merge with new ssl and policy code

2026-04-29 15:37:57 +00:00 · 2011-11-15 20:09:58 -06:00
parent 1ab2a8191f
commit dfb30b157a
8 changed files with 846 additions and 0 deletions
--- a/Test/Policy_Test.1
+++ b/Test/Policy_Test.1
@@ -0,0 +1,79 @@
+.\"Modified from man(1) of FreeBSD, the NetBSD mdoc.template, and mdoc.samples.
+.\"See Also:
+.\"man mdoc.samples for a complete listing of options
+.\"man mdoc for the short list of editing options
+.\"/usr/share/misc/mdoc.template
+.Dd 2011-11-15               \" DATE 
+.Dt Policy Test 1      \" Program name and manual section number 
+.Os Darwin
+.Sh NAME                 \" Section Header - required - don't modify 
+.Nm Policy Test,
+.\" The following lines are read in generating the apropos(man -k) database. Use only key
+.\" words here as the database is built based on the words here and in the .ND line. 
+.Nm Other_name_for_same_program(),
+.Nm Yet another name for the same program.
+.\" Use .Nm macro to designate other names for the documented program.
+.Nd This line parsed for whatis database.
+.Sh SYNOPSIS             \" Section Header - required - don't modify
+.Nm
+.Op Fl abcd              \" [-abcd]
+.Op Fl a Ar path         \" [-a path] 
+.Op Ar file              \" [file]
+.Op Ar                   \" [file ...]
+.Ar arg0                 \" Underlined argument - use .Ar anywhere to underline
+arg2 ...                 \" Arguments
+.Sh DESCRIPTION          \" Section Header - required - don't modify
+Use the .Nm macro to refer to your program throughout the man page like such:
+.Nm
+Underlining is accomplished with the .Ar macro like this:
+.Ar underlined text .
+.Pp                      \" Inserts a space
+A list of items with descriptions:
+.Bl -tag -width -indent  \" Begins a tagged list 
+.It item a               \" Each item preceded by .It macro
+Description of item a
+.It item b
+Description of item b
+.El                      \" Ends the list
+.Pp
+A list of flags and their descriptions:
+.Bl -tag -width -indent  \" Differs from above in tag removed 
+.It Fl a                 \"-a flag as a list item
+Description of -a flag
+.It Fl b
+Description of -b flag
+.El                      \" Ends the list
+.Pp
+.\" .Sh ENVIRONMENT      \" May not be needed
+.\" .Bl -tag -width "ENV_VAR_1" -indent \" ENV_VAR_1 is width of the string ENV_VAR_1
+.\" .It Ev ENV_VAR_1
+.\" Description of ENV_VAR_1
+.\" .It Ev ENV_VAR_2
+.\" Description of ENV_VAR_2
+.\" .El                      
+.Sh FILES                \" File used or created by the topic of the man page
+.Bl -tag -width "/Users/joeuser/Library/really_long_file_name" -compact
+.It Pa /usr/share/file_name
+FILE_1 description
+.It Pa /Users/joeuser/Library/really_long_file_name
+FILE_2 description
+.El                      \" Ends the list
+.\" .Sh DIAGNOSTICS       \" May not be needed
+.\" .Bl -diag
+.\" .It Diagnostic Tag
+.\" Diagnostic informtion here.
+.\" .It Diagnostic Tag
+.\" Diagnostic informtion here.
+.\" .El
+.Sh SEE ALSO 
+.\" List links in ascending order by section, alphabetically within a section.
+.\" Please do not reference files that do not exist without filing a bug report
+.Xr a 1 , 
+.Xr b 1 ,
+.Xr c 1 ,
+.Xr a 2 ,
+.Xr b 2 ,
+.Xr a 3 ,
+.Xr b 3 
+.\" .Sh BUGS              \" Document known, unremedied bugs 
+.\" .Sh HISTORY           \" Document history if command behaves in a unique manner
--- a/Test/main.cpp
+++ b/Test/main.cpp
@@ -0,0 +1,18 @@
+//
+//  main.cpp
+//  Policy Test
+//
+//  Created by Peter Thorson on 2011-11-15.
+//  Copyright (c) 2011 The University of Chicago. All rights reserved.
+//
+
+#include <iostream>
+
+int main (int argc, const char * argv[])
+{
+
+	// insert code here...
+	std::cout << "Hello, World!\n";
+    return 0;
+}
+
--- a/src/policy.cpp
+++ b/src/policy.cpp
@@ -0,0 +1,464 @@
+/*
+build situation
+general:
+- libboost_system
+
+SSL:
+- libcrypto
+- libssl
+
+*/
+
+#include <boost/shared_ptr.hpp>
+#include <boost/asio.hpp>
+#include <boost/asio/ssl.hpp>
+#include <boost/bind.hpp>
+#include <iostream>
+
+
+class server_handler {
+	virtual void on_action() = 0;
+};
+
+typedef boost::shared_ptr<server_handler> server_handler_ptr;
+
+class client_handler {
+	virtual void on_action() = 0;
+};
+
+typedef boost::shared_ptr<client_handler> client_handler_ptr;
+
+
+namespace connection {
+template <typename endpoint_type,template <class> class security_policy>
+class connection : public security_policy< connection<endpoint_type,security_policy> > {
+public:
+	//typedef role< connection<role,security_policy> > role_type;
+	typedef security_policy< connection<endpoint_type,security_policy> > security_policy_type;
+	
+	//typedef typename role_type::handler_ptr handler_ptr;
+	
+	connection(endpoint_type& e) : security_policy_type(e),m_endpoint(e) {
+		std::cout << "setup connection" << std::endl;
+	}
+	
+	void websocket_handshake() {
+		std::cout << "Websocket Handshake" << std::endl;
+		this->websocket_messages();
+	}
+	void websocket_messages() {
+		std::cout << "Websocket Messages" << std::endl;
+	}
+protected:
+	endpoint_type& m_endpoint;
+};
+
+// Connection roles
+template <class connection_type>
+class server {
+public:
+	typedef server_handler_ptr handler_ptr;
+	
+	server (handler_ptr h) : m_handler(h) {
+		std::cout << "setup server connection role" << std::endl;
+	}
+	
+	void public_api() {
+		std::cout << "connection::server::public_api()" << std::endl;
+	}
+protected:
+	void protected_api() {
+		std::cout << "connection::server::protected_api()" << std::endl;
+	}
+private:
+	void private_api() {
+		std::cout << "connection::server::private_api()" << std::endl;
+	}
+	handler_ptr	m_handler;
+};
+
+template <class connection_type>
+class client {
+public:
+	typedef client_handler_ptr handler_ptr;
+	
+	client (handler_ptr h) : m_handler(h) {
+		std::cout << "setup client connection role" << std::endl;
+	}
+	
+	void public_api() {
+		std::cout << "connection::client::public_api()" << std::endl;
+	}
+protected:
+	void protected_api() {
+		std::cout << "connection::client::protected_api()" << std::endl;
+	}
+private:
+	void private_api() {
+		std::cout << "connection::client::private_api()" << std::endl;
+	}
+	handler_ptr m_handler;
+};
+
+}
+
+namespace endpoint {
+
+// test
+template <typename derived_t>
+struct endpoint_traits;
+	
+class endpoint_base {
+protected:
+	boost::asio::io_service	m_io_service;
+};
+	
+template <template <class> class role,template <class> class security_policy>
+class endpoint 
+ : public endpoint_base,
+   public role< endpoint<role,security_policy> >,
+   public security_policy< endpoint<role,security_policy> > 
+{
+public:
+	typedef role< endpoint<role,security_policy> > role_type;
+	typedef security_policy< endpoint<role,security_policy> > security_policy_type;
+	typedef endpoint<role,security_policy> type;
+		
+	typedef typename role_type::handler_ptr handler_ptr;
+	
+	typedef connection::connection<type,security_policy< endpoint<role,security_policy> >::template connection> connection_type;
+	typedef boost::shared_ptr<connection_type> connection_ptr;
+	
+	endpoint(handler_ptr h) : role_type(m_io_service,h),security_policy_type(m_io_service) {
+		std::cout << "Setup endpoint" << std::endl;
+	}
+	
+	void start() {
+		std::cout << "Connect" << std::endl;
+		
+		connection_ptr con = create_connection();
+		con->security_handshake();
+	}
+	
+	connection_ptr create_connection() {
+		return connection_ptr(new connection_type(*this));
+	}
+};
+
+// endpoint related types that it's policy classes need.
