RubyGems - eventmachine - Versions diffs - 1.0.0.beta.2-x86-mingw32 - Mend

eventmachine 1.0.0.beta.2-x86-mingw32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (141) hide show

data/.gitignore +16 -0
data/Gemfile +1 -0
data/README +81 -0
data/Rakefile +11 -0
data/docs/COPYING +60 -0
data/docs/ChangeLog +211 -0
data/docs/DEFERRABLES +246 -0
data/docs/EPOLL +141 -0
data/docs/GNU +281 -0
data/docs/INSTALL +13 -0
data/docs/KEYBOARD +42 -0
data/docs/LEGAL +25 -0
data/docs/LIGHTWEIGHT_CONCURRENCY +130 -0
data/docs/PURE_RUBY +75 -0
data/docs/RELEASE_NOTES +94 -0
data/docs/SMTP +4 -0
data/docs/SPAWNED_PROCESSES +148 -0
data/docs/TODO +8 -0
data/eventmachine.gemspec +33 -0
data/examples/ex_channel.rb +43 -0
data/examples/ex_queue.rb +2 -0
data/examples/ex_tick_loop_array.rb +15 -0
data/examples/ex_tick_loop_counter.rb +32 -0
data/examples/helper.rb +2 -0
data/ext/binder.cpp +124 -0
data/ext/binder.h +46 -0
data/ext/cmain.cpp +838 -0
data/ext/ed.cpp +1884 -0
data/ext/ed.h +418 -0
data/ext/em.cpp +2348 -0
data/ext/em.h +228 -0
data/ext/eventmachine.h +123 -0
data/ext/extconf.rb +157 -0
data/ext/fastfilereader/extconf.rb +85 -0
data/ext/fastfilereader/mapper.cpp +214 -0
data/ext/fastfilereader/mapper.h +59 -0
data/ext/fastfilereader/rubymain.cpp +127 -0
data/ext/kb.cpp +79 -0
data/ext/page.cpp +107 -0
data/ext/page.h +51 -0
data/ext/pipe.cpp +347 -0
data/ext/project.h +155 -0
data/ext/rubymain.cpp +1200 -0
data/ext/ssl.cpp +460 -0
data/ext/ssl.h +94 -0
data/java/.classpath +8 -0
data/java/.project +17 -0
data/java/src/com/rubyeventmachine/EmReactor.java +571 -0
data/java/src/com/rubyeventmachine/EmReactorException.java +40 -0
data/java/src/com/rubyeventmachine/EventableChannel.java +69 -0
data/java/src/com/rubyeventmachine/EventableDatagramChannel.java +189 -0
data/java/src/com/rubyeventmachine/EventableSocketChannel.java +364 -0
data/lib/em/buftok.rb +138 -0
data/lib/em/callback.rb +26 -0
data/lib/em/channel.rb +57 -0
data/lib/em/connection.rb +569 -0
data/lib/em/deferrable.rb +206 -0
data/lib/em/file_watch.rb +54 -0
data/lib/em/future.rb +61 -0
data/lib/em/iterator.rb +270 -0
data/lib/em/messages.rb +66 -0
data/lib/em/process_watch.rb +44 -0
data/lib/em/processes.rb +119 -0
data/lib/em/protocols.rb +36 -0
data/lib/em/protocols/header_and_content.rb +138 -0
data/lib/em/protocols/httpclient.rb +268 -0
data/lib/em/protocols/httpclient2.rb +590 -0
data/lib/em/protocols/line_and_text.rb +125 -0
data/lib/em/protocols/line_protocol.rb +28 -0
data/lib/em/protocols/linetext2.rb +161 -0
data/lib/em/protocols/memcache.rb +323 -0
data/lib/em/protocols/object_protocol.rb +45 -0
data/lib/em/protocols/postgres3.rb +247 -0
data/lib/em/protocols/saslauth.rb +175 -0
data/lib/em/protocols/smtpclient.rb +357 -0
data/lib/em/protocols/smtpserver.rb +640 -0
data/lib/em/protocols/socks4.rb +66 -0
data/lib/em/protocols/stomp.rb +200 -0
data/lib/em/protocols/tcptest.rb +53 -0
data/lib/em/pure_ruby.rb +1013 -0
data/lib/em/queue.rb +62 -0
data/lib/em/spawnable.rb +85 -0
data/lib/em/streamer.rb +130 -0
data/lib/em/tick_loop.rb +85 -0
data/lib/em/timers.rb +57 -0
data/lib/em/version.rb +3 -0
data/lib/eventmachine.rb +1548 -0
data/lib/jeventmachine.rb +258 -0
data/lib/rubyeventmachine.rb +2 -0
data/setup.rb +1585 -0
data/tasks/cpp.rake_example +77 -0
data/tasks/doc.rake +30 -0
data/tasks/package.rake +85 -0
data/tasks/test.rake +6 -0
data/tests/client.crt +31 -0
data/tests/client.key +51 -0
data/tests/test_attach.rb +136 -0
data/tests/test_basic.rb +249 -0
data/tests/test_channel.rb +64 -0
data/tests/test_connection_count.rb +35 -0
data/tests/test_defer.rb +49 -0
data/tests/test_deferrable.rb +35 -0
data/tests/test_epoll.rb +160 -0
data/tests/test_error_handler.rb +35 -0
data/tests/test_errors.rb +82 -0
data/tests/test_exc.rb +55 -0
data/tests/test_file_watch.rb +49 -0
data/tests/test_futures.rb +198 -0
data/tests/test_get_sock_opt.rb +30 -0
data/tests/test_handler_check.rb +37 -0
data/tests/test_hc.rb +190 -0
data/tests/test_httpclient.rb +227 -0
data/tests/test_httpclient2.rb +154 -0
data/tests/test_inactivity_timeout.rb +50 -0
data/tests/test_kb.rb +60 -0
data/tests/test_ltp.rb +190 -0
data/tests/test_ltp2.rb +317 -0
data/tests/test_next_tick.rb +133 -0
data/tests/test_object_protocol.rb +37 -0
data/tests/test_pause.rb +70 -0
data/tests/test_pending_connect_timeout.rb +48 -0
data/tests/test_process_watch.rb +50 -0
data/tests/test_processes.rb +128 -0
data/tests/test_proxy_connection.rb +144 -0
data/tests/test_pure.rb +134 -0
data/tests/test_queue.rb +44 -0
data/tests/test_running.rb +42 -0
data/tests/test_sasl.rb +72 -0
data/tests/test_send_file.rb +251 -0
data/tests/test_servers.rb +76 -0
data/tests/test_smtpclient.rb +83 -0
data/tests/test_smtpserver.rb +85 -0
data/tests/test_spawn.rb +322 -0
data/tests/test_ssl_args.rb +79 -0
data/tests/test_ssl_methods.rb +50 -0
data/tests/test_ssl_verify.rb +82 -0
data/tests/test_tick_loop.rb +59 -0
data/tests/test_timers.rb +160 -0
data/tests/test_ud.rb +36 -0
data/tests/testem.rb +31 -0
metadata +240 -0

data/ext/ssl.cpp ADDED

@@ -0,0 +1,460 @@
+/*****************************************************************************
+$Id$
+File:     ssl.cpp
+Date:     30Apr06
+Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
+Gmail: blackhedd
+This program is free software; you can redistribute it and/or modify
+it under the terms of either: 1) the GNU General Public License
+as published by the Free Software Foundation; either version 2 of the
+License, or (at your option) any later version; or 2) Ruby's License.
+See the file COPYING for complete licensing information.
+*****************************************************************************/
+#ifdef WITH_SSL
+#include "project.h"
+bool SslContext_t::bLibraryInitialized = false;
+static void InitializeDefaultCredentials();
+static EVP_PKEY *DefaultPrivateKey = NULL;
+static X509 *DefaultCertificate = NULL;
+static char PrivateMaterials[] = {
+"-----BEGIN RSA PRIVATE KEY-----\n"
+"MIICXAIBAAKBgQDCYYhcw6cGRbhBVShKmbWm7UVsEoBnUf0cCh8AX+MKhMxwVDWV\n"
+"Igdskntn3cSJjRtmgVJHIK0lpb/FYHQB93Ohpd9/Z18pDmovfFF9nDbFF0t39hJ/\n"
+"AqSzFB3GiVPoFFZJEE1vJqh+3jzsSF5K56bZ6azz38VlZgXeSozNW5bXkQIDAQAB\n"
+"AoGALA89gIFcr6BIBo8N5fL3aNHpZXjAICtGav+kTUpuxSiaym9cAeTHuAVv8Xgk\n"
+"H2Wbq11uz+6JMLpkQJH/WZ7EV59DPOicXrp0Imr73F3EXBfR7t2EQDYHPMthOA1D\n"
+"I9EtCzvV608Ze90hiJ7E3guGrGppZfJ+eUWCPgy8CZH1vRECQQDv67rwV/oU1aDo\n"
+"6/+d5nqjeW6mWkGqTnUU96jXap8EIw6B+0cUKskwx6mHJv+tEMM2748ZY7b0yBlg\n"
+"w4KDghbFAkEAz2h8PjSJG55LwqmXih1RONSgdN9hjB12LwXL1CaDh7/lkEhq0PlK\n"
+"PCAUwQSdM17Sl0Xxm2CZiekTSlwmHrtqXQJAF3+8QJwtV2sRJp8u2zVe37IeH1cJ\n"
+"xXeHyjTzqZ2803fnjN2iuZvzNr7noOA1/Kp+pFvUZUU5/0G2Ep8zolPUjQJAFA7k\n"
+"xRdLkzIx3XeNQjwnmLlncyYPRv+qaE3FMpUu7zftuZBnVCJnvXzUxP3vPgKTlzGa\n"
+"dg5XivDRfsV+okY5uQJBAMV4FesUuLQVEKb6lMs7rzZwpeGQhFDRfywJzfom2TLn\n"
+"2RdJQQ3dcgnhdVDgt5o1qkmsqQh8uJrJ9SdyLIaZQIc=\n"
+"-----END RSA PRIVATE KEY-----\n"
+"-----BEGIN CERTIFICATE-----\n"
+"MIID6TCCA1KgAwIBAgIJANm4W/Tzs+s+MA0GCSqGSIb3DQEBBQUAMIGqMQswCQYD\n"
+"VQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRYw\n"
+"FAYDVQQKEw1TdGVhbWhlYXQubmV0MRQwEgYDVQQLEwtFbmdpbmVlcmluZzEdMBsG\n"
+"A1UEAxMUb3BlbmNhLnN0ZWFtaGVhdC5uZXQxKDAmBgkqhkiG9w0BCQEWGWVuZ2lu\n"
+"ZWVyaW5nQHN0ZWFtaGVhdC5uZXQwHhcNMDYwNTA1MTcwNjAzWhcNMjQwMjIwMTcw\n"
+"NjAzWjCBqjELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE5ldyBZb3JrMREwDwYDVQQH\n"
+"EwhOZXcgWW9yazEWMBQGA1UEChMNU3RlYW1oZWF0Lm5ldDEUMBIGA1UECxMLRW5n\n"
+"aW5lZXJpbmcxHTAbBgNVBAMTFG9wZW5jYS5zdGVhbWhlYXQubmV0MSgwJgYJKoZI\n"
+"hvcNAQkBFhllbmdpbmVlcmluZ0BzdGVhbWhlYXQubmV0MIGfMA0GCSqGSIb3DQEB\n"
+"AQUAA4GNADCBiQKBgQDCYYhcw6cGRbhBVShKmbWm7UVsEoBnUf0cCh8AX+MKhMxw\n"
+"VDWVIgdskntn3cSJjRtmgVJHIK0lpb/FYHQB93Ohpd9/Z18pDmovfFF9nDbFF0t3\n"
+"9hJ/AqSzFB3GiVPoFFZJEE1vJqh+3jzsSF5K56bZ6azz38VlZgXeSozNW5bXkQID\n"
+"AQABo4IBEzCCAQ8wHQYDVR0OBBYEFPJvPd1Fcmd8o/Tm88r+NjYPICCkMIHfBgNV\n"
+"HSMEgdcwgdSAFPJvPd1Fcmd8o/Tm88r+NjYPICCkoYGwpIGtMIGqMQswCQYDVQQG\n"
+"EwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRYwFAYD\n"
+"VQQKEw1TdGVhbWhlYXQubmV0MRQwEgYDVQQLEwtFbmdpbmVlcmluZzEdMBsGA1UE\n"
+"AxMUb3BlbmNhLnN0ZWFtaGVhdC5uZXQxKDAmBgkqhkiG9w0BCQEWGWVuZ2luZWVy\n"
+"aW5nQHN0ZWFtaGVhdC5uZXSCCQDZuFv087PrPjAMBgNVHRMEBTADAQH/MA0GCSqG\n"
+"SIb3DQEBBQUAA4GBAC1CXey/4UoLgJiwcEMDxOvW74plks23090iziFIlGgcIhk0\n"
+"Df6hTAs7H3MWww62ddvR8l07AWfSzSP5L6mDsbvq7EmQsmPODwb6C+i2aF3EDL8j\n"
+"uw73m4YIGI0Zw2XdBpiOGkx2H56Kya6mJJe/5XORZedh1wpI7zki01tHYbcy\n"
+"-----END CERTIFICATE-----\n"};
+/* These private materials were made with:
+ * openssl req -new -x509 -keyout cakey.pem -out cacert.pem -nodes -days 6500
+ * TODO: We need a full-blown capability to work with user-supplied
+ * keypairs and properly-signed certificates.
