Add the validateCert parameter to the newWebSocketClient method (drog…

…onframework#835)

lib/inc/drogon/HttpClient.h

@@ -218,6 +218,8 @@ class DROGON_EXPORT HttpClient : public trantor::NonCopyable
      * by the parameter.
      * @param useOldTLS If the parameter is set to true, the TLS1.0/1.1 are
      * eanbled for HTTPS.
+     * @param validateCert If the parameter is set to true, the client validates
+     * the server certificate when SSL handshaking.
      * @return HttpClientPtr The smart pointer to the new client object.
      * @note: The ip parameter support for both ipv4 and ipv6 address
      */
@@ -257,7 +259,11 @@ class DROGON_EXPORT HttpClient : public trantor::NonCopyable
      * @param useOldTLS If the parameter is set to true, the TLS1.0/1.1 are
      * enabled for HTTPS.
      * @note
-     * Don't add path and parameters in hostString, the request path and
+     *
+     * @param validateCert If the parameter is set to true, the client validates
+     * the server certificate when SSL handshaking.
+     *
+     * @note Don't add path and parameters in hostString, the request path and
      * parameters should be set in HttpRequestPtr when calling the sendRequest()
      * method.
      *

lib/inc/drogon/WebSocketClient.h

@@ -155,6 +155,9 @@ class DROGON_EXPORT WebSocketClient
      * by the parameter.
      * @param useOldTLS If the parameter is set to true, the TLS1.0/1.1 are
      * enabled for HTTPS.
+     * @param validateCert If the parameter is set to true, the client validates
+     * the server certificate when SSL handshaking.
+     * @return HttpClientPtr The smart pointer to the new client object.
      * @return WebSocketClientPtr The smart pointer to the WebSocket client.
      * @note The ip parameter support for both ipv4 and ipv6 address
      */
@@ -163,7 +166,8 @@ class DROGON_EXPORT WebSocketClient
         uint16_t port,
         bool useSSL = false,
         trantor::EventLoop *loop = nullptr,
-        bool useOldTLS = false);
+        bool useOldTLS = false,
+        bool validateCert = true);
 
     /// Create a websocket client using the given hostString to connect to
     /// server
@@ -181,6 +185,8 @@ class DROGON_EXPORT WebSocketClient
      * identified by the parameter.
      * @param useOldTLS If the parameter is set to true, the TLS1.0/1.1 are
      * enabled for HTTPS.
+     * @param validateCert If the parameter is set to true, the client validates
+     * the server certificate when SSL handshaking.
      * @note
      * Don't add path and parameters in hostString, the request path and
      * parameters should be set in HttpRequestPtr when calling the
@@ -190,11 +196,10 @@ class DROGON_EXPORT WebSocketClient
     static WebSocketClientPtr newWebSocketClient(
         const std::string &hostString,
         trantor::EventLoop *loop = nullptr,
-        bool useOldTLS = false);
+        bool useOldTLS = false,
+        bool validateCert = true);
 
-    virtual ~WebSocketClient()
-    {
-    }
+    virtual ~WebSocketClient() = default;
 };
 
 #ifdef __cpp_impl_coroutine

lib/src/WebSocketClientImpl.cc

@@ -45,7 +45,7 @@ void WebSocketClientImpl::createTcpClient()
         std::make_shared<trantor::TcpClient>(loop_, serverAddr_, "httpClient");
     if (useSSL_)
     {
-        tcpClientPtr_->enableSSL(useOldTLS_);
+        tcpClientPtr_->enableSSL(useOldTLS_, validateCert_, domain_);
     }
     auto thisPtr = shared_from_this();
     std::weak_ptr<WebSocketClientImpl> weakPtr = thisPtr;
@@ -283,15 +283,21 @@ void WebSocketClientImpl::reconnect()
 WebSocketClientImpl::WebSocketClientImpl(trantor::EventLoop *loop,
                                          const trantor::InetAddress &addr,
                                          bool useSSL,
-                                         bool useOldTLS)
-    : loop_(loop), serverAddr_(addr), useSSL_(useSSL), useOldTLS_(useOldTLS)
+                                         bool useOldTLS,
+                                         bool validateCert)
+    : loop_(loop),
+      serverAddr_(addr),
+      useSSL_(useSSL),
+      useOldTLS_(useOldTLS),
+      validateCert_(validateCert)
 {
 }
 
