/usr/include/Wt/WSslInfo is in libwt-dev 3.3.6+dfsg-1.1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 | // This may look like C code, but it's really -*- C++ -*-
/*
* Copyright (C) 2012 Emweb bvba, Leuven, Belgium.
*
* See the LICENSE file for terms of use.
*/
#ifndef WT_WSSL_INFO_H_
#define WT_WSSL_INFO_H_
#include <Wt/WDllDefs.h>
#include <Wt/WSslCertificate>
#include <Wt/WValidator>
#include <string>
#include <vector>
#if defined(WT_WITH_SSL) || defined(DOXYGEN_ONLY)
namespace Wt {
/*! \class WSslInfo Wt/WSslInfo Wt/WSslInfo.C
* \brief Provides SSL information about the current session.
*
* This class provides an interface to the SSL information related
* to the current session. This class is returned by
* WEnvironment::sslInfo().
*
* Probably the most important use of this class is that it provides
* access to the client certificate which was presented by the
* client during an https handshake to authenticate the SSL session.
* This class collects the information on the verification that was
* performed by the connector (FCGI, ISAPI, the built-in webserver, ...)
* and presents it to the application programmer.
*
* The verification and the acceptance of the certificate has to be
* configured in the web server (built-in httpd, Apache, IIS, ...).
* When WEnvironment::sslInfo() returns a WSslInfo object, this means
* that the client verification has already passed the verification
* procedures in the webserver. This does not mean that the
* certificate is valid; depending on the configuration of your web
* server, this verification may be weak. Always check the
* verification result with clientVerificationResult().
*
* This class is only available when %Wt was compiled with SSL support.
*/
class WT_API WSslInfo
{
public:
/*
* The WSslInfo class will usually be created by the library itself
* and is therefore not public API.
*/
WSslInfo(const WSslCertificate &clientCertificate,
const std::vector<WSslCertificate> &clientCertificateChain,
WValidator::Result clientVerificationResult);
/*! \brief Returns the certificate used by the client for authentication.
*/
const WSslCertificate &clientCertificate() const {
return clientCertificate_;
}
/*! \brief Returns the certificate chain used for client authentication.
*
* Warning: for the ISAPI connector, the certificate chain will always be
* empty.
*/
const std::vector<WSslCertificate> &clientPemCertificateChain() const {
return clientCertificateChain_;
}
/*! \brief Returns the result of the client certificate verification.
*
* WSslInfo (and thus Wt) by itself does not perform any validation:
* this task is entirely up to the web server, and this class merely
* reports the validation status reported by the webserver.
*/
WValidator::Result clientVerificationResult() const {
return clientVerificationResult_;
}
private:
WSslCertificate clientCertificate_;
std::vector<WSslCertificate> clientCertificateChain_;
WValidator::Result clientVerificationResult_;
std::string gdb() const;
};
}
#endif
#endif // WT_WSSL_INFO_H_
|