11 files changed, 48 insertions, 4 deletions

diff --git a/vmime/net/socket.hpp b/vmime/net/socket.hpp
index 4551e3e2..7a14b3d8 100644
--- a/vmime/net/socket.hpp
+++ b/vmime/net/socket.hpp
@@ -127,6 +127,18 @@ public:
 	  */
 	virtual unsigned int getStatus() const = 0;
 
+	/** Return the hostname of peer this socket is connected to.
+	  *
+	  * @return name of the peer, or numeric address if it cannot be found
+	  */
+	virtual const string getPeerName() const = 0;
+
+	/** Return the address of peer this socket is connected to.
+	  *
+	  * @return numeric address of the peer
+	  */
+	virtual const string getPeerAddress() const = 0;
+
 protected:
 
 	socket() { }
diff --git a/vmime/net/tls/gnutls/TLSSocket_GnuTLS.hpp b/vmime/net/tls/gnutls/TLSSocket_GnuTLS.hpp
index ca113f17..ba7456d5 100644
--- a/vmime/net/tls/gnutls/TLSSocket_GnuTLS.hpp
+++ b/vmime/net/tls/gnutls/TLSSocket_GnuTLS.hpp
@@ -76,6 +76,9 @@ public:
 
 	unsigned int getStatus() const;
 
+	const string getPeerName() const;
+	const string getPeerAddress() const;
+
 private:
 
 	void internalThrow();
diff --git a/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp b/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp
index ab4093f7..6f7bc3d1 100755
--- a/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp
+++ b/vmime/net/tls/openssl/TLSSocket_OpenSSL.hpp
@@ -80,6 +80,9 @@ public:
 
 	unsigned int getStatus() const;
 
+	const string getPeerName() const;
+	const string getPeerAddress() const;
+
 private:
 
 	static int bio_write(BIO* bio, const char* buf, int len);
diff --git a/vmime/platforms/posix/posixSocket.hpp b/vmime/platforms/posix/posixSocket.hpp
index 78b1c0aa..4c5bc9b0 100644
--- a/vmime/platforms/posix/posixSocket.hpp
+++ b/vmime/platforms/posix/posixSocket.hpp
@@ -61,6 +61,9 @@ public:
 
 	unsigned int getStatus() const;
 
+	const string getPeerName() const;
+	const string getPeerAddress() const;
+
 protected:
 
 	static void throwSocketError(const int err);
@@ -73,6 +76,8 @@ private:
 	int m_desc;
 
 	unsigned int m_status;
+
+	string m_serverAddress;
 };
 
 
diff --git a/vmime/platforms/windows/windowsSocket.hpp b/vmime/platforms/windows/windowsSocket.hpp
index ca007a06..8fe65133 100644
--- a/vmime/platforms/windows/windowsSocket.hpp
+++ b/vmime/platforms/windows/windowsSocket.hpp
@@ -65,6 +65,9 @@ public:
 
 	unsigned int getStatus() const;
 
+	const string getPeerName() const;
+	const string getPeerAddress() const;
+
 protected:
 
 	void throwSocketError(const int err);
@@ -86,6 +89,8 @@ private:
 	SOCKET m_desc;
 
 	unsigned int m_status;
+
+	string m_serverAddress;
 };
 
 
diff --git a/vmime/security/cert/X509Certificate.hpp b/vmime/security/cert/X509Certificate.hpp
index b7f0b946..a993a91c 100644
--- a/vmime/security/cert/X509Certificate.hpp
+++ b/vmime/security/cert/X509Certificate.hpp
@@ -115,6 +115,13 @@ public:
 	  */
 	virtual bool verify(ref <const X509Certificate> caCert) const = 0;
 
+	/** Verify certificate's subject name against the given hostname.
+	  *
+	  * @param hostname DNS name of the server
+	  * @return true if the match is successful, false otherwise
+	  */
+	virtual bool verifyHostName(const string& hostname) const = 0;
+
 	/** Gets the expiration date of this certificate. This is the date
 	  * at which this certificate will not be valid anymore.
 	  *
diff --git a/vmime/security/cert/certificateVerifier.hpp b/vmime/security/cert/certificateVerifier.hpp
index cf038262..05a66154 100644
--- a/vmime/security/cert/certificateVerifier.hpp
+++ b/vmime/security/cert/certificateVerifier.hpp
@@ -44,10 +44,12 @@ public:
 	/** Verify that the specified certificate chain is trusted.
 	  *
 	  * @param chain certificate chain
+	  * @param server hostname
 	  * @throw exceptions::certificate_verification_exception if one
-	  * or more certificates can not be trusted
+	  * or more certificates can not be trusted, or the server identity
+	  * cannot be verified
 	  */
-	virtual void verify(ref <certificateChain> chain) = 0;
+	virtual void verify(ref <certificateChain> chain, const string& hostname) = 0;
 };
 
 
diff --git a/vmime/security/cert/defaultCertificateVerifier.hpp b/vmime/security/cert/defaultCertificateVerifier.hpp
index 6f650f39..81262b8b 100644
--- a/vmime/security/cert/defaultCertificateVerifier.hpp
+++ b/vmime/security/cert/defaultCertificateVerifier.hpp
@@ -63,7 +63,7 @@ public:
 
 
 	// Implementation of 'certificateVerifier'
-	void verify(ref <certificateChain> chain);
+	void verify(ref <certificateChain> chain, const string& hostname);
 
 private:
 
@@ -71,7 +71,7 @@ private:
 	  *
 	  * @param chain list of X.509 certificates
 	  */
-	void verifyX509(ref <certificateChain> chain);
+	void verifyX509(ref <certificateChain> chain, const string& hostname);
 
 
 	std::vector <ref <X509Certificate> > m_x509RootCAs;
diff --git a/vmime/security/cert/gnutls/X509Certificate_GnuTLS.hpp b/vmime/security/cert/gnutls/X509Certificate_GnuTLS.hpp
index c720c1fb..b06b712f 100644
--- a/vmime/security/cert/gnutls/X509Certificate_GnuTLS.hpp
+++ b/vmime/security/cert/gnutls/X509Certificate_GnuTLS.hpp
@@ -62,6 +62,8 @@ public:
 
 	bool verify(ref <const X509Certificate> caCert) const;
 
+	bool verifyHostName(const string& hostname) const;
+
 	const datetime getExpirationDate() const;
 	const datetime getActivationDate() const;
 
diff --git a/vmime/security/cert/openssl/X509Certificate_OpenSSL.hpp b/vmime/security/cert/openssl/X509Certificate_OpenSSL.hpp
index d9083b06..ef92b35f 100644
--- a/vmime/security/cert/openssl/X509Certificate_OpenSSL.hpp
+++ b/vmime/security/cert/openssl/X509Certificate_OpenSSL.hpp
@@ -65,6 +65,8 @@ public:
 
 	bool verify(ref <const X509Certificate> caCert) const;
 
+	bool verifyHostName(const string& hostname) const;
+
 	const datetime getExpirationDate() const;
 	const datetime getActivationDate() const;
 
diff --git a/vmime/security/sasl/SASLSocket.hpp b/vmime/security/sasl/SASLSocket.hpp
index 0e7d209f..c450b998 100644
--- a/vmime/security/sasl/SASLSocket.hpp
+++ b/vmime/security/sasl/SASLSocket.hpp
@@ -69,6 +69,9 @@ public:
 
 	unsigned int getStatus() const;
 
+	const string getPeerName() const;
+	const string getPeerAddress() const;
+
 private:
 
 	ref <SASLSession> m_session;