+ */
+/*****************
+builtin_passwd_cb
+*****************/
+extern "C" int builtin_passwd_cb (char *buf, int bufsize, int rwflag, void *userdata)
+{
+	strcpy (buf, "kittycat");
+	return 8;
+}
+/****************************
+InitializeDefaultCredentials
+****************************/
+static void InitializeDefaultCredentials()
+{
+	BIO *bio = BIO_new_mem_buf (PrivateMaterials, -1);
+	assert (bio);
+	if (DefaultPrivateKey) {
+		// we may come here in a restart.
+		EVP_PKEY_free (DefaultPrivateKey);
+		DefaultPrivateKey = NULL;
+	}
+	PEM_read_bio_PrivateKey (bio, &DefaultPrivateKey, builtin_passwd_cb, 0);
+	if (DefaultCertificate) {
+		// we may come here in a restart.
+		X509_free (DefaultCertificate);
+		DefaultCertificate = NULL;
+	}
+	PEM_read_bio_X509 (bio, &DefaultCertificate, NULL, 0);
+	BIO_free (bio);
+}
+/**************************
+SslContext_t::SslContext_t
+**************************/
+SslContext_t::SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile):
+	pCtx (NULL),
+	PrivateKey (NULL),
+	Certificate (NULL)
+{
+	/* TODO: the usage of the specified private-key and cert-chain filenames only applies to
+	 * client-side connections at this point. Server connections currently use the default materials.
+	 * That needs to be fixed asap.
+	 * Also, in this implementation, server-side connections use statically defined X-509 defaults.
+	 * One thing I'm really not clear on is whether or not you have to explicitly free X509 and EVP_PKEY
+	 * objects when we call our destructor, or whether just calling SSL_CTX_free is enough.
+	 */
+	if (!bLibraryInitialized) {
+		bLibraryInitialized = true;
+		SSL_library_init();
+		OpenSSL_add_ssl_algorithms();
+	        OpenSSL_add_all_algorithms();
+		SSL_load_error_strings();
+		ERR_load_crypto_strings();
+		InitializeDefaultCredentials();
+	}
+	bIsServer = is_server;
+	pCtx = SSL_CTX_new (is_server ? SSLv23_server_method() : SSLv23_client_method());
+	if (!pCtx)
+		throw std::runtime_error ("no SSL context");
+	SSL_CTX_set_options (pCtx, SSL_OP_ALL);
+	//SSL_CTX_set_options (pCtx, (SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3));
+	if (is_server) {
+		// The SSL_CTX calls here do NOT allocate memory.
+		int e;
+		if (privkeyfile.length() > 0)
+			e = SSL_CTX_use_PrivateKey_file (pCtx, privkeyfile.c_str(), SSL_FILETYPE_PEM);
+		else
+			e = SSL_CTX_use_PrivateKey (pCtx, DefaultPrivateKey);
+		assert (e > 0);
+		if (certchainfile.length() > 0)
+			e = SSL_CTX_use_certificate_chain_file (pCtx, certchainfile.c_str());
+		else
+			e = SSL_CTX_use_certificate (pCtx, DefaultCertificate);
+		assert (e > 0);
+	}
+	SSL_CTX_set_cipher_list (pCtx, "ALL:!ADH:!LOW:!EXP:!DES-CBC3-SHA:@STRENGTH");
+	if (is_server) {
+		SSL_CTX_sess_set_cache_size (pCtx, 128);
+		SSL_CTX_set_session_id_context (pCtx, (unsigned char*)"eventmachine", 12);
+	}
+	else {
+		int e;
+		if (privkeyfile.length() > 0) {
+			e = SSL_CTX_use_PrivateKey_file (pCtx, privkeyfile.c_str(), SSL_FILETYPE_PEM);
+			assert (e > 0);
+		}
+		if (certchainfile.length() > 0) {
+			e = SSL_CTX_use_certificate_chain_file (pCtx, certchainfile.c_str());
+			assert (e > 0);
+		}
+	}
+}
+/***************************
+SslContext_t::~SslContext_t
+***************************/
+SslContext_t::~SslContext_t()
+{
+	if (pCtx)
+		SSL_CTX_free (pCtx);
+	if (PrivateKey)
+		EVP_PKEY_free (PrivateKey);
+	if (Certificate)
+		X509_free (Certificate);
+}
+/******************
+SslBox_t::SslBox_t
+******************/
+SslBox_t::SslBox_t (bool is_server, const string &privkeyfile, const string &certchainfile, bool verify_peer, const unsigned long binding):
+	bIsServer (is_server),
+	bHandshakeCompleted (false),
+	bVerifyPeer (verify_peer),
+	pSSL (NULL),
+	pbioRead (NULL),
+	pbioWrite (NULL)
+{
+	/* TODO someday: make it possible to re-use SSL contexts so we don't have to create
+	 * a new one every time we come here.
+	 */
+	Context = new SslContext_t (bIsServer, privkeyfile, certchainfile);
+	assert (Context);
+	pbioRead = BIO_new (BIO_s_mem());
+	assert (pbioRead);
+	pbioWrite = BIO_new (BIO_s_mem());
+	assert (pbioWrite);
+	pSSL = SSL_new (Context->pCtx);
+	assert (pSSL);
+	SSL_set_bio (pSSL, pbioRead, pbioWrite);
+	// Store a pointer to the binding signature in the SSL object so we can retrieve it later
+	SSL_set_ex_data(pSSL, 0, (void*) binding);
+	if (bVerifyPeer)
+		SSL_set_verify(pSSL, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, ssl_verify_wrapper);
+	if (!bIsServer)
+		SSL_connect (pSSL);
+}
+/*******************
+SslBox_t::~SslBox_t
+*******************/
+SslBox_t::~SslBox_t()
+{
+	// Freeing pSSL will also free the associated BIOs, so DON'T free them separately.
+	if (pSSL) {
+		if (SSL_get_shutdown (pSSL) & SSL_RECEIVED_SHUTDOWN)
+			SSL_shutdown (pSSL);
+		else
+			SSL_clear (pSSL);
+		SSL_free (pSSL);
+	}
+	delete Context;
+}
+/***********************
+SslBox_t::PutCiphertext
+***********************/
+bool SslBox_t::PutCiphertext (const char *buf, int bufsize)
+{
+	assert (buf && (bufsize > 0));
+	assert (pbioRead);
+	int n = BIO_write (pbioRead, buf, bufsize);
+	return (n == bufsize) ? true : false;
+}
+/**********************
+SslBox_t::GetPlaintext
+**********************/
+int SslBox_t::GetPlaintext (char *buf, int bufsize)
+{
+	if (!SSL_is_init_finished (pSSL)) {
+		int e = bIsServer ? SSL_accept (pSSL) : SSL_connect (pSSL);
+		if (e < 0) {
+			int er = SSL_get_error (pSSL, e);
+			if (er != SSL_ERROR_WANT_READ) {
+				// Return -1 for a nonfatal error, -2 for an error that should force the connection down.
+				return (er == SSL_ERROR_SSL) ? (-2) : (-1);
+			}
+			else
+				return 0;
+		}
+		bHandshakeCompleted = true;
+		// If handshake finished, FALL THROUGH and return the available plaintext.
+	}
+	if (!SSL_is_init_finished (pSSL)) {
+		// We can get here if a browser abandons a handshake.
+		// The user can see a warning dialog and abort the connection.
