPassphraseHandler
};
class NetSSL_Win_API PrivateKeyFactoryRegistrar
/// Registrar class which automatically registers PrivateKeyFactories at the PrivateKeyFactoryMgr.
///
/// You don't need to access this class directly. Use the macro
/// POCO_REGISTER_KEYFACTORY(namespace, PrivateKeyPassphraseHandlerName)
/// instead (see the documentation of PrivateKeyPassphraseHandler for an example).
{
public:
PrivateKeyFactoryRegistrar(const std::string& name, PrivateKeyFactory* pFactory);
/// Registers the PrivateKeyFactory with the given name at the factory manager.
virtual ~PrivateKeyFactoryRegistrar();
/// Destroys the PrivateKeyFactoryRegistrar.
};
template<typename T>
class PrivateKeyFactoryImpl: public Poco::Net::PrivateKeyFactory
{
public:
PrivateKeyFactoryImpl()
{
}
~PrivateKeyFactoryImpl()
{
}
PrivateKeyPassphraseHandler* create(bool server) const
{
return new T(server);
}
};
} } // namespace Poco::Net
// DEPRECATED: register the factory directly at the FactoryMgr:
// Poco::Net::SSLManager::instance().privateKeyFactoryMgr().setFactory(name, new Poco::Net::PrivateKeyFactoryImpl<MyKeyHandler>());
#define POCO_REGISTER_KEYFACTORY(API, PKCLS) \
static Poco::Net::PrivateKeyFactoryRegistrar aRegistrar(std::string(#PKCLS), new Poco::Net::PrivateKeyFactoryImpl<PKCLS>());
#endif // NetSSL_PrivateKeyFactory_INCLUDED

64
vendor/POCO/NetSSL_Win/include/Poco/Net/PrivateKeyFactoryMgr.h vendored Normal file
View File

@ -0,0 +1,64 @@
//
// PrivateKeyFactoryMgr.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: PrivateKeyFactoryMgr
//
// Definition of the PrivateKeyFactoryMgr class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_PrivateKeyFactoryMgr_INCLUDED
#define NetSSL_PrivateKeyFactoryMgr_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/PrivateKeyFactory.h"
#include "Poco/SharedPtr.h"
#include <map>
namespace Poco {
namespace Net {
class NetSSL_Win_API PrivateKeyFactoryMgr
/// A PrivateKeyFactoryMgr manages all existing PrivateKeyFactories.
{
public:
using FactoriesMap = std::map<std::string, Poco::SharedPtr<PrivateKeyFactory>>;
PrivateKeyFactoryMgr();
/// Creates the PrivateKeyFactoryMgr.
~PrivateKeyFactoryMgr();
/// Destroys the PrivateKeyFactoryMgr.
void setFactory(const std::string& name, PrivateKeyFactory* pFactory);
/// Registers the factory. Class takes ownership of the pointer.
/// If a factory with the same name already exists, an exception is thrown.
bool hasFactory(const std::string& name) const;
/// Returns true if for the given name a factory is already registered
const PrivateKeyFactory* getFactory(const std::string& name) const;
/// Returns NULL if for the given name a factory does not exist, otherwise the factory is returned
void removeFactory(const std::string& name);
/// Removes the factory from the manager.
private:
FactoriesMap _factories;
};
} } // namespace Poco::Net
#endif // NetSSL_PrivateKeyFactoryMgr_INCLUDED

84
vendor/POCO/NetSSL_Win/include/Poco/Net/PrivateKeyPassphraseHandler.h vendored Normal file
View File

@ -0,0 +1,84 @@
//
// PrivateKeyPassphraseHandler.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: PrivateKeyPassphraseHandler
//
// Definition of the PrivateKeyPassphraseHandler class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_PrivateKeyPassphraseHandler_INCLUDED
#define NetSSL_PrivateKeyPassphraseHandler_INCLUDED
#include "Poco/Net/NetSSL.h"
namespace Poco {
namespace Net {
class NetSSL_Win_API PrivateKeyPassphraseHandler
/// A passphrase handler is needed whenever the private key of a certificate is loaded and the certificate is protected
/// by a passphrase. The PrivateKeyPassphraseHandler's task is to provide that passphrase.
/// One can install one's own PrivateKeyPassphraseHandler by implementing this interface. Note that
/// in the implementation file of the subclass the following code must be present (assuming you use the namespace My_API
/// and the name of your handler class is MyGuiHandler):
///
/// #include "Poco/Net/PrivateKeyFactory.h"
/// ...
/// POCO_REGISTER_KEYFACTORY(My_API, MyGuiHandler)
///
/// One can either set the handler directly in the startup code of the main method of ones application by calling
///
/// SSLManager::instance().initialize(myguiHandler, myInvalidCertificateHandler, mySSLContext)
///
/// or in case one's application extends Poco::Util::Application one can use an XML configuration and put the following entry
/// under the path openSSL.privateKeyPassphraseHandler:
///
/// <privateKeyPassphraseHandler>
/// <name>MyGuiHandler</name>
/// <options>
/// [...] // Put optional config params for the handler here
/// </options>
/// </privateKeyPassphraseHandler>
///
/// Note that the name of the passphrase handler must be same as the one provided to the POCO_REGISTER_KEYFACTORY macro.
{
public:
PrivateKeyPassphraseHandler(bool onServerSide);
/// Creates the PrivateKeyPassphraseHandler. Automatically registers at the SSLManager::PrivateKeyPassword event.
virtual ~PrivateKeyPassphraseHandler();
/// Destroys the PrivateKeyPassphraseHandler.
virtual void onPrivateKeyRequested(const void* pSender, std::string& privateKey) = 0;
/// Returns the requested private key in the parameter privateKey.
bool serverSide() const;
private:
bool _serverSide;
};
//
// inlines
//
inline bool PrivateKeyPassphraseHandler::serverSide() const
{
return _serverSide;
}
} } // namespace Poco::Net
#endif // NetSSL_PrivateKeyPassphraseHandler_INCLUDED

48
vendor/POCO/NetSSL_Win/include/Poco/Net/RejectCertificateHandler.h vendored Normal file
View File

@ -0,0 +1,48 @@
//
// RejectCertificateHandler.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: RejectCertificateHandler
//
// Definition of the RejectCertificateHandler class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_RejectCertificateHandler_INCLUDED
#define NetSSL_RejectCertificateHandler_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/InvalidCertificateHandler.h"
namespace Poco {
namespace Net {
class NetSSL_Win_API RejectCertificateHandler: public InvalidCertificateHandler
/// A RejectCertificateHandler is invoked whenever an error
/// occurs verifying the certificate. It always rejects
/// the certificate.
{
public:
RejectCertificateHandler(bool handleErrorsOnServerSide);
/// Creates the RejectCertificateHandler
virtual ~RejectCertificateHandler();
/// Destroys the RejectCertificateHandler.
void onInvalidCertificate(const void* pSender, VerificationErrorArgs& errorCert);
};
} } // namespace Poco::Net
#endif // NetSSL_RejectCertificateHandler_INCLUDED

41
vendor/POCO/NetSSL_Win/include/Poco/Net/SSLException.h vendored Normal file
View File

@ -0,0 +1,41 @@
//
// SSLException.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: SSLException
//
// Definition of the SSLException class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_SSLException_INCLUDED
#define NetSSL_SSLException_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/NetException.h"
namespace Poco {
namespace Net {
POCO_DECLARE_EXCEPTION(NetSSL_Win_API, SSLException, NetException)
POCO_DECLARE_EXCEPTION(NetSSL_Win_API, SSLContextException, SSLException)
POCO_DECLARE_EXCEPTION(NetSSL_Win_API, CertificateException, SSLException)
POCO_DECLARE_EXCEPTION(NetSSL_Win_API, NoCertificateException, CertificateException)
POCO_DECLARE_EXCEPTION(NetSSL_Win_API, InvalidCertificateException, CertificateException)
POCO_DECLARE_EXCEPTION(NetSSL_Win_API, CertificateValidationException, CertificateException)
POCO_DECLARE_EXCEPTION(NetSSL_Win_API, SSLConnectionUnexpectedlyClosedException, SSLException)
} } // namespace Poco::Net
#endif // NetSSL_SSLException_INCLUDED

327
vendor/POCO/NetSSL_Win/include/Poco/Net/SSLManager.h vendored Normal file
View File

@ -0,0 +1,327 @@
//
// SSLManager.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: SSLManager
//
// Definition of the SSLManager class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_SSLManager_INCLUDED
#define NetSSL_SSLManager_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/VerificationErrorArgs.h"
#include "Poco/Net/Context.h"
#include "Poco/Net/PrivateKeyFactoryMgr.h"
#include "Poco/Net/CertificateHandlerFactoryMgr.h"
#include "Poco/Net/InvalidCertificateHandler.h"
#include "Poco/Util/AbstractConfiguration.h"
#include "Poco/BasicEvent.h"
#include "Poco/SharedPtr.h"
#if defined(POCO_OS_FAMILY_WINDOWS)
#include <wincrypt.h>
#include <schannel.h>
#ifndef SECURITY_WIN32
#define SECURITY_WIN32
#endif
#include <security.h>
#include <sspi.h>
#endif
namespace Poco {
namespace Net {
class Context;
class NetSSL_Win_API SSLManager
/// SSLManager is a singleton for holding the default server/client
/// Context and handling callbacks for certificate verification errors
/// and private key passphrases.
///
/// Proper initialization of SSLManager is critical.
///
/// SSLManager can be initialized manually, by calling initializeServer()
/// and/or initializeClient(), or intialization can be automatic. In the latter
/// case, a Poco::Util::Application instance must be available and the required
/// configuration properties must be set (see below).
///
/// Note that manual initialization must happen very early in the application,
/// before defaultClientContext() or defaultServerContext() are called.
///
/// If defaultClientContext() and defaultServerContext() are never called
/// in an application, initialization of SSLManager can be omitted.
/// However, in this case, delegates for the ServerVerificationError,
/// ClientVerificationError and PrivateKeyPassphraseRequired events
/// must be registered.
///
/// An exemplary documentation which sets either the server or client default context and creates
/// a PrivateKeyPassphraseHandler that reads the password from the XML file looks like this:
///
/// <AppConfig>
/// <schannel>
/// <server|client>
/// <certificateName>cert Id</certificateName>
/// <certificateStore>MY</certificateStore>
/// <verificationMode>none|relaxed|strict</verificationMode>
/// <revocationCheck>true|false</revocationCheck>
/// <trustRoots>true|false</trustRoots>
/// <useMachineStore>true|false</useMachineStore>
/// <useStrongCrypto>true|false</useStrongCrypto>
/// <privateKeyPassphraseHandler>
/// <name>KeyFileHandler</name>
/// <options>
/// <password>s3cr3t</password>
/// </options>
/// </privateKeyPassphraseHandler>
/// <invalidCertificateHandler>
/// <name>ConsoleCertificateHandler</name>
/// <options>
/// </options>
/// </invalidCertificateHandler>
/// <requireTLSv1>true|false</requireTLSv1>
/// <requireTLSv1_1>true|false</requireTLSv1_1>
/// <requireTLSv1_2>true|false</requireTLSv1_2>
/// </server|client>
/// </schannel>
/// </AppConfig>
///
/// Following is a list of supported configuration properties. Property names must always
/// be prefixed with openSSL.server or openSSL.client. Some properties are only supported
/// for servers.
///
/// - certificateName (string): The subject name of the certificate to use. The certificate must
/// be available in the Windows user or machine certificate store.
/// - certificatePath (string): The path of a certificate and private key file in PKCS #12 format.
/// - certificateStore (string): The certificate store location to use.
/// Valid values are "MY", "Root", "Trust" or "CA". Defaults to "MY".
/// - verificationMode (string): Specifies whether and how peer certificates are validated (see
/// the Context class for details). Valid values are "none", "relaxed", "strict". Defaults to "relaxed".
/// - revocationCheck (boolean): Enable or disable checking of certificates against revocation list.
/// Defaults to true. Not supported (ignored) on Windows Embedded Compact.
/// - trustRoots (boolean): Trust root certificates from Windows root certificate store. Defaults to true.
/// - useMachineStore (boolean): Use Windows machine certificate store instead of user store (server only).
/// Special user privileges may be required. Defaults to false.
/// - useStrongCrypto (boolean): Disable known weak cryptographic algorithms, cipher suites, and
/// SSL/TLS protocol versions that may be otherwise enabled for better interoperability.
/// Defaults to true.
/// - privateKeyPassphraseHandler.name (string): The name of the class (subclass of PrivateKeyPassphraseHandler)
/// used for obtaining the passphrase for accessing the private key.
/// - privateKeyPassphraseHandler.options.password (string): The password to be used by KeyFileHandler.
/// - invalidCertificateHandler.name: The name of the class (subclass of CertificateHandler)
/// used for confirming invalid certificates.
/// - requireTLSv1 (boolean): Require a TLSv1 connection.
/// - requireTLSv1_1 (boolean): Require a TLSv1.1 connection. Not supported on Windows Embedded Compact.
/// - requireTLSv1_2 (boolean): Require a TLSv1.2 connection. Not supported on Windows Embedded Compact.
{
public:
using PrivateKeyPassphraseHandlerPtr = Poco::SharedPtr<PrivateKeyPassphraseHandler>;
using InvalidCertificateHandlerPtr = Poco::SharedPtr<InvalidCertificateHandler>;
Poco::BasicEvent<VerificationErrorArgs> ServerVerificationError;
/// Fired whenever a certificate verification error is detected by the server during a handshake.
Poco::BasicEvent<VerificationErrorArgs> ClientVerificationError;
/// Fired whenever a certificate verification error is detected by the client during a handshake.
Poco::BasicEvent<std::string> PrivateKeyPassphraseRequired;
/// Fired when a encrypted certificate is loaded. Not setting the password
/// in the event parameter will result in a failure to load the certificate.
static SSLManager& instance();
/// Returns the instance of the SSLManager singleton.
void initializeServer(PrivateKeyPassphraseHandlerPtr ptrPassphraseHandler, InvalidCertificateHandlerPtr pCertificateHandler, Context::Ptr pContext);
/// Initializes the server side of the SSLManager with a default invalid certificate handler and a default context. If this method
/// is never called the SSLmanager will try to initialize its members from an application configuration.
///
/// pCertificateHandler can be 0. However, in this case, event delegates
/// must be registered with the ServerVerificationError event.
///
/// Note: Always create the handlers (or register the corresponding event delegates) before creating
/// the Context.
///
/// Valid initialization code would be:
/// SharedPtr<InvalidCertificateHandler> pInvalidCertHandler = new ConsoleCertificateHandler;
/// Context::Ptr pContext = new Context(Context::SERVER_USE, "mycert");
/// SSLManager::instance().initializeServer(pInvalidCertHandler, pContext);
void initializeClient(PrivateKeyPassphraseHandlerPtr ptrPassphraseHandler, InvalidCertificateHandlerPtr pCertificateHandler, Context::Ptr ptrContext);
/// Initializes the client side of the SSLManager with a default invalid certificate handler and a default context. If this method
/// is never called the SSLmanager will try to initialize its members from an application configuration.
///
/// pCertificateHandler can be 0. However, in this case, event delegates
/// must be registered with the ClientVerificationError event.
///
/// Note: Always create the handlers (or register the corresponding event delegates) before creating
/// the Context, as during creation of the Context the passphrase for the private key might be needed.
///
/// Valid initialization code would be:
/// SharedPtr<InvalidCertificateHandler> pInvalidCertHandler = new ConsoleCertificateHandler;
/// Context::Ptr pContext = new Context(Context::CLIENT_USE, "");
/// SSLManager::instance().initializeClient(pInvalidCertHandler, pContext);
Context::Ptr defaultServerContext();
/// Returns the default Context used by the server.
///
/// Unless initializeServer() has been called, the first call to this method initializes the default Context
/// from the application configuration.
Context::Ptr defaultClientContext();
/// Returns the default Context used by the client.
///
/// Unless initializeClient() has been called, the first call to this method initializes the default Context
/// from the application configuration.
PrivateKeyPassphraseHandlerPtr serverPassphraseHandler();
/// Returns the configured passphrase handler of the server. If none is set, the method will create a default one
/// from an application configuration.
InvalidCertificateHandlerPtr serverCertificateHandler();
/// Returns an initialized certificate handler (used by the server to verify client cert) which determines how invalid certificates are treated.
/// If none is set, it will try to auto-initialize one from an application configuration.
PrivateKeyPassphraseHandlerPtr clientPassphraseHandler();
/// Returns the configured passphrase handler of the client. If none is set, the method will create a default one
/// from an application configuration.
InvalidCertificateHandlerPtr clientCertificateHandler();
/// Returns an initialized certificate handler (used by the client to verify server cert) which determines how invalid certificates are treated.
/// If none is set, it will try to auto-initialize one from an application configuration.
PrivateKeyFactoryMgr& privateKeyFactoryMgr();
/// Returns the private key factory manager which stores the
/// factories for the different registered passphrase handlers for private keys.
CertificateHandlerFactoryMgr& certificateHandlerFactoryMgr();
/// Returns the CertificateHandlerFactoryMgr which stores the
/// factories for the different registered certificate handlers.
void shutdown();
/// Shuts down the SSLManager and releases the default Context
/// objects. After a call to shutdown(), the SSLManager can no
/// longer be used.
///
/// Normally, it's not necessary to call this method directly, as this
/// will be called either by uninitializeSSL(), or when
/// the SSLManager instance is destroyed.
static const std::string CFG_SERVER_PREFIX;
static const std::string CFG_CLIENT_PREFIX;
protected:
SecurityFunctionTableW& securityFunctions();
private:
SSLManager();
/// Creates the SSLManager.
~SSLManager();
/// Destroys the SSLManager.
void initDefaultContext(bool server);
/// Inits the default context, the first time it is accessed.
void initEvents(bool server);
/// Registers delegates at the events according to the configuration.
void initPassphraseHandler(bool server);
/// Inits the passphrase handler.
void initCertificateHandler(bool server);
/// Inits the certificate handler.
void loadSecurityLibrary();
/// Loads the Windows security DLL.
void unloadSecurityLibrary();
/// Unloads the Windows security DLL.
static Poco::Util::AbstractConfiguration& appConfig();
/// Returns the application configuration.
///
/// Throws a InvalidStateException if not application instance
/// is available.
HMODULE _hSecurityModule;
SecurityFunctionTableW _securityFunctions;
PrivateKeyFactoryMgr _factoryMgr;
CertificateHandlerFactoryMgr _certHandlerFactoryMgr;
Context::Ptr _ptrDefaultServerContext;
PrivateKeyPassphraseHandlerPtr _ptrServerPassphraseHandler;
InvalidCertificateHandlerPtr _ptrServerCertificateHandler;
Context::Ptr _ptrDefaultClientContext;
PrivateKeyPassphraseHandlerPtr _ptrClientPassphraseHandler;
InvalidCertificateHandlerPtr _ptrClientCertificateHandler;
Poco::FastMutex _mutex;
static const std::string CFG_CERT_NAME;
static const std::string VAL_CERT_NAME;
static const std::string CFG_CERT_PATH;
static const std::string VAL_CERT_PATH;
static const std::string CFG_CERT_STORE;
static const std::string VAL_CERT_STORE;
static const std::string CFG_VER_MODE;
static const Context::VerificationMode VAL_VER_MODE;
static const std::string CFG_REVOCATION_CHECK;
static const bool VAL_REVOCATION_CHECK;
static const std::string CFG_TRUST_ROOTS;
static const bool VAL_TRUST_ROOTS;
static const std::string CFG_USE_MACHINE_STORE;
static const bool VAL_USE_MACHINE_STORE;
static const std::string CFG_USE_STRONG_CRYPTO;
static const bool VAL_USE_STRONG_CRYPTO;
static const std::string CFG_DELEGATE_HANDLER;
static const std::string VAL_DELEGATE_HANDLER;
static const std::string CFG_CERTIFICATE_HANDLER;
static const std::string VAL_CERTIFICATE_HANDLER;
static const std::string CFG_REQUIRE_TLSV1;
static const std::string CFG_REQUIRE_TLSV1_1;
static const std::string CFG_REQUIRE_TLSV1_2;
static const std::string CFG_REQUIRE_TLSV1_3;
friend class Poco::SingletonHolder<SSLManager>;
friend class SecureSocketImpl;
friend class Context;
};
//
// inlines
//
inline PrivateKeyFactoryMgr& SSLManager::privateKeyFactoryMgr()
{
return _factoryMgr;
}
inline CertificateHandlerFactoryMgr& SSLManager::certificateHandlerFactoryMgr()
{
return _certHandlerFactoryMgr;
}
inline SecurityFunctionTableW& SSLManager::securityFunctions()
{
return _securityFunctions;
}
} } // namespace Poco::Net
#endif // NetSSL_SSLManager_INCLUDED

93
vendor/POCO/NetSSL_Win/include/Poco/Net/SecureSMTPClientSession.h vendored Normal file
View File

@ -0,0 +1,93 @@
//
// SecureSMTPClientSession.h
//
// Library: NetSSL_Win
// Package: Mail
// Module: SecureSMTPClientSession
//
// Definition of the SecureSMTPClientSession class.
//
// Copyright (c) 2010, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef Net_SecureSMTPClientSession_INCLUDED
#define Net_SecureSMTPClientSession_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/SMTPClientSession.h"
#include "Poco/Net/Context.h"
namespace Poco {
namespace Net {
class NetSSL_Win_API SecureSMTPClientSession: public SMTPClientSession
/// This class implements an Simple Mail
/// Transfer Protocol (SMTP, RFC 2821)
/// client for sending e-mail messages that
/// supports the STARTTLS command for secure
/// connections.
///
/// Usage is as follows:
/// 1. Create a SecureSMTPClientSession object.
/// 2. Call login() or login(hostname).
/// 3. Call startTLS() to switch to a secure connection.
/// Check the return value to see if a secure connection
/// has actually been established (not all servers may
/// support STARTTLS).
/// 4. Call any of the login() methods to securely authenticate
/// with a username and password.
/// 5. Send the message(s).
{
public:
explicit SecureSMTPClientSession(const StreamSocket& socket);
/// Creates the SecureSMTPClientSession using
/// the given socket, which must be connected
/// to a SMTP server.
SecureSMTPClientSession(const std::string& host, Poco::UInt16 port = SMTP_PORT);
/// Creates the SecureSMTPClientSession using a socket connected
/// to the given host and port.
virtual ~SecureSMTPClientSession();
/// Destroys the SMTPClientSession.
bool startTLS();
/// Sends a STARTTLS command and, if successful,
/// creates a secure SSL/TLS connection over the
/// existing socket connection.
///
/// Must be called after login() or login(hostname).
/// If successful, login() can be called again
/// to authenticate the user.
///
/// Returns true if the STARTTLS command was successful,
/// false otherwise.
bool startTLS(Context::Ptr pContext);
/// Sends a STARTTLS command and, if successful,
/// creates a secure SSL/TLS connection over the
/// existing socket connection.
///
/// Uses the given Context object for creating
/// the SSL/TLS connection.
///
/// Must be called after login() or login(hostname).
/// If successful, login() can be called again
/// to authenticate the user.
///
/// Returns true if the STARTTLS command was successful,
/// false otherwise.
};
} } // namespace Poco::Net
#endif // Net_SecureSMTPClientSession_INCLUDED

136
vendor/POCO/NetSSL_Win/include/Poco/Net/SecureServerSocket.h vendored Normal file
View File

@ -0,0 +1,136 @@
//
// SecureServerSocket.h
//
// Library: NetSSL_Win
// Package: SSLSockets
// Module: SecureServerSocket
//
// Definition of the SecureServerSocket class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_SecureServerSocket_INCLUDED
#define NetSSL_SecureServerSocket_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/ServerSocket.h"
#include "Poco/Net/Context.h"
namespace Poco {
namespace Net {
class NetSSL_Win_API SecureServerSocket: public ServerSocket
/// A server socket for secure SSL connections.
{
public:
SecureServerSocket();
/// Creates a SSL server socket using the
/// default SSL server context.
///
/// The server socket must be bound to
/// an address and put into listening state.
explicit SecureServerSocket(Context::Ptr pContext);
/// Creates a SSL server socket, using the
/// given SSL context object.
///
/// The server socket must be bound to
/// an address and put into listening state.
SecureServerSocket(const Socket& socket);
/// Creates the SecureServerSocket with the SocketImpl
/// from another socket. The SocketImpl must be
/// a SecureServerSocketImpl, otherwise an InvalidArgumentException
/// will be thrown.
SecureServerSocket(const SocketAddress& address, int backlog = 64);
/// Creates a server socket using the default server SSL context,
/// binds it to the given address and puts it in listening
/// state.
///
/// After successful construction, the server socket
/// is ready to accept connections.
SecureServerSocket(const SocketAddress& address, int backlog, Context::Ptr pContext);
/// Creates a server socket using the given SSL context, binds it
/// to the given address and puts it in listening
/// state.
///
/// After successful construction, the server socket
/// is ready to accept connections.
SecureServerSocket(Poco::UInt16 port, int backlog = 64);
/// Creates a server socket using the default server SSL context,
/// binds it to the given port and puts it in listening
/// state.
///
/// After successful construction, the server socket
/// is ready to accept connections.
SecureServerSocket(Poco::UInt16 port, int backlog, Context::Ptr pContext);
/// Creates a server socket using the given SSL context, binds it
/// to the given port and puts it in listening
/// state.
///
/// After successful construction, the server socket
/// is ready to accept connections.
virtual ~SecureServerSocket();
/// Destroys the StreamSocket.
SecureServerSocket& operator = (const Socket& socket);
/// Assignment operator.
///
/// Releases the socket's SocketImpl and
/// attaches the SocketImpl from the other socket and
/// increments the reference count of the SocketImpl.
StreamSocket acceptConnection(SocketAddress& clientAddr);
/// Get the next completed connection from the
/// socket's completed connection queue.
///
/// If the queue is empty, waits until a connection
/// request completes.
///
/// Returns a new SSL socket for the connection
/// with the client.
///
/// The client socket's address is returned in clientAddr.
///
/// No SSL handshake is performed on the new connection.
/// The SSL handshake will be performed the first time
/// sendBytes(), receiveBytes() or completeHandshake()
/// is called on the returned SecureStreamSocket.
StreamSocket acceptConnection();
/// Get the next completed connection from the
/// socket's completed connection queue.
///
/// If the queue is empty, waits until a connection
/// request completes.
///
/// Returns a new SSL socket for the connection
/// with the client.
///
/// No SSL handshake is performed on the new connection.
/// The SSL handshake will be performed the first time
/// sendBytes(), receiveBytes() or completeHandshake()
/// is called on the returned SecureStreamSocket.
Context::Ptr context() const;
/// Returns the SSL context used by this socket.
};
} } // namespace Poco::Net
#endif // NetSSL_SecureServerSocket_INCLUDED

146
vendor/POCO/NetSSL_Win/include/Poco/Net/SecureServerSocketImpl.h vendored Normal file
View File

@ -0,0 +1,146 @@
//
// SecureServerSocketImpl.h
//
// Library: NetSSL_Win
// Package: SSLSockets
// Module: SecureServerSocketImpl
//
// Definition of the SecureServerSocketImpl class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_SecureServerSocketImpl_INCLUDED
#define NetSSL_SecureServerSocketImpl_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/SecureSocketImpl.h"
#include "Poco/Net/ServerSocketImpl.h"
#include "Poco/Net/Context.h"
namespace Poco {
namespace Net {
class NetSSL_Win_API SecureServerSocketImpl: public ServerSocketImpl
/// The SocketImpl class for SecureServerSocket.
{
public:
SecureServerSocketImpl(Context::Ptr pContext);
/// Creates the SecureServerSocketImpl using the
/// given SSL context object.
SocketImpl* acceptConnection(SocketAddress& clientAddr);
/// Get the next completed connection from the
/// socket's completed connection queue.
///
/// If the queue is empty, waits until a connection
/// request completes.
///
/// Returns a new TCP socket for the connection
/// with the client.
///
/// The client socket's address is returned in clientAddr.
void connect(const SocketAddress& address);
/// Not supported by this kind of socket.
///
/// Throws a Poco::InvalidAccessException.
void connect(const SocketAddress& address, const Poco::Timespan& timeout);
/// Not supported by this kind of socket.
///
/// Throws a Poco::InvalidAccessException.
void connectNB(const SocketAddress& address);
/// Not supported by this kind of socket.
///
/// Throws a Poco::InvalidAccessException.
void bind(const SocketAddress& address, bool reuseAddress = false);
/// Bind a local address to the socket.
///
/// This is usually only done when establishing a server
/// socket. TCP clients should not bind a socket to a
/// specific address.
///
/// If reuseAddress is true, sets the SO_REUSEADDR
/// socket option.
void listen(int backlog = 64);
/// Puts the socket into listening state.
///
/// The socket becomes a passive socket that
/// can accept incoming connection requests.
///
/// The backlog argument specifies the maximum
/// number of connections that can be queued
/// for this socket.
void close();
/// Close the socket.
int sendBytes(const void* buffer, int length, int flags = 0);
/// Not supported by this kind of socket.
///
/// Throws a Poco::InvalidAccessException.
int receiveBytes(void* buffer, int length, int flags = 0);
/// Not supported by this kind of socket.
///
/// Throws a Poco::InvalidAccessException.
int sendTo(const void* buffer, int length, const SocketAddress& address, int flags = 0);
/// Not supported by this kind of socket.
///
/// Throws a Poco::InvalidAccessException.
int receiveFrom(void* buffer, int length, SocketAddress& address, int flags = 0);
/// Not supported by this kind of socket.
///
/// Throws a Poco::InvalidAccessException.
void sendUrgent(unsigned char data);
/// Not supported by this kind of socket.
///
/// Throws a Poco::InvalidAccessException.
bool secure() const;
/// Returns true iff the socket's connection is secure
/// (using SSL or TLS).
Context::Ptr context() const;
/// Returns the SSL context used by this socket.
protected:
~SecureServerSocketImpl();
/// Destroys the SecureServerSocketImpl.
private:
SecureServerSocketImpl(const SecureServerSocketImpl&);
SecureServerSocketImpl& operator = (const SecureServerSocketImpl&);
private:
SecureSocketImpl _impl;
};
//
// inlines
//
inline Context::Ptr SecureServerSocketImpl::context() const
{
return _impl.context();
}
} } // namespace Poco::Net
#endif // NetSSL_SecureServerSocketImpl_INCLUDED

314
vendor/POCO/NetSSL_Win/include/Poco/Net/SecureSocketImpl.h vendored Normal file
View File

@ -0,0 +1,314 @@
//
// SecureSocketImpl.h
//
// Library: NetSSL_Win
// Package: SSLSockets
// Module: SecureSocketImpl
//
// Definition of the SecureSocketImpl class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_SecureSocketImpl_INCLUDED
#define NetSSL_SecureSocketImpl_INCLUDED
#include "Poco/Net/SocketImpl.h"
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/Context.h"
#include "Poco/Net/AutoSecBufferDesc.h"
#include "Poco/Net/X509Certificate.h"
#include "Poco/Buffer.h"
#include <winsock2.h>
#include <windows.h>
#include <wincrypt.h>
#include <schannel.h>
#ifndef SECURITY_WIN32
#define SECURITY_WIN32
#endif
#include <security.h>
#include <sspi.h>
namespace Poco {
namespace Net {
class NetSSL_Win_API SecureSocketImpl
/// The SocketImpl for SecureStreamSocket.
{
public:
enum Mode
{
MODE_CLIENT,
MODE_SERVER
};
SecureSocketImpl(Poco::AutoPtr<SocketImpl> pSocketImpl, Context::Ptr pContext);
/// Creates the SecureSocketImpl.
virtual ~SecureSocketImpl();
/// Destroys the SecureSocketImpl.
SocketImpl* acceptConnection(SocketAddress& clientAddr);
/// Get the next completed connection from the
/// socket's completed connection queue.
///
/// If the queue is empty, waits until a connection
/// request completes.
///
/// Returns a new TCP socket for the connection
/// with the client.
///
/// The client socket's address is returned in clientAddr.
void connect(const SocketAddress& address, bool performHandshake);
/// Initializes the socket and establishes a connection to
/// the TCP server at the given address.
///
/// Can also be used for UDP sockets. In this case, no
/// connection is established. Instead, incoming and outgoing
/// packets are restricted to the specified address.
void connect(const SocketAddress& address, const Poco::Timespan& timeout, bool performHandshake);
/// Initializes the socket, sets the socket timeout and
/// establishes a connection to the TCP server at the given address.
void connectNB(const SocketAddress& address);
/// Initializes the socket and establishes a connection to
/// the TCP server at the given address. Prior to opening the
/// connection the socket is set to nonblocking mode.
void bind(const SocketAddress& address, bool reuseAddress = false);
/// Bind a local address to the socket.
///
/// This is usually only done when establishing a server
/// socket. TCP clients should not bind a socket to a
/// specific address.
///
/// If reuseAddress is true, sets the SO_REUSEADDR
/// socket option.
void listen(int backlog = 64);
/// Puts the socket into listening state.
///
/// The socket becomes a passive socket that
/// can accept incoming connection requests.
///
/// The backlog argument specifies the maximum
/// number of connections that can be queued
/// for this socket.
void shutdown();
/// Shuts down the connection by attempting
/// an orderly SSL shutdown, then actually
/// shutting down the TCP connection.
void close();
/// Close the socket.
void abort();
/// Aborts the connection by closing the
/// underlying TCP connection. No orderly SSL shutdown
/// is performed.
int sendBytes(const void* buffer, int length, int flags = 0);
/// Sends the contents of the given buffer through
/// the socket. Any specified flags are ignored.
///
/// Returns the number of bytes sent, which may be
/// less than the number of bytes specified.
int receiveBytes(void* buffer, int length, int flags = 0);
/// Receives data from the socket and stores it
/// in buffer. Up to length bytes are received.
///
/// Returns the number of bytes received.
void setPeerHostName(const std::string& hostName);
/// Sets the peer host name for certificate validation purposes.
const std::string& getPeerHostName() const;
/// Returns the peer host name.
void verifyPeerCertificate();
/// Performs post-connect (or post-accept) peer certificate validation,
/// using the peer host name set with setPeerHostName(), or the peer's
/// IP address string if no peer host name has been set.
void verifyPeerCertificate(const std::string& hostName);
/// Performs post-connect (or post-accept) peer certificate validation
/// using the given peer host name.
Context::Ptr context() const;
/// Returns the Context.
PCCERT_CONTEXT peerCertificate() const;
/// Returns the peer certificate.
poco_socket_t sockfd();
/// Returns the underlying socket descriptor.
int available() const;
/// Returns the number of bytes available in the buffer.
protected:
enum
{
IO_BUFFER_SIZE = 32768,
TIMEOUT_MILLISECS = 200
};
enum State
{
ST_INITIAL = 0,
ST_CONNECTING,
ST_CLIENTHANDSHAKESTART,
ST_CLIENTHANDSHAKECONDREAD,
ST_CLIENTHANDSHAKEINCOMPLETE,
ST_CLIENTHANDSHAKEOK,
ST_CLIENTHANDSHAKEEXTERROR,
ST_CLIENTHANDSHAKECONTINUE,
ST_VERIFY,
ST_DONE,
ST_ERROR
};
int sendRawBytes(const void* buffer, int length, int flags = 0);
int receiveRawBytes(void* buffer, int length, int flags = 0);
void clientConnectVerify();
void sendInitialTokenOutBuffer();
void performServerHandshake();
bool serverHandshakeLoop(PCtxtHandle phContext, PCredHandle phCred, bool requireClientAuth, bool doInitialRead, bool newContext);
void clientVerifyCertificate(const std::string& hostName);
void verifyCertificateChainClient(PCCERT_CONTEXT pServerCert);
void serverVerifyCertificate();
LONG serverDisconnect(PCredHandle phCreds, CtxtHandle* phContext);
LONG clientDisconnect(PCredHandle phCreds, CtxtHandle* phContext);
bool loadSecurityLibrary();
void initClientContext();
void initServerContext();
PCCERT_CONTEXT loadCertificate(bool mustFindCertificate);
void initCommon();
void cleanup();
void performClientHandshake();
void performInitialClientHandshake();
SECURITY_STATUS performClientHandshakeLoop();
void performClientHandshakeLoopIncompleteMessage();
void performClientHandshakeLoopCondReceive();
void performClientHandshakeLoopReceive();
void performClientHandshakeLoopOK();
void performClientHandshakeLoopInit();
void performClientHandshakeExtraBuffer();
void performClientHandshakeSendOutBuffer();
void performClientHandshakeLoopContinueNeeded();
void performClientHandshakeLoopError();
void performClientHandshakeLoopExtError();
SECURITY_STATUS decodeMessage(BYTE* pBuffer, DWORD bufSize, AutoSecBufferDesc<4>& msg, SecBuffer*& pData, SecBuffer*& pExtra);
SECURITY_STATUS decodeBufferFull(BYTE* pBuffer, DWORD bufSize, char* pOutBuffer, int outLength, int& bytesDecoded);
void stateIllegal();
void stateConnected();
void acceptSSL();
void connectSSL(bool completeHandshake);
void completeHandshake();
static int lastError();
void stateMachine();
State getState() const;
void setState(State st);
static bool isLocalHost(const std::string& hostName);
private:
SecureSocketImpl(const SecureSocketImpl&);
SecureSocketImpl& operator = (const SecureSocketImpl&);
Poco::AutoPtr<SocketImpl> _pSocket;
Context::Ptr _pContext;
Mode _mode;
std::string _peerHostName;
bool _useMachineStore;
bool _clientAuthRequired;
SecurityFunctionTableW& _securityFunctions;
PCCERT_CONTEXT _pOwnCertificate;
PCCERT_CONTEXT _pPeerCertificate;
CredHandle _hCreds;
CtxtHandle _hContext;
DWORD _contextFlags;
Poco::Buffer<BYTE> _overflowBuffer;
Poco::Buffer<BYTE> _sendBuffer;
Poco::Buffer<BYTE> _recvBuffer;
DWORD _recvBufferOffset;
DWORD _ioBufferSize;
SecPkgContext_StreamSizes _streamSizes;
AutoSecBufferDesc<1> _outSecBuffer;
AutoSecBufferDesc<2> _inSecBuffer;
SecBuffer _extraSecBuffer;
SECURITY_STATUS _securityStatus;
State _state;
DWORD _outFlags;
bool _needData;
bool _needHandshake;
friend class SecureStreamSocketImpl;
friend class StateMachine;
};
//
// inlines
//
inline poco_socket_t SecureSocketImpl::sockfd()
{
return _pSocket->sockfd();
}
inline Context::Ptr SecureSocketImpl::context() const
{
return _pContext;
}
inline SecureSocketImpl::State SecureSocketImpl::getState() const
{
return _state;
}
inline void SecureSocketImpl::setState(SecureSocketImpl::State st)
{
_state = st;
}
inline const std::string& SecureSocketImpl::getPeerHostName() const
{
return _peerHostName;
}
inline PCCERT_CONTEXT SecureSocketImpl::peerCertificate() const
{
return _pPeerCertificate;
}
inline int SecureSocketImpl::lastError()
{
return SocketImpl::lastError();
}
} } // namespace Poco::Net
#endif // NetSSL_SecureSocketImpl_INCLUDED

272
vendor/POCO/NetSSL_Win/include/Poco/Net/SecureStreamSocket.h vendored Normal file
View File

@ -0,0 +1,272 @@
//
// SecureStreamSocket.h
//
// Library: NetSSL_Win
// Package: SSLSockets
// Module: SecureStreamSocket
//
// Definition of the SecureStreamSocket class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_SecureStreamSocket_INCLUDED
#define NetSSL_SecureStreamSocket_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/StreamSocket.h"
#include "Poco/Net/Context.h"
#include "Poco/Net/Session.h"
#include "Poco/Net/X509Certificate.h"
namespace Poco {
namespace Net {
class NetSSL_Win_API SecureStreamSocket: public StreamSocket
/// A subclass of StreamSocket for secure SSL sockets.
///
/// A few notes about nonblocking IO:
/// sendBytes() and receiveBytes() can return a
/// negative value when using a nonblocking socket, which means
/// a SSL handshake is currently in progress and more data
/// needs to be read or written for the handshake to continue.
/// If sendBytes() or receiveBytes() return ERR_SSL_WANT_WRITE,
/// sendBytes() must be called as soon as possible (usually, after
/// select() indicates that data can be written). Likewise, if
/// ERR_SSL_WANT_READ is returned, receiveBytes() must be called
/// as soon as data is available for reading (indicated by select()).
///
/// The SSL handshake is delayed until the first sendBytes() or
/// receiveBytes() operation is performed on the socket. No automatic
/// post connection check (checking the peer certificate for a valid
/// hostname) is performed when using nonblocking I/O. To manually
/// perform peer certificate validation, call verifyPeerCertificate()
/// after the SSL handshake has been completed.
{
public:
enum
{
ERR_SSL_WANT_READ = -1,
ERR_SSL_WANT_WRITE = -2
};
SecureStreamSocket();
/// Creates an unconnected secure stream socket
/// using the default client SSL context.
///
/// Before sending or receiving data, the socket
/// must be connected with a call to connect().
explicit SecureStreamSocket(Context::Ptr pContext);
/// Creates an unconnected secure stream socket
/// using the given SSL context.
///
/// Before sending or receiving data, the socket
/// must be connected with a call to connect().
SecureStreamSocket(Context::Ptr pContext, Session::Ptr pSession);
/// Creates an unconnected secure stream socket
/// using the given SSL context.
///
/// Before sending or receiving data, the socket
/// must be connected with a call to connect().
///
/// The given Session is reused, if possible (client session
/// caching is enabled for the given Context, and the server
/// agrees to reuse the session).
explicit SecureStreamSocket(const SocketAddress& address);
/// Creates a secure stream socket using the default
/// client SSL context and connects it to
/// the socket specified by address.
SecureStreamSocket(const SocketAddress& address, Context::Ptr pContext);
/// Creates a secure stream socket using the given
/// client SSL context and connects it to
/// the socket specified by address.
SecureStreamSocket(const SocketAddress& address, Context::Ptr pContext, Session::Ptr pSession);
/// Creates a secure stream socket using the given
/// client SSL context and connects it to
/// the socket specified by address.
///
/// The given Session is reused, if possible (client session
/// caching is enabled for the given Context, and the server
/// agrees to reuse the session).
SecureStreamSocket(const SocketAddress& address, const std::string& hostName);
/// Creates a secure stream socket using the default
/// client SSL context and connects it to
/// the socket specified by address.
///
/// The given host name is used for certificate verification.
SecureStreamSocket(const SocketAddress& address, const std::string& hostName, Context::Ptr pContext);
/// Creates a secure stream socket using the given
/// client SSL context and connects it to
/// the socket specified by address.
///
/// The given host name is used for certificate verification.
SecureStreamSocket(const SocketAddress& address, const std::string& hostName, Context::Ptr pContext, Session::Ptr pSession);
/// Creates a secure stream socket using the given
/// client SSL context and connects it to
/// the socket specified by address.
///
/// The given host name is used for certificate verification.
///
/// The given Session is reused, if possible (client session
/// caching is enabled for the given Context, and the server
/// agrees to reuse the session).
SecureStreamSocket(const Socket& socket);
/// Creates the SecureStreamSocket with the SocketImpl
/// from another socket. The SocketImpl must be
/// a SecureStreamSocketImpl, otherwise an InvalidArgumentException
/// will be thrown.
virtual ~SecureStreamSocket();
/// Destroys the StreamSocket.
SecureStreamSocket& operator = (const Socket& socket);
/// Assignment operator.
///
/// Releases the socket's SocketImpl and
/// attaches the SocketImpl from the other socket and
/// increments the reference count of the SocketImpl.
bool havePeerCertificate() const;
/// Returns true iff the peer has presented a
/// certificate.
X509Certificate peerCertificate() const;
/// Returns the peer's X509 certificate.
///
/// Throws a SSLException if the peer did not
/// present a certificate.
void setPeerHostName(const std::string& hostName);
/// Sets the peer's host name used for certificate validation.
const std::string& getPeerHostName() const;
/// Returns the peer's host name used for certificate validation.
static SecureStreamSocket attach(const StreamSocket& streamSocket);
/// Creates a SecureStreamSocket over an existing socket
/// connection. The given StreamSocket must be connected.
/// A SSL handshake will be performed.
static SecureStreamSocket attach(const StreamSocket& streamSocket, Context::Ptr pContext);
/// Creates a SecureStreamSocket over an existing socket
/// connection. The given StreamSocket must be connected.
/// A SSL handshake will be performed.
static SecureStreamSocket attach(const StreamSocket& streamSocket, Context::Ptr pContext, Session::Ptr pSession);
/// Creates a SecureStreamSocket over an existing socket
/// connection. The given StreamSocket must be connected.
/// A SSL handshake will be performed.
///
/// The given Session is reused, if possible (client session
/// caching is enabled for the given Context, and the server
/// agrees to reuse the session).
static SecureStreamSocket attach(const StreamSocket& streamSocket, const std::string& peerHostName);
/// Creates a SecureStreamSocket over an existing socket
/// connection. The given StreamSocket must be connected.
/// A SSL handshake will be performed.
static SecureStreamSocket attach(const StreamSocket& streamSocket, const std::string& peerHostName, Context::Ptr pContext);
/// Creates a SecureStreamSocket over an existing socket
/// connection. The given StreamSocket must be connected.
/// A SSL handshake will be performed.
static SecureStreamSocket attach(const StreamSocket& streamSocket, const std::string& peerHostName, Context::Ptr pContext, Session::Ptr pSession);
/// Creates a SecureStreamSocket over an existing socket
/// connection. The given StreamSocket must be connected.
/// A SSL handshake will be performed.
///
/// The given Session is reused, if possible (client session
/// caching is enabled for the given Context, and the server
/// agrees to reuse the session).
Context::Ptr context() const;
/// Returns the SSL context used by this socket.
void setLazyHandshake(bool flag = true);
/// Enable lazy SSL handshake. If enabled, the SSL handshake
/// will be performed the first time date is sent or
/// received over the connection.
bool getLazyHandshake() const;
/// Returns true if setLazyHandshake(true) has been called.
void verifyPeerCertificate();
/// Performs post-connect (or post-accept) peer certificate validation,
/// using the peer host name set with setPeerHostName(), or the peer's
/// IP address string if no peer host name has been set.
///
/// Should only be used for non-blocking connections, after the
/// initial SSL handshake has been performed (see completeHandshake()).
void verifyPeerCertificate(const std::string& hostName);
/// Performs post-connect (or post-accept) peer certificate validation
/// using the given host name.
///
/// Should only be used for non-blocking connections, after the
/// initial SSL handshake has been performed (see completeHandshake()).
int completeHandshake();
/// Completes the SSL handshake.
///
/// If the SSL connection was the result of an accept(),
/// the server-side handshake is completed, otherwise
/// a client-side handshake is performed.
///
/// Returns 1 if the handshake was successful, ERR_SSL_WANT_READ or
/// ERR_SSL_WANT_WRITE if more data is required to complete the
/// handshake. In this case, completeHandshake() should be called
/// again, after the necessary condition has been met.
Session::Ptr currentSession();
/// Returns the SSL session of the current connection,
/// for reuse in a future connection (if session caching
/// is enabled).
///
/// If no connection is established, returns null.
void useSession(Session::Ptr pSession);
/// Sets the SSL session to use for the next
/// connection. Setting a previously saved Session
/// object is necessary to enable session caching.
///
/// To remove the currently set session, a null pointer
/// can be given.
///
/// Must be called before connect() to be effective.
bool sessionWasReused();
/// Returns true iff a reused session was negotiated during
/// the handshake.
void abort();
/// Aborts the SSL connection by closing the underlying
/// TCP connection. No orderly SSL shutdown is performed.
protected:
SecureStreamSocket(SocketImpl* pImpl);
friend class SecureServerSocket;
};
} } // namespace Poco::Net
#endif // NetSSL_SecureStreamSocket_INCLUDED

300
vendor/POCO/NetSSL_Win/include/Poco/Net/SecureStreamSocketImpl.h vendored Normal file
View File

@ -0,0 +1,300 @@
//
// SecureStreamSocketImpl.h
//
// Library: NetSSL_Win
// Package: SSLSockets
// Module: SecureStreamSocketImpl
//
// Definition of the SecureStreamSocketImpl class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_SecureStreamSocketImpl_INCLUDED
#define NetSSL_SecureStreamSocketImpl_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/SecureSocketImpl.h"
#include "Poco/Net/StreamSocketImpl.h"
#include "Poco/Net/Context.h"
#include "Poco/Net/Session.h"
#include "Poco/Net/X509Certificate.h"
namespace Poco {
namespace Net {
class NetSSL_Win_API SecureStreamSocketImpl: public StreamSocketImpl
/// This class implements a SSL stream socket.
{
public:
SecureStreamSocketImpl(Context::Ptr pContext);
/// Creates the SecureStreamSocketImpl.
SecureStreamSocketImpl(StreamSocketImpl* pStreamSocket, Context::Ptr pContext);
/// Creates the SecureStreamSocketImpl.
SocketImpl* acceptConnection(SocketAddress& clientAddr);
/// Not supported by a SecureStreamSocket.
///
/// Throws a Poco::InvalidAccessException.
void connect(const SocketAddress& address);
/// Initializes the socket and establishes a connection to
/// the TCP server at the given address.
///
/// Can also be used for UDP sockets. In this case, no
/// connection is established. Instead, incoming and outgoing
/// packets are restricted to the specified address.
void connect(const SocketAddress& address, const Poco::Timespan& timeout);
/// Initializes the socket, sets the socket timeout and
/// establishes a connection to the TCP server at the given address.
void connectNB(const SocketAddress& address);
/// Initializes the socket and establishes a connection to
/// the TCP server at the given address. Prior to opening the
/// connection the socket is set to nonblocking mode.
void bind(const SocketAddress& address, bool reuseAddress = false);
/// Not supported by a SecureStreamSocket.
///
/// Throws a Poco::InvalidAccessException.
void listen(int backlog = 64);
/// Not supported by a SecureStreamSocket.
///
/// Throws a Poco::InvalidAccessException.
void close();
/// Close the socket.
int sendBytes(const void* buffer, int length, int flags = 0);
/// Sends the contents of the given buffer through
/// the socket. Any specified flags are ignored.
///
/// Returns the number of bytes sent, which may be
/// less than the number of bytes specified.
int receiveBytes(void* buffer, int length, int flags = 0);
/// Receives data from the socket and stores it
/// in buffer. Up to length bytes are received.
///
/// Returns the number of bytes received.
int sendTo(const void* buffer, int length, const SocketAddress& address, int flags = 0);
/// Not supported by a SecureStreamSocket.
///
/// Throws a Poco::InvalidAccessException.
int receiveFrom(void* buffer, int length, SocketAddress& address, int flags = 0);
/// Not supported by a SecureStreamSocket.
///
/// Throws a Poco::InvalidAccessException.
void sendUrgent(unsigned char data);
/// Not supported by a SecureStreamSocket.
///
/// Throws a Poco::InvalidAccessException.
int available();
/// Returns the number of bytes available that can be read
/// without causing the socket to block.
///
/// For an SSL connection, returns the number of bytes that
/// can be read from the currently buffered SSL record,
/// before a new record is read from the underlying socket.
void shutdownReceive();
/// Shuts down the receiving part of the socket connection.
///
/// Since SSL does not support a half shutdown, this does
/// nothing.
void shutdownSend();
/// Shuts down the receiving part of the socket connection.
///
/// Since SSL does not support a half shutdown, this does
/// nothing.
void shutdown();
/// Shuts down the SSL connection.
void abort();
/// Aborts the connection by closing the underlying
/// TCP connection. No orderly SSL shutdown is performed.
bool secure() const;
/// Returns true iff the socket's connection is secure
/// (using SSL or TLS).
void setPeerHostName(const std::string& hostName);
/// Sets the peer host name for certificate validation purposes.
const std::string& getPeerHostName() const;
/// Returns the peer host name.
bool havePeerCertificate() const;
/// Returns true iff the peer has presented a
/// certificate.
X509Certificate peerCertificate() const;
/// Returns the peer's X509 certificate.
///
/// Throws a SSLException if the peer did not
/// present a certificate.
Context::Ptr context() const;
/// Returns the SSL context used by this socket.
void setLazyHandshake(bool flag = true);
/// Enable lazy SSL handshake. If enabled, the SSL handshake
/// will be performed the first time date is sent or
/// received over the connection.
bool getLazyHandshake() const;
/// Returns true if setLazyHandshake(true) has been called.
void verifyPeerCertificate();
/// Performs post-connect (or post-accept) peer certificate validation,
/// using the peer's IP address as host name.
void verifyPeerCertificate(const std::string& hostName);
/// Performs post-connect (or post-accept) peer certificate validation
/// using the given host name.
int completeHandshake();
/// Completes the SSL handshake.
///
/// If the SSL connection was the result of an accept(),
/// the server-side handshake is completed, otherwise
/// a client-side handshake is performed.
Session::Ptr currentSession();
/// Returns the SSL session of the current connection,
/// for reuse in a future connection (if session caching
/// is enabled).
///
/// If no connection is established, returns null.
void useSession(Session::Ptr pSession);
/// Sets the SSL session to use for the next
/// connection. Setting a previously saved Session
/// object is necessary to enable session caching.
///
/// To remove the currently set session, a null pointer
/// can be given.
///
/// Must be called before connect() to be effective.
bool sessionWasReused();
/// Returns true iff a reused session was negotiated during
/// the handshake.
protected:
void acceptSSL();
/// Performs a SSL server-side handshake.
void connectSSL();
/// Performs a SSL client-side handshake on an already connected TCP socket.
~SecureStreamSocketImpl();
/// Destroys the SecureStreamSocketImpl.
static int lastError();
static void error();
static void error(const std::string& arg);
static void error(int code);
static void error(int code, const std::string& arg);
private:
SecureStreamSocketImpl(const SecureStreamSocketImpl&);
SecureStreamSocketImpl& operator = (const SecureStreamSocketImpl&);
SecureSocketImpl _impl;
bool _lazyHandshake;
friend class SecureSocketImpl;
friend class SecureStreamSocket;
};
//
// inlines
//
inline const std::string& SecureStreamSocketImpl::getPeerHostName() const
{
return _impl.getPeerHostName();
}
inline void SecureStreamSocketImpl::setPeerHostName(const std::string& peerHostName)
{
_impl.setPeerHostName(peerHostName);
}
inline Context::Ptr SecureStreamSocketImpl::context() const
{
return _impl.context();
}
inline Session::Ptr SecureStreamSocketImpl::currentSession()
{
return Session::Ptr();//_impl.currentSession();
}
inline void SecureStreamSocketImpl::useSession(Session::Ptr pSession)
{
//_impl.useSession(pSession);
}
inline bool SecureStreamSocketImpl::sessionWasReused()
{
return false;//_impl.sessionWasReused();
}
inline int SecureStreamSocketImpl::lastError()
{
return SocketImpl::lastError();
}
inline void SecureStreamSocketImpl::error()
{
return SocketImpl::error();
}
inline void SecureStreamSocketImpl::error(const std::string& arg)
{
return SocketImpl::error(arg);
}
inline void SecureStreamSocketImpl::error(int code)
{
return SocketImpl::error(code);
}
inline void SecureStreamSocketImpl::error(int code, const std::string& arg)
{
return SocketImpl::error(code, arg);
}
} } // namespace Poco::Net
#endif // NetSSL_SecureStreamSocketImpl_INCLUDED

67
vendor/POCO/NetSSL_Win/include/Poco/Net/Session.h vendored Normal file
View File

@ -0,0 +1,67 @@
//
// Session.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: Session
//
// Definition of the Session class.
//
// Copyright (c) 2010-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_Session_INCLUDED
#define NetSSL_Session_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/RefCountedObject.h"
#include "Poco/AutoPtr.h"
namespace Poco {
namespace Net {
class NetSSL_Win_API Session: public Poco::RefCountedObject
/// This class encapsulates a SSL session object
/// used with session caching on the client side.
///
/// For session caching to work, a client must
/// save the session object from an existing connection,
/// if it wants to reuse it with a future connection.
{
public:
using Ptr = Poco::AutoPtr<Session>;
protected:
Session();
/// Creates a new Session object, using the given
/// SSL_SESSION object.
///
/// The SSL_SESSION's reference count is not changed.
~Session();
/// Destroys the Session.
///
/// Calls SSL_SESSION_free() on the stored
/// SSL_SESSION object.
private:
friend class SecureSocketImpl;
};
//
// inlines
//
} } // namespace Poco::Net
#endif // NetSSL_Session_INCLUDED

50
vendor/POCO/NetSSL_Win/include/Poco/Net/Utility.h vendored Normal file
View File

@ -0,0 +1,50 @@
//
// Utility.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: Utility
//
// Definition of the Utility class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_Utility_INCLUDED
#define NetSSL_Utility_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/Context.h"
#include <map>
namespace Poco {
namespace Net {
class NetSSL_Win_API Utility
/// Various helper functions.
{
public:
static Context::VerificationMode convertVerificationMode(const std::string& verMode);
/// Non-case sensitive conversion of a string to a VerificationMode enum.
/// If verMode is illegal an OptionException is thrown.
static const std::string& formatError(long errCode);
/// Converts an winerror.h code into human readable form.
private:
static std::map<long, const std::string> initSSPIErr();
static Poco::FastMutex _mutex;
};
} } // namespace Poco::Net
#endif // NetSSL_Utility_INCLUDED

