id,summary,reporter,owner,description,type,status,milestone,component,version,severity,resolution,keywords,cc
11809,Add SSL Renegotiate  handshake support to boost::asio::ssl,georgid@…,chris_kohlhoff,"Currently the boost::asio::ssl::stream handshake can call either SSL_accept or SSL_connect for initial connection handshaking. To be able to do a SSL renegotiation handshake SSL_do_hanshake needs() to be called.

I have attached a patch that adds a new boost::asio::ssl::hanshake_type called ""renegotiate"" and the needed support in the ssl::engine to do a proper renegotiation handshake.

Doing a server side renegotiate to request the client certificate can be done in the following way:

{{{
#!c++

#include <boost/asio.hpp>
#include <boost/asio/ssl.hpp>

typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> ssl_socket;


int main(int argc, char* argv[])
{
   using namespace std; // For atoi.
   using namespace boost::asio;

   unsigned short port =  atoi(argv[1]);
   io_service io_service;

   ip::tcp::acceptor acceptor(io_service,
                              ip::tcp::endpoint(ip::tcp::v4(), port));

   ssl::context ctx(ssl::context::sslv23);
   ssl_socket sock(io_service, ctx);

   acceptor.accept(sock.lowest_layer());

   sock.handshake(ssl_socket::server);
   // read some data

   sock.set_verify_mode(ssl::verify_peer);
   sock.handshake(ssl_socket::renegotiate);
   
   // continue using the connection
}

}}}",Feature Requests,new,To Be Determined,asio,Boost 1.59.0,Optimization,,,