+template <template <class> class role,template <class> class security_policy>
+struct endpoint_traits<endpoint<role, security_policy> > {
+	typedef endpoint<role,security_policy> type;
+	
+	typedef connection::connection<type,security_policy< endpoint<role,security_policy> >::template connection> connection_type;
+	typedef boost::shared_ptr<connection_type> connection_ptr;
+};
+	
+// Security Policies
+template <typename endpoint_type>
+class plain {
+public:
+	boost::asio::io_service& get_io_service() {
+		return m_io_service;
+	}
+	
+	// Connection specific details
+	template <typename connection_type>
+	class connection {
+	public:
+		connection(plain<endpoint_type>& e) : m_socket(e.get_io_service()) {
+			std::cout << "setup plain connection" << std::endl;
+		}
+		
+		void security_handshake() {
+			std::cout << "performing plain security handshake" << std::endl;
+			static_cast< connection_type* >(this)->websocket_handshake();
+		}
+	
+		boost::asio::ip::tcp::socket& get_socket() {
+			return m_socket;
+		}
+	private:
+		boost::asio::ip::tcp::socket m_socket;
+	};
+protected:
+	plain (boost::asio::io_service& m) : m_io_service(m) {
+		std::cout << "setup plain endpoint" << std::endl;
+	}
+private:
+	boost::asio::io_service& m_io_service;
+};
+
+template <typename endpoint_type>
+class ssl {
+public:
+	typedef ssl<endpoint_type> type;
+	
+	std::string get_password() const {
+		return "test";
+	}
+	
+	boost::asio::io_service& get_io_service() {
+		return m_io_service;
+	}
+	
+	boost::asio::ssl::context& get_context() {
+		return m_context;
+	}
+	
+	// Connection specific details
+	template <typename connection_type>
+	class connection {
+	public:
+		typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> ssl_socket;
+		
+		connection(ssl<endpoint_type>& e) : m_socket(e.get_io_service(),e.get_context()) {
+			std::cout << "setup ssl connection" << std::endl;
+		}
+		
+		void security_handshake() {
+			std::cout << "performing ssl security handshake" << std::endl;
+			
+			/*m_socket.get_io_service().post(
+				boost::bind(
+					&connection<connection_type>::test,
+					this
+				)
+			);*/
+			
+			m_socket.async_handshake(
+				boost::asio::ssl::stream_base::server,
+				boost::bind(
+					&connection<connection_type>::test,
+					this
+				)
+			);
+		}
+		
+		void test() {
+			static_cast< connection_type* >(this)->websocket_handshake();
+		}
+		
+		void handle_handshake(const boost::system::error_code& error) {
+			static_cast< connection_type* >(this)->websocket_handshake();
+		}
+		
+		ssl_socket::lowest_layer_type& get_socket() {
+			return m_socket.lowest_layer();
+		}
+	private:
+		ssl_socket m_socket;
+	};
+protected:
+	ssl (boost::asio::io_service& m) : m_io_service(m),m_context(boost::asio::ssl::context::sslv23) {
+		std::cout << "setup ssl endpoint" << std::endl;
+		
+		try {
+			m_context.set_options(boost::asio::ssl::context::default_workarounds |
+								 boost::asio::ssl::context::no_sslv2 |
+								 boost::asio::ssl::context::single_dh_use);
+			m_context.set_password_callback(boost::bind(&type::get_password, this));
+			m_context.use_certificate_chain_file("/Users/zaphoyd/Documents/ZS/websocketpp/src/ssl/server.pem");
+			m_context.use_private_key_file("/Users/zaphoyd/Documents/ZS/websocketpp/src/ssl/server.pem", boost::asio::ssl::context::pem);
+			m_context.use_tmp_dh_file("/Users/zaphoyd/Documents/ZS/websocketpp/src/ssl/dh512.pem");
+		} catch (std::exception& e) {
+			std::cout << e.what() << std::endl;
+		}
+	}
+private:
+	boost::asio::io_service& m_io_service;
+	boost::asio::ssl::context m_context;
+};
+
+// Endpoint roles
+template <class endpoint_type>
+class server {
+public:
+	typedef server<endpoint_type> server_type;
+	
+	typedef typename endpoint_traits<endpoint_type>::connection_ptr connection_ptr;
+	
+	typedef server_handler_ptr handler_ptr; // duplicated typedef
+	
+	server(boost::asio::io_service& m,handler_ptr h) 
+	 : m_handler(h),
+	   m_io_service(m),
+	   m_endpoint(),
+	   m_acceptor(m) {
+		std::cout << "setup server endpoint role" << std::endl;
+	}
+	
+	void listen(unsigned short port) {
+		m_endpoint.port(port);
+		m_acceptor.open(m_endpoint.protocol());
+		m_acceptor.set_option(boost::asio::socket_base::reuse_address(true));
+		m_acceptor.bind(m_endpoint);
+		m_acceptor.listen();
+		
+		this->accept();		
+		
+		
+		m_io_service.run();
+	}
+
+	void connect() {
+		static_cast< endpoint_type* >(this)->start();
+	}
+	
+	void public_api() {
+		std::cout << "endpoint::server::public_api()" << std::endl;
+	}
+protected:
+	handler_ptr get_handler() {
+		return m_handler;
+	}
+	
+	void protected_api() {
+		std::cout << "endpoint::server::protected_api()" << std::endl;
+	}
+private:
+	void accept() {
+		connection_ptr con = static_cast< endpoint_type* >(this)->create_connection();
+			
+		m_acceptor.async_accept(
+			con->get_socket(),
+			boost::bind(
+				&server_type::handle_accept,
+				this,
+				con,
+				boost::asio::placeholders::error
+			)
+		);
+	}
+	
+	void handle_accept(connection_ptr con, const boost::system::error_code& error) {
+		if (!error) {
+			con->security_handshake();
+		} else {
+			throw "";
+		}
+		
+		this->accept();
+	}
+
+	void private_api() {
+		std::cout << "endpoint::server::private_api()" << std::endl;
+	}
+	handler_ptr						m_handler;
+	boost::asio::io_service&		m_io_service;
+	boost::asio::ip::tcp::endpoint	m_endpoint;
