Merge pull request cpp-netlib#481 from trent33/0.11-devel

deanberris · deanberris · commit 07aa9fd3f2b8 · 2015-01-02T17:58:08.000+08:00
Peer verification using OpenSSL environment variables
diff --git a/boost/network/protocol/http/client/connection/ssl_delegate.ipp b/boost/network/protocol/http/client/connection/ssl_delegate.ipp
@@ -34,8 +34,10 @@ void boost::network::http::impl::ssl_delegate::connect(
       context_->load_verify_file(*certificate_filename_);
     if (verify_path_) context_->add_verify_path(*verify_path_);
   } else {
-    if (always_verify_peer_)
+    if (always_verify_peer_) {
       context_->set_verify_mode(asio::ssl::context::verify_peer);
+	  context_->set_default_verify_paths();	// use openssl default verify paths.  uses openssl environment variables SSL_CERT_DIR, SSL_CERT_FILE
+	}
     else
       context_->set_verify_mode(asio::ssl::context::verify_none);
   }
diff --git a/boost/network/protocol/http/client/options.hpp b/boost/network/protocol/http/client/options.hpp
@@ -95,6 +95,11 @@ struct client_options {
     return *this;
   }
 
+  client_options& always_verify_peer(bool v) {
+    always_verify_peer_ = v;
+    return *this;
+  }
+
   client_options& timeout(int v) {
     timeout_ = v;
     return *this;