 WebSocketClientImpl::WebSocketClientImpl(trantor::EventLoop *loop,
                                          const std::string &hostString,
-                                         bool useOldTLS)
-    : loop_(loop), useOldTLS_(useOldTLS)
+                                         bool useOldTLS,
+                                         bool validateCert)
+    : loop_(loop), useOldTLS_(useOldTLS), validateCert_(validateCert)
 {
     auto lowerHost = hostString;
     std::transform(lowerHost.begin(),
@@ -419,23 +425,27 @@ WebSocketClientPtr WebSocketClient::newWebSocketClient(const std::string &ip,
                                                        uint16_t port,
                                                        bool useSSL,
                                                        trantor::EventLoop *loop,
-                                                       bool useOldTLS)
+                                                       bool useOldTLS,
+                                                       bool validateCert)
 {
     bool isIpv6 = ip.find(':') == std::string::npos ? false : true;
     return std::make_shared<WebSocketClientImpl>(
         loop == nullptr ? HttpAppFrameworkImpl::instance().getLoop() : loop,
         trantor::InetAddress(ip, port, isIpv6),
         useSSL,
-        useOldTLS);
+        useOldTLS,
+        validateCert);
 }
 
 WebSocketClientPtr WebSocketClient::newWebSocketClient(
     const std::string &hostString,
     trantor::EventLoop *loop,
-    bool useOldTLS)
+    bool useOldTLS,
+    bool validateCert)
 {
     return std::make_shared<WebSocketClientImpl>(
         loop == nullptr ? HttpAppFrameworkImpl::instance().getLoop() : loop,
         hostString,
-        useOldTLS);
+        useOldTLS,
+        validateCert);
 }

lib/src/WebSocketClientImpl.h

@@ -30,9 +30,9 @@ class WebSocketClientImpl
       public std::enable_shared_from_this<WebSocketClientImpl>
 {
   public:
-    virtual WebSocketConnectionPtr getConnection() override;
+    WebSocketConnectionPtr getConnection() override;
 
-    virtual void setMessageHandler(
+    void setMessageHandler(
         const std::function<void(std::string &&message,
                                  const WebSocketClientPtr &,
                                  const WebSocketMessageType &)> &callback)
@@ -41,32 +41,33 @@ class WebSocketClientImpl
         messageCallback_ = callback;
     }
 
-    virtual void setConnectionClosedHandler(
+    void setConnectionClosedHandler(
         const std::function<void(const WebSocketClientPtr &)> &callback)
         override
     {
         connectionClosedCallback_ = callback;
     }
 
-    virtual void connectToServer(
-        const HttpRequestPtr &request,
-        const WebSocketRequestCallback &callback) override;
+    void connectToServer(const HttpRequestPtr &request,
+                         const WebSocketRequestCallback &callback) override;
 
-    virtual trantor::EventLoop *getLoop() override
+    trantor::EventLoop *getLoop() override
     {
         return loop_;
     }
 
     WebSocketClientImpl(trantor::EventLoop *loop,
                         const trantor::InetAddress &addr,
                         bool useSSL = false,
-                        bool useOldTLS = false);
+                        bool useOldTLS = false,
+                        bool validateCert = true);
 
     WebSocketClientImpl(trantor::EventLoop *loop,
                         const std::string &hostString,
-                        bool useOldTLS = false);
+                        bool useOldTLS = false,
+                        bool validateCert = true);
 
-    ~WebSocketClientImpl();
+    ~WebSocketClientImpl() override;
 
   private:
     std::shared_ptr<trantor::TcpClient> tcpClientPtr_;
@@ -75,6 +76,7 @@ class WebSocketClientImpl
     std::string domain_;
     bool useSSL_{false};
     bool useOldTLS_{false};
+    bool validateCert_{true};
     bool upgraded_{false};
     std::string wsKey_;
     std::string wsAccept_;