+	boost::asio::ip::tcp::acceptor	m_acceptor;
+};
+
+template <class endpoint_type>
+class client {
+public:
+	//typedef connection::client connection_type;
+	typedef client_handler_ptr handler_ptr; // duplicated typedef
+	
+	client (boost::asio::io_service& m,handler_ptr h) : m_handler(h),m_io_service(m) {
+		std::cout << "setup client endpoint role" << std::endl;
+	}
+	
+	void connect() {
+		static_cast< endpoint_type* >(this)->start();
+	}
+	
+	void public_api() {
+		std::cout << "endpoint::client::public_api()" << std::endl;
+	}
+protected:
+	handler_ptr get_handler() {
+		return m_handler;
+	}
+	
+	void protected_api() {
+		std::cout << "endpoint::client::protected_api()" << std::endl;
+	}
+private:
+	void private_api() {
+		std::cout << "endpoint::client::private_api()" << std::endl;
+	}
+	handler_ptr m_handler;
+	boost::asio::io_service& m_io_service;
+};
+
+template <template <class> class endpoint_role,template <class> class security_type>
+class factory {
+public:
+	typedef endpoint<endpoint_role,security_type> endpoint_type;
+	typedef endpoint_role<endpoint_type> endpoint_interface;
+	typedef boost::shared_ptr<endpoint_interface> endpoint_ptr;
+	
+	typedef typename endpoint_type::handler_ptr handler_ptr;
+	
+	endpoint_ptr create(handler_ptr h) {
+		return endpoint_ptr(new endpoint_type(h));
+	}
+};
+
+}
+
+// application
+class application_server_handler : public server_handler {
+	void on_action() {
+		std::cout << "application_server_handler::on_action()" << std::endl;
+	}
+};
+
+class application_client_handler : public client_handler {
+	void on_action() {
+		std::cout << "application_client_handler::on_action()" << std::endl;
+	}
+};
+
+
+using endpoint::factory;
+
+int main () {
+	std::cout << "Endpoint 0" << std::endl;
+	server_handler_ptr h(new application_server_handler());
+	endpoint::endpoint<endpoint::server,endpoint::ssl> e(h);
+	e.listen(9000);
+	//e.connect();
+	//e.public_api();
+	std::cout << std::endl;
+	
+	/*std::cout << "Endpoint 1" << std::endl;
+	server_handler_ptr handler1(new application_server_handler());
+	factory<endpoint::server,endpoint::plain> ef1;
+	factory<endpoint::server,endpoint::plain>::endpoint_ptr e1(ef1.create(handler1));
+	e1->connect();
+	e1->public_api();
+	std::cout << std::endl;
+	
+	std::cout << "Endpoint 2" << std::endl;
+	server_handler_ptr handler2(new application_server_handler());
+	factory<endpoint::server,endpoint::ssl> ef2;
+	factory<endpoint::server,endpoint::ssl>::endpoint_ptr e2(ef2.create(handler2));
+	e2->connect();
+	e2->public_api();
+	std::cout << std::endl;
+	
+	std::cout << "Endpoint 3" << std::endl;
+	client_handler_ptr handler3(new application_client_handler());
