add methods to set a client certificate/key and the CA in the Http class

This commit is contained in:
Tomasz Sowa 2022-12-21 14:09:31 +01:00
parent 4583ab28ed
commit aa938f05ca
2 changed files with 79 additions and 0 deletions

View File

@ -75,6 +75,12 @@ Http & Http::begin()
verify_ssl_cert = true;
forse_ssl_version = false;
ssl_version = 0;
ca_path = nullptr;
ca_path_utf8.clear();
client_cert = nullptr;
client_key = nullptr;
client_cert_utf8.clear();
client_key_utf8.clear();
return *this;
}
@ -466,6 +472,33 @@ void Http::verify_ssl(bool verify)
}
void Http::set_ca_file(const wchar_t * path)
{
ca_path = path;
}
void Http::set_ca_file(const std::wstring & path)
{
ca_path = path.c_str();
}
void Http::set_client_cert(const wchar_t * client_cert, const wchar_t * client_key)
{
this->client_cert = client_cert;
this->client_key = client_key;
}
void Http::set_client_cert(const std::wstring & client_cert, const std::wstring & client_key)
{
this->client_cert = client_cert.c_str();
this->client_key = client_key.c_str();
}
void Http::initialize_curl_if_needed()
{
@ -571,6 +604,24 @@ bool Http::fetch_internal(Method method, const char * url, const std::string * i
curl_easy_setopt(curl, CURLOPT_SSLVERSION, ssl_version);
}
if( ca_path )
{
pt::wide_to_utf8(ca_path, ca_path_utf8);
curl_easy_setopt(curl, CURLOPT_CAINFO, ca_path_utf8.c_str());
}
if( client_cert )
{
pt::wide_to_utf8(client_cert, client_cert_utf8);
curl_easy_setopt(curl, CURLOPT_SSLCERT, client_cert_utf8.c_str());
}
if( client_key )
{
pt::wide_to_utf8(client_key, client_key_utf8);
curl_easy_setopt(curl, CURLOPT_SSLKEY, client_key_utf8.c_str());
}
// block the Expect: 100-continue header
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect
// https://httpwg.org/specs/rfc7231.html#header.expect

View File

@ -219,6 +219,28 @@ public:
*/
void verify_ssl(bool verify);
/*
* a path to the CA to verify the peer
* used with CURLOPT_CAINFO
* https://curl.se/libcurl/c/CURLOPT_CAINFO.html
*
* we do not copy the string but only get a pointer to its c_str()
*/
void set_ca_file(const wchar_t * path);
void set_ca_file(const std::wstring & path);
/*
* set a client certificate and a private key
*
* used with:
* https://curl.se/libcurl/c/CURLOPT_SSLCERT.html
* https://curl.se/libcurl/c/CURLOPT_SSLKEY.html
*
* we do not copy the string but only get a pointer to its c_str()
*/
void set_client_cert(const wchar_t * client_cert, const wchar_t * client_key);
void set_client_cert(const std::wstring & client_cert, const std::wstring & client_key);
/*
* in can be a null pointer
* in such a case a body payload is not sent
@ -273,6 +295,12 @@ private:
bool verify_ssl_cert;
bool forse_ssl_version;
long ssl_version;
const wchar_t * ca_path;
std::string ca_path_utf8;
const wchar_t * client_cert;
const wchar_t * client_key;
std::string client_cert_utf8;
std::string client_key_utf8;
std::wstring temp_header;
std::string temp_header_ascii;