ferencd@0: ferencd@0: ferencd@0: #if VMIME_HAVE_TLS_SUPPORT ferencd@0: ferencd@0: // Certificate verifier (TLS/SSL) ferencd@0: class interactiveCertificateVerifier : public vmime::security::cert::defaultCertificateVerifier ferencd@0: { ferencd@0: public: ferencd@0: ferencd@0: void verify(vmime::shared_ptr chain, const vmime::string& hostname) ferencd@0: { ferencd@0: try ferencd@0: { ferencd@0: setX509TrustedCerts(m_trustedCerts); ferencd@0: ferencd@0: defaultCertificateVerifier::verify(chain, hostname); ferencd@0: } ferencd@0: catch (vmime::security::cert::certificateException&) ferencd@0: { ferencd@0: // Obtain subject's certificate ferencd@0: vmime::shared_ptr cert = chain->getAt(0); ferencd@0: ferencd@0: std::cout << std::endl; ferencd@0: std::cout << "Server sent a '" << cert->getType() << "'" << " certificate." << std::endl; ferencd@0: std::cout << "Do you want to accept this certificate? (Y/n) "; ferencd@0: std::cout.flush(); ferencd@0: ferencd@0: std::string answer; ferencd@0: std::getline(std::cin, answer); ferencd@0: ferencd@0: if (answer.length() != 0 && ferencd@0: (answer[0] == 'Y' || answer[0] == 'y')) ferencd@0: { ferencd@0: // Accept it, and remember user's choice for later ferencd@0: if (cert->getType() == "X.509") ferencd@0: { ferencd@0: m_trustedCerts.push_back(vmime::dynamicCast ferencd@0: (cert)); ferencd@0: ferencd@0: setX509TrustedCerts(m_trustedCerts); ferencd@0: defaultCertificateVerifier::verify(chain, hostname); ferencd@0: } ferencd@0: ferencd@0: return; ferencd@0: } ferencd@0: ferencd@0: throw vmime::security::cert::certificateException ferencd@0: ("User did not accept the certificate."); ferencd@0: } ferencd@0: } ferencd@0: ferencd@0: private: ferencd@0: ferencd@0: static std::vector > m_trustedCerts; ferencd@0: }; ferencd@0: ferencd@0: ferencd@0: std::vector > ferencd@0: interactiveCertificateVerifier::m_trustedCerts; ferencd@0: ferencd@0: #endif // VMIME_HAVE_TLS_SUPPORT ferencd@0: