![]() |
libfilezilla
|
Information about a TLS session. More...
#include <tls_info.hpp>
Public Types | |
enum | algorithm_warnings_t { tlsver = 1, cipher = 2, mac = 4, kex = 8 } |
Public Member Functions | |
tls_session_info (tls_session_info const &)=default | |
tls_session_info (tls_session_info &&) noexcept=default | |
tls_session_info & | operator= (tls_session_info const &)=default |
tls_session_info & | operator= (tls_session_info &&) noexcept=default |
tls_session_info (std::string const &host, unsigned int port, std::string const &protocol, std::string const &key_exchange, std::string const &session_cipher, std::string const &session_mac, int algorithm_warnings, std::vector< x509_certificate > &&certificates, bool system_trust, bool hostname_mismatch) | |
std::string const & | get_host () const |
The server's hostname used to connect. | |
unsigned int | get_port () const |
The server's port. | |
std::string const & | get_session_cipher () const |
The symmetric algorithm used to encrypt all exchanged application data. | |
std::string const & | get_session_mac () const |
The MAC used for integrity-protect and authenticate the exchanged application data. | |
std::vector< fz::x509_certificate > const & | get_certificates () const |
The server's certificate chain. More... | |
std::string const & | get_protocol () const |
TLS version. | |
std::string const & | get_key_exchange () const |
Key exchange algorithm. | |
int | get_algorithm_warnings () const |
Warnings about old algorithms used, which are considered weak. | |
bool | system_trust () const |
bool | mismatched_hostname () const |
True if the hostname in the SANs does not match the requested hostname. | |
Information about a TLS session.
Includes information about the used ciphers and details on the certificates sent by the server.
Includes flags whether the certificate chain is trusted by the system trust store and whether the expected hostname matches.
|
inline |
The server's certificate chain.
The chain is ordered from the server's own certificate at index 0 up to the self-signed root CA.
Chain may be partial.
|
inline |
Returns true if the server certificate is to be trusted according to the operating system's trust store.