Skip to content

Commit fceaf52

Browse files
authored
feat: Use full boost::certify (#109)
1 parent a8a8edd commit fceaf52

File tree

6 files changed

+45
-15
lines changed

6 files changed

+45
-15
lines changed

CMakeLists.txt

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -84,6 +84,7 @@ add_subdirectory(bindings/c)
8484
set(ORIGINAL_BUILD_SHARED_LIBS "${BUILD_SHARED_LIBS}")
8585

8686
set(BUILD_TESTING OFF)
87+
include(${CMAKE_FILES}/certify.cmake)
8788
add_subdirectory(vendor/foxy)
8889

8990
set(BUILD_TESTING "${ORIGINAL_BUILD_TESTING}")

cmake/certify.cmake

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
cmake_minimum_required(VERSION 3.11)
2+
3+
include(FetchContent)
4+
5+
if (${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.24")
6+
# Affects robustness of timestamp checking on FetchContent dependencies.
7+
cmake_policy(SET CMP0135 NEW)
8+
endif ()
9+
10+
FetchContent_Declare(boost_certify
11+
GIT_REPOSITORY https://github.com/djarek/certify.git
12+
GIT_TAG 97f5eebfd99a5d6e99d07e4820240994e4e59787
13+
)
14+
15+
set(BUILD_TESTING OFF)
16+
17+
FetchContent_GetProperties(boost_certify)
18+
if(NOT boost_certify_POPULATED)
19+
FetchContent_Populate(boost_certify)
20+
add_subdirectory(${boost_certify_SOURCE_DIR} ${boost_certify_BINARY_DIR} EXCLUDE_FROM_ALL)
21+
endif()
22+
23+
set(BUILD_TESTING "${ORIGINAL_BUILD_TESTING}")
24+
25+
set(BUILD_SHARED_LIBS "${ORIGINAL_BUILD_SHARED_LIBS}")

vendor/foxy/CMakeLists.txt

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -149,6 +149,8 @@ target_link_libraries(
149149
Boost::date_time
150150
OpenSSL::SSL
151151
Threads::Threads
152+
PRIVATE
153+
certify::core
152154
)
153155

154156
add_library(

vendor/foxy/README.md

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,12 @@
1+
# LaunchDarkly Modifications
2+
3+
This version of foxy is originally from: https://github.com/cmazakas/foxy
4+
5+
It has been modified in the following ways:
6+
1. The CMake configuration has been updated not to install headers/libraries.
7+
2. It depends on boost::certify in order to use native certificate stores.
8+
3. The namespace has been moved changed from `foxy` to `launchdarkly::foxy` to reduce the possibility of conflicts.
9+
110
# Foxy [![Build Status](https://travis-ci.org/LeonineKing1199/foxy.svg?branch=develop)](https://travis-ci.org/LeonineKing1199/foxy)
211

312
Low-level HTTP session primitives for Beast/Asio + URL parsing and pct-coding

vendor/foxy/include/foxy/utility.hpp

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -39,8 +39,6 @@ namespace launchdarkly::foxy
3939
//
4040
namespace certify
4141
{
42-
extern "C" int
43-
verify_server_certificates(::X509_STORE_CTX* ctx, void*) noexcept;
4442

4543
auto
4644
enable_https_verification(boost::asio::ssl::context& ssl_ctx) -> void;

vendor/foxy/src/utility.cpp

Lines changed: 8 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -9,21 +9,16 @@
99

1010
#include <foxy/utility.hpp>
1111

12-
namespace asio = boost::asio;
12+
#include <boost/certify/https_verification.hpp>
1313

14-
extern "C" int
15-
launchdarkly::foxy::certify::verify_server_certificates(::X509_STORE_CTX* ctx, void*) noexcept
16-
{
17-
auto const res = ::X509_verify_cert(ctx);
18-
if (res < 0) { return 0; }
19-
return res;
20-
}
14+
namespace asio = boost::asio;
2115

22-
auto
23-
launchdarkly::foxy::certify::enable_https_verification(boost::asio::ssl::context& ssl_ctx) -> void
24-
{
25-
::SSL_CTX_set_cert_verify_callback(ssl_ctx.native_handle(),
26-
&::launchdarkly::foxy::certify::verify_server_certificates, nullptr);
16+
void launchdarkly::foxy::certify::enable_https_verification(
17+
boost::asio::ssl::context& ssl_ctx) {
18+
// This method is called here, instead of in the header, so that boost/certify
19+
// is only used in implementation. If it was used in the header
20+
// it would be a public dependency.
21+
boost::certify::enable_native_https_server_verification(ssl_ctx);
2722
}
2823

2924
auto

0 commit comments

Comments
 (0)