+	factory<endpoint::client,endpoint::plain> ef3;
+	factory<endpoint::client,endpoint::plain>::endpoint_ptr e3(ef3.create(handler3));
+	e3->connect();
+	e3->public_api();
+	std::cout << std::endl;
+	
+	std::cout << "Endpoint 4" << std::endl;
+	client_handler_ptr handler4(new application_client_handler());
+	factory<endpoint::client,endpoint::ssl> ef4;
+	factory<endpoint::client,endpoint::ssl>::endpoint_ptr e4(ef4.create(handler4));
+	e4->connect();
+	e4->public_api();
+	std::cout << std::endl;*/
+	
+	//connection::connection<connection::ssl> c;
+	
+	//c.security_handshake();
+	
+	return 0;
+}
--- a/src/ssl/client.pem
+++ b/src/ssl/client.pem
@@ -0,0 +1,58 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,D6D356DA0705B377
+
+cRb4uuukdht80UjwGfEA6ekOwv/RV9o3LVrWtNfRC2TI4JvQUrl+P3zz5p9BVIAA
+7alpdy241/xMzF1GB2XM1jY6Yy9691sNGmddh6bXNjgDXpEQKJz6w9Weqb64B4Y6
+fcN4zuyQeDZ3srlzmrGrLu6d8LXxJkqLAxOiOi/pFMId1j901T5gEJgOTpVq1Whv
+esYe7YYCTHo4T1TKmiz/rS3lwSv66j9fJ9OGBXvyuTwHuHPdaCnADUBPlyjWMiaM
+HBu7LCttVp9wn3+eI0Gjc92er8rGwcuA8kRoEC3c8CreczC78Zia1AG+5x17aBRe
+WniJ9SBK9ygtaeMM+VjB2NDwg0R+5zz2jXj2Zy31m3QeUXtQ1oHOMbjUa6PsKeYa
+iob8ppI1bxveMqP91ZuB7V9aFnNzYFcaDaHHs5NXtjsjHe/G/1vd2pNh57Bh2k2o
+BEZotnOuV4at2PiXXydMZNKTG3JaIaDWSyM6ybFxvvJmgbid9py3/nzqrPrYUVS0
+/roMUfhO07v7alCBaXe5mfP0mYwRitXAZ8Wug4UmaabZ9Kg2VnyQgnNIWSiiRE0V
+V/mzyDOLg2QKycnJitWi8wmv7x8/jr2o6xF3NchwHCZgpoE0EMYgDPjOKIgNy7pB
+CFFys0LxP4q2DDZys3Ic49zi4uPcQwcJMGGwfBAPwtWTqpSx02P0jehJjYTBhLsu
+prsMlX0Letmqeqh9nc6jFGZ29Aqcf7HBwykKeYzGulr6pp3t5fiYRwWTzvvd/9an
+8Lc3mueLpP7vpKqQgEHySb+jvJIRq875QfO5C+4zPpgHMigg8GU/0tEhuG5GPdM2
+6X6EnpRkJ4G4AdAIqe5cwrxCUB62/maSTnDvu5vPIjlX6B/jL9RuaVwmpPGz+DUB
+4MpiJxGi3Ftf1fgWU/1FJxB4ugQCwhLinfx9L5ReUNcWPEbQCuYByM3GU34D/op+
+n+L2mih1gTQdqUpy/Ro9ARCocQdV96jKxoj5LnUhOLWLz3IaKkoEfjvhBIl4aFaj
+cQ1n4MgwJrqsnGLC9opmDBa+OqIOYq/rOxd3J/WDbXCBQZFozfw6ABYhJuqc/RPD
+2EcGJsGDx7HgNYHUfPklx1EpBSHzC+O7DsXDuNzMN2+x1N1c/I1zg6VzJqpUuPxn
+o90RWhT2752HZZXExckkAs3hDSUS5YZxny28rLTDw86PdvVZ52kAoUiY2MOUrt3O
+dOoyXvK5FhrDasNv2wfmGNbuLUN38lgayMkoP3dg0dQ9SrmbGjQ88aIWI6D1ndTg
+3M3htdhQM4WxpwA/PvkSrf5LpPSe8bmQMHfvJ3vbjePNiQTYe8fa6NZO+eBYrM5n
+Gooz+XSHlDwy1Y6jSf250Pl/hgIkMQovpiDp8PBWoGCnc69706qqlXn56ae1XN5+
+y/4/+jsgRCndQqrGINE2QpVdrK5fZjmWYowRmMA1vOKSTDLGzRpnPK8Bwov5a1bQ
+fY+v9wpqxvVTjZmBB1fhZ7dlp9AQ6cSil3jtrP4jk9afI/Q30ggAy+/TzqA/Rtz0
+nOSjlkwF87lpEu4phkj/+SqV7IXxqd6OE7XNY8fFxDN1fxq8Irk6tmOm9lX0vKz1
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIE0DCCA7igAwIBAgIJAPJpDwngMJONMA0GCSqGSIb3DQEBBQUAMIGgMQswCQYD
+VQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xGDAW
+BgNVBAoTD1phcGhveWQgU3R1ZGlvczEUMBIGA1UECxMLV2ViU29ja2V0KysxFjAU
+BgNVBAMTDVBldGVyIFRob3Jzb24xJDAiBgkqhkiG9w0BCQEWFXdlYm1hc3RlckB6
