On the weekend I made some changes to asio to support password callbacks for SSL. There is a new function on the
asio::ssl::context class called
set_password_callback(), which takes a function object with the following signature:
std::string password_callback(
std::size_t max_length,
ssl::context::password_purpose purpose);
The callback must return the password as a string. The
max_length argument indicates the maximum allowable length of the password, and if the returned string is longer it will be truncated. The
context::password_purpose type is an enum with values
for_reading and
for_writing. In most cases you won't need to use the
max_length or
purpose arguments, and if you use
boost::bind() to create the function object you can just leave them off. For example, the SSL server sample included with asio now has the following:
context_.set_password_callback(
boost::bind(&server::get_password, this));
...
std::string get_password() const
{
return "test";
}
The final thing to note is that the password callback needs to be set before calling any
ssl::context functions that load keys, such as
use_private_key_file().