+		cerr << "<SSL_incomp>";
+		return 0;
+	}
+	//cerr << "CIPH: " << SSL_get_cipher (pSSL) << endl;
+	int n = SSL_read (pSSL, buf, bufsize);
+	if (n >= 0) {
+		return n;
+	}
+	else {
+		if (SSL_get_error (pSSL, n) == SSL_ERROR_WANT_READ) {
+			return 0;
+		}
+		else {
+			return -1;
+		}
+	}
+	return 0;
+}
+/**************************
+SslBox_t::CanGetCiphertext
+**************************/
+bool SslBox_t::CanGetCiphertext()
+{
+	assert (pbioWrite);
+	return BIO_pending (pbioWrite) ? true : false;
+}
+/***********************
+SslBox_t::GetCiphertext
+***********************/
+int SslBox_t::GetCiphertext (char *buf, int bufsize)
+{
+	assert (pbioWrite);
+	assert (buf && (bufsize > 0));
+	return BIO_read (pbioWrite, buf, bufsize);
+}
+/**********************
+SslBox_t::PutPlaintext
+**********************/
+int SslBox_t::PutPlaintext (const char *buf, int bufsize)
+{
+	// The caller will interpret the return value as the number of bytes written.
+	// WARNING WARNING WARNING, are there any situations in which a 0 or -1 return
+	// from SSL_write means we should immediately retry? The socket-machine loop
+	// will probably wait for a time-out cycle (perhaps a second) before re-trying.
+	// THIS WOULD CAUSE A PERCEPTIBLE DELAY!
+	/* We internally queue any outbound plaintext that can't be dispatched
+	 * because we're in the middle of a handshake or something.
+	 * When we get called, try to send any queued data first, and then
+	 * send the caller's data (or queue it). We may get called with no outbound
+	 * data, which means we try to send the outbound queue and that's all.
+	 *
+	 * Return >0 if we wrote any data, 0 if we didn't, and <0 for a fatal error.
+	 * Note that if we return 0, the connection is still considered live
+	 * and we are signalling that we have accepted the outbound data (if any).
+	 */
+	OutboundQ.Push (buf, bufsize);
+	if (!SSL_is_init_finished (pSSL))
+		return 0;
+	bool fatal = false;
+	bool did_work = false;
+	while (OutboundQ.HasPages()) {
+		const char *page;
+		int length;
+		OutboundQ.Front (&page, &length);
+		assert (page && (length > 0));
+		int n = SSL_write (pSSL, page, length);
+		if (n > 0) {
+			did_work = true;
+			OutboundQ.PopFront();
+		}
+		else {
+			int er = SSL_get_error (pSSL, n);
+			if ((er != SSL_ERROR_WANT_READ) && (er != SSL_ERROR_WANT_WRITE))
+				fatal = true;
+			break;
+		}
+	}
+	if (did_work)
+		return 1;
+	else if (fatal)
+		return -1;
+	else
+		return 0;
+}
+/**********************
+SslBox_t::GetPeerCert
+**********************/
+X509 *SslBox_t::GetPeerCert()
+{
+	X509 *cert = NULL;
+	if (pSSL)
+		cert = SSL_get_peer_certificate(pSSL);
+	return cert;
+}
+/******************
+ssl_verify_wrapper
+*******************/
+extern "C" int ssl_verify_wrapper(int preverify_ok, X509_STORE_CTX *ctx)
+{
+	unsigned long binding;
+	X509 *cert;
+	SSL *ssl;
+	BUF_MEM *buf;
+	BIO *out;
+	int result;
+	cert = X509_STORE_CTX_get_current_cert(ctx);
+	ssl = (SSL*) X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+	binding = (unsigned long) SSL_get_ex_data(ssl, 0);
+	out = BIO_new(BIO_s_mem());
+	PEM_write_bio_X509(out, cert);
+	BIO_write(out, "\0", 1);
+	BIO_get_mem_ptr(out, &buf);
+	ConnectionDescriptor *cd = dynamic_cast <ConnectionDescriptor*> (Bindable_t::GetObject(binding));
+	result = (cd->VerifySslPeer(buf->data) == true ? 1 : 0);
+	BUF_MEM_free(buf);
+	return result;
+}
+#endif // WITH_SSL