Library: NetSSL_OpenSSL
Package: SSLCore
Header: Poco/Net/Context.h
This class encapsulates context information for an SSL server or client, such as the certificate verification mode and the location of certificates and private key files, as well as the list of supported ciphers.
Direct Base Classes: Poco::RefCountedObject
All Base Classes: Poco::RefCountedObject
Member Functions: enableSessionCache, sessionCacheEnabled, sslContext, usage, verificationMode
Inherited Functions: duplicate, referenceCount, release
typedef Poco::AutoPtr < Context > Ptr;
Context is used by a client.
Context is used by a server.
VERIFY_NONE = 0x00
Server: The server will not send a client certificate request to the client, so the client will not send a certificate.
Client: If not using an anonymous cipher (by default disabled), the server will send a certificate which will be checked, but the result of the check will be ignored.
VERIFY_RELAXED = 0x01
Server: The server sends a client certificate request to the client. The certificate returned (if any) is checked. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure.
Client: The server certificate is verified, if one is provided. If the verification process fails, the TLS/SSL handshake is immediately terminated with an alert message containing the reason for the verification failure.
VERIFY_STRICT = 0x01 | 0x02
Server: If the client did not return a certificate, the TLS/SSL handshake is immediately terminated with a handshake failure alert.
Client: Same as VERIFY_RELAXED.
VERIFY_ONCE = 0x01 | 0x04
Server: Only request a client certificate on the initial TLS/SSL handshake. Do not ask for a client certificate again in case of a renegotiation.
Client: Same as VERIFY_RELAXED.
Context(
Usage usage,
const std::string & privateKeyFile,
const std::string & certificateFile,
const std::string & caLocation,
VerificationMode verificationMode = VERIFY_RELAXED,
int verificationDepth = 9,
bool loadDefaultCAs = false,
const std::string & cipherList = "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"
);
Creates a Context.
~Context();
Destroys the Context.
void enableSessionCache(
bool flag = true
);
Enable or disable the SSL/TLS session cache for a server.
The default is a disabled session cache.
bool sessionCacheEnabled() const;
Returns true if and only if the session cache is enabled.
SSL_CTX * sslContext() const;
Returns the underlying OpenSSL SSL Context object.
Usage usage() const;
Returns whether the context is for use by a client or by a server.
Context::VerificationMode verificationMode() const;
Returns the verification mode.