+YXBob3lkLmNvbTAeFw0xMTExMTUyMTIxMDJaFw0xMjExMTQyMTIxMDJaMIGgMQsw
+CQYDVQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28x
+GDAWBgNVBAoTD1phcGhveWQgU3R1ZGlvczEUMBIGA1UECxMLV2ViU29ja2V0Kysx
+FjAUBgNVBAMTDVBldGVyIFRob3Jzb24xJDAiBgkqhkiG9w0BCQEWFXdlYm1hc3Rl
+ckB6YXBob3lkLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANgl
+ZLPFaHf+vVrKB6R//8ylv6GJ7wdQ5PNCZpAHzd8BI/KPdHQShZZa7YmSbJ1oFzDC
+K5XGr5n0y7LCLyqHAJgEgwFjSxlx7IFjWR2MMVxMgPA+fRKGHJH4f2lLbAYea7Xi
+s+3VMANSO9epKnhJJdPkNFhsGHBbBulXX5SxRbdeHtNq1IpueQF96jfRRTiLye1v
+gHaTSVSLxkDC95v+NJNehrVA0GomX1TnJ+X0tFIVFXSLkOXhBkff0aLy7/C+vb5
+CHGAI+fI/+mdc7sXtcmagbMQPMaL48ANK4n7qrnKfDJi/dWzLvdul/FeLsHd8xWw
+mTNGnVWcZeaU1NnxMZUCAwEAAaOCAQkwggEFMB0GA1UdDgQWBBQRiyJb1jsUEoRv
+33P+OdSJJeSVCTCB1QYDVR0jBIHNMIHKgBQRiyJb1jsUEoRv33P+OdSJJeSVCaGB
+pqSBozCBoDELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlub2lzMRAwDgYDVQQH
+EwdDaGljYWdvMRgwFgYDVQQKEw9aYXBob3lkIFN0dWRpb3MxFDASBgNVBAsTC1dl
+YlNvY2tldCsrMRYwFAYDVQQDEw1QZXRlciBUaG9yc29uMSQwIgYJKoZIhvcNAQkB
+FhV3ZWJtYXN0ZXJAemFwaG95ZC5jb22CCQDyaQ8J4DCTjTAMBgNVHRMEBTADAQH/
+MA0GCSqGSIb3DQEBBQUAA4IBAQAv2D8s4wFvhJCTnHk72uEt3MoNEkQBpM+nAbLC
+HXhwBuyYcfIO+Q1ft8oZ/p9EZjHnlQQZMnH2YsY/FxERgqGJuGCImf9w/f7zYRHQ
+pfeGXm50GRP0PGuE0xI3TJ+NjalOCkjCoTbtNKxLwxWciNBAGaaPempjgFaaX1T9
+OGfH+mXY7/cvR8yemDRrKkzPSjEbjEu5wQd7H/f7JBsYLpYQOPxxbPb7vqPQomqn
+Q+WAZXDOSEbxq7EruD9GKhuZ0b91vfFlG2oZP4rA2oa6pwVWqW7X50znTpASJEY9
+4xEMcOliTOY6+LMq9693SQZO1l+LuzPMBmJfsLBFPawdf8mT
+-----END CERTIFICATE-----
--- a/src/ssl/dh512.pem
+++ b/src/ssl/dh512.pem
@@ -0,0 +1,12 @@
+Diffie-Hellman-Parameters: (512 bit)
+    prime:
+        00:ba:24:79:08:45:94:52:3d:6c:be:3b:a9:a2:13:
+        6e:e3:df:1f:ce:3a:35:08:be:60:89:2a:d2:fa:e4:
+        10:c5:d1:ea:49:7e:12:64:1a:e9:bc:4e:6e:fa:6b:
+        12:5a:88:28:d0:22:f7:52:fe:9a:a1:42:a5:cc:db:
+        d9:96:a3:ed:6f
+    generator: 5 (0x5)
+-----BEGIN DH PARAMETERS-----
+MEYCQQC6JHkIRZRSPWy+O6miE27j3x/OOjUIvmCJKtL65BDF0epJfhJkGum8Tm76
+axJaiCjQIvdS/pqhQqXM29mWo+1vAgEF
+-----END DH PARAMETERS-----
--- a/src/ssl/server.cer
+++ b/src/ssl/server.cer
@@ -0,0 +1,40 @@
+-----BEGIN CERTIFICATE-----
+MIIDQzCCAiugAwIBAgIBAjALBgkqhkiG9w0BAQswTDEYMBYGA1UEAwwPWmFwaG95
+ZCBTdHVkaW9zMQswCQYDVQQGEwJVUzEjMCEGCSqGSIb3DQEJARYUemFwaG95ZEB1
+Y2hpY2Fnby5lZHUwHhcNMTExMTE1MjE0NDQ2WhcNMTIxMTE0MjE0NDQ2WjBUMSAw
+HgYDVQQDDBdXZWJTb2NrZXQrKyBTZXJ2ZXIgVGVzdDELMAkGA1UEBhMCVVMxIzAh
+BgkqhkiG9w0BCQEWFHphcGhveWRAdWNoaWNhZ28uZWR1MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAz4iD0ZGDVk8qscrQgZ4BPkhKiaSUWTWTKYiquddT
+4J0C0RIy/RVFeNEZeUL4gzKoRJvG37GxvbMIOYriP9Xm3ydJSvLU7JTs+3yqYTen
+3U5xlKNwOjpc79Mp+O7ciJ36cZ8ATCoqQexf6B6IGCS7/Zo4VTj+YuKdaizZKY3X
+FDