RWHttpsSecurityManager Class Reference

Sets various parameters for the HTTPS package. More...

#include <rw/https/RWHttpsSecurityManager.h>

Static Public Member Functions
static bool	defaultNameCheckCallback (const RWCString &host, const RWX509Certificate &cert)
static void	defaultNameMismatchCallback (const RWCString &host, const RWX509Certificate &cert)
static RWHttpsNameCheckCallback	getNameCheckCallback ()
static RWHttpsNameMismatchCallback	getNameMismatchCallback ()
static void	setAgentContext (const RWSecureSocketContext &context)
static void	setNameCheckCallback (const RWHttpsNameCheckCallback &nameCB)
static void	setNameMismatchCallback (const RWHttpsNameMismatchCallback &nameCB)

Related Symbols
(Note that these are not member symbols.)
typedef RWTFunctor< bool(RWCString, RWX509Certificate)>	RWHttpsNameCheckCallback
typedef RWTFunctor< void(RWCString, RWX509Certificate)>	RWHttpsNameMismatchCallback

Detailed Description

RWHttpsSecurityManager sets various parameters of the HTTPS package, such as:

• The default context for all RWHttpAgent instances using "https" URIs
• Various security-related callbacks

Member Function Documentation

defaultNameCheckCallback()

static bool RWHttpsSecurityManager::defaultNameCheckCallback ( const RWCString & host, const RWX509Certificate & cert )

static

This is the default name check callback. It is called immediately following the SSL/TLS handshake to compare the Common Name field in the certificate with the host parameter. Wildcard name matching is supported and the matching is case-insensitive. Returns true if the names are the same, and returns false otherwise. When this function returns false, the certificate name mismatch callback is called. The RWCString should contain 7-bit US-ASCII data.

You can supply a name check callback using the function RWHttpsSecurityManager::setNameCheckCallback() if more stringent name checking is required.

defaultNameMismatchCallback()

static void RWHttpsSecurityManager::defaultNameMismatchCallback ( const RWCString & host, const RWX509Certificate & cert )

static

This is the default name mismatch callback. It is called when the name check callback determines that the name in the certificate does not match the name of the actual server. This function throws an RWHttpsCertificateNameMismatch exception. The RWCString should contain 7-bit US-ASCII data.

getNameCheckCallback()

static RWHttpsNameCheckCallback RWHttpsSecurityManager::getNameCheckCallback ( )

static

Returns the name check callback.

getNameMismatchCallback()

static RWHttpsNameMismatchCallback RWHttpsSecurityManager::getNameMismatchCallback ( )

static

Returns the certificate name mismatch callback.

setAgentContext()

static void RWHttpsSecurityManager::setAgentContext ( const RWSecureSocketContext & context )

static

Registers the https scheme and functor with the singleton connection manager. After making this call, you can use https URLs with class RWHttpAgent. The context provided is used for all agents created in a program.

setNameCheckCallback()

static void RWHttpsSecurityManager::setNameCheckCallback ( const RWHttpsNameCheckCallback & nameCB )

static

Sets a custom certificate name check callback. The default behavior of this callback is described under defaultNameCheckCallback() in this class description.

setNameMismatchCallback()

static void RWHttpsSecurityManager::setNameMismatchCallback ( const RWHttpsNameMismatchCallback & nameCB )

static

Sets a custom certificate name mismatch callback. The default behavior of this callback is described under defaultNameMismatchCallback() in this class description. See also Section 7.4.2, "Certificate Name Mismatch Callback," in the Secure Communication Module User's Guide and Section 8.1, "Supplying Your Own Callbacks," in the Secure Communication Module User's Guide.

Friends And Related Symbol Documentation

RWHttpsNameCheckCallback

typedef RWTFunctor<bool(RWCString, RWX509Certificate)> RWHttpsNameCheckCallback

related

RWHttpsNameCheckCallback is a typedef for an RWTFunctor that is invoked after an RWHttpsSecureSocketClient establishes a secure connection and the SSL/TLS handshake has been completed.

The callback functor will be invoked with two parameters. The first parameter is an RWCString that represents the name of the host being connected to. The second parameter is the RWX509Certificate provided by the host that accepted the connection request. The callback functor is expected to return true if the certificate is a match for the host being connected to, and false if the certificate is not a match.

See also

getNameCheckCallback(), setNameCheckCallback(), defaultNameCheckCallback()

RWHttpsNameMismatchCallback

typedef RWTFunctor<void(RWCString, RWX509Certificate)> RWHttpsNameMismatchCallback

related

RWHttpsNameMismatchCallback is a typedef for an RWTFunctor that is invoked after an RWHttpsSecureSocketClient establishes a secure connection, the SSL/TLS handshake has completed, and the currently registered RWHttpsNameCheckCallback has returned false.

The callback functor will be invoked with two parameters. The first parameter is an RWCString that represents the name of the host being connected to. The second parameter is the RWX509Certificate provided by the host that accepted the connection request.

See also

getNameMismatchCallback(), setNameMismatchCallback(), defaultNameMismatchCallback()