108
vendor/POCO/NetSSL_Win/include/Poco/Net/VerificationErrorArgs.h vendored Normal file
View File

@ -0,0 +1,108 @@
//
// VerificationErrorArgs.h
//
// Library: NetSSL_Win
// Package: SSLCore
// Module: VerificationErrorArgs
//
// Definition of the VerificationErrorArgs class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_VerificationErrorArgs_INCLUDED
#define NetSSL_VerificationErrorArgs_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/Net/X509Certificate.h"
namespace Poco {
namespace Net {
class NetSSL_Win_API VerificationErrorArgs
/// A utility class for certificate error handling.
{
public:
VerificationErrorArgs(const X509Certificate& cert, int errDepth, int errNum, const std::string& errMsg);
/// Creates the VerificationErrorArgs. _ignoreError is per default set to false.
~VerificationErrorArgs();
/// Destroys the VerificationErrorArgs.
const X509Certificate& certificate() const;
/// Returns the certificate that caused the error.
int errorDepth() const;
/// Returns the position of the certificate in the certificate chain.
int errorNumber() const;
/// Returns the id of the error
const std::string& errorMessage() const;
/// Returns the textual presentation of the errorNumber.
void setIgnoreError(bool ignoreError);
/// setIgnoreError to true, if a verification error is judged non-fatal by the user.
bool getIgnoreError() const;
/// returns the value of _ignoreError
private:
X509Certificate _cert;
int _errorDepth;
int _errorNumber;
std::string _errorMessage; /// Textual representation of the _errorNumber
bool _ignoreError;
};
//
// inlines
//
inline const X509Certificate& VerificationErrorArgs::certificate() const
{
return _cert;
}
inline int VerificationErrorArgs::errorDepth() const
{
return _errorDepth;
}
inline int VerificationErrorArgs::errorNumber() const
{
return _errorNumber;
}
inline const std::string& VerificationErrorArgs::errorMessage() const
{
return _errorMessage;
}
inline void VerificationErrorArgs::setIgnoreError(bool ignoreError)
{
_ignoreError = ignoreError;
}
inline bool VerificationErrorArgs::getIgnoreError() const
{
return _ignoreError;
}
} } // namespace Poco::Net
#endif // NetSSL_VerificationErrorArgs_INCLUDED

204
vendor/POCO/NetSSL_Win/include/Poco/Net/X509Certificate.h vendored Normal file
View File

@ -0,0 +1,204 @@
//
// X509Certificate.h
//
// Library: NetSSL_Win
// Package: Certificate
// Module: X509Certificate
//
// Definition of the X509Certificate class.
//
// Copyright (c) 2006-2014, Applied Informatics Software Engineering GmbH.
// and Contributors.
//
// SPDX-License-Identifier: BSL-1.0
//
#ifndef NetSSL_X509Certificate_INCLUDED
#define NetSSL_X509Certificate_INCLUDED
#include "Poco/Net/NetSSL.h"
#include "Poco/DateTime.h"
#include <set>
#include <istream>
#if defined(POCO_OS_FAMILY_WINDOWS)
#include <wincrypt.h>
#endif
namespace Poco {
namespace Net {
class NetSSL_Win_API X509Certificate
/// This class represents a X509 Certificate.
{
public:
enum NID
/// Name identifier for extracting information from
/// a certificate subject's or issuer's distinguished name.
{
NID_COMMON_NAME,
NID_COUNTRY,
NID_LOCALITY_NAME,
NID_STATE_OR_PROVINCE,
NID_ORGANIZATION_NAME,
NID_ORGANIZATION_UNIT_NAME
};
explicit X509Certificate(const std::string& certPath);
/// Creates the X509Certificate object by reading
/// a certificate in PEM or DER format from a file.
explicit X509Certificate(std::istream& istr);
/// Creates the X509Certificate object by reading
/// a certificate in PEM or DER format from a stream.
X509Certificate(const std::string& certName, const std::string& certStoreName, bool useMachineStore = false);
/// Creates the X509Certificate object by loading
/// a certificate from the specified certificate store.
///
/// If useSystemStore is true, the machine's certificate store is used,
/// otherwise the user's certificate store.
explicit X509Certificate(PCCERT_CONTEXT pCert);
/// Creates the X509Certificate from an existing
/// WinCrypt certificate. Ownership is taken of
/// the certificate.
X509Certificate(PCCERT_CONTEXT pCert, bool shared);
/// Creates the X509Certificate from an existing
/// WinCrypt certificate. Ownership is taken of
/// the certificate. If shared is true, the
/// certificate's reference count is incremented.
X509Certificate(const X509Certificate& cert);
/// Creates the certificate by copying another one.
X509Certificate(X509Certificate&& cert) noexcept;
/// Creates the certificate by moving another one.
X509Certificate& operator = (const X509Certificate& cert);
/// Assigns a certificate.
X509Certificate& operator = (X509Certificate&& cert) noexcept;
/// Move-assigns a certificate.
void swap(X509Certificate& cert);
/// Exchanges the certificate with another one.
~X509Certificate();
/// Destroys the X509Certificate.
const std::string& issuerName() const;
/// Returns the certificate issuer's distinguished name.
std::string issuerName(NID nid) const;
/// Extracts the information specified by the given
/// NID (name identifier) from the certificate issuer's
/// distinguished name.
const std::string& subjectName() const;
/// Returns the certificate subject's distinguished name.
std::string subjectName(NID nid) const;
/// Extracts the information specified by the given
/// NID (name identifier) from the certificate subject's
/// distinguished name.
std::string commonName() const;
/// Returns the common name stored in the certificate
/// subject's distinguished name.
void extractNames(std::string& commonName, std::set<std::string>& domainNames) const;
/// Extracts the common name and the alias domain names from the
/// certificate.
Poco::DateTime validFrom() const;
/// Returns the date and time the certificate is valid from.
Poco::DateTime expiresOn() const;
/// Returns the date and time the certificate expires.
bool issuedBy(const X509Certificate& issuerCertificate) const;
/// Checks whether the certificate has been issued by
/// the issuer given by issuerCertificate. This can be
/// used to validate a certificate chain.
///
/// Verifies that the given certificate is contained in the
/// certificate's issuer certificate chain.
///
/// Returns true if verification against the issuer certificate
/// was successful, false otherwise.
bool verify(const std::string& hostName) const;
/// Verifies the validity of the certificate against the host name.
///
/// For this check to be successful, the certificate must contain
/// a domain name that matches the domain name
/// of the host.
///
/// Returns true if verification succeeded, or false otherwise.
static bool verify(const Poco::Net::X509Certificate& cert, const std::string& hostName);
/// Verifies the validity of the certificate against the host name.
///
/// For this check to be successful, the certificate must contain
/// a domain name that matches the domain name
/// of the host.
///
/// Returns true if verification succeeded, or false otherwise.
const PCCERT_CONTEXT system() const;
/// Returns the underlying WinCrypt certificate.
protected:
void init();
/// Extracts issuer and subject name from the certificate.
static void* nid2oid(NID nid);
/// Returns the OID for the given NID.
void loadCertificate(const std::string& certName, const std::string& certStoreName, bool useMachineStore);
void importCertificate(const std::string& certPath);
void importCertificate(std::istream& istr);
void importCertificate(const char* pBuffer, std::size_t size);
void importPEMCertificate(const char* pBuffer, std::size_t size);
void importDERCertificate(const char* pBuffer, std::size_t size);
static bool containsWildcards(const std::string& commonName);
static bool matchWildcard(const std::string& alias, const std::string& hostName);
private:
std::string _issuerName;
std::string _subjectName;
PCCERT_CONTEXT _pCert;
};
//
// inlines
//
inline const std::string& X509Certificate::issuerName() const
{
return _issuerName;
}
inline const std::string& X509Certificate::subjectName() const
{
return _subjectName;
}
inline const PCCERT_CONTEXT X509Certificate::system() const
{
return _pCert;
}
} } // namespace Poco::Net
#endif // NetSSL_X509Certificate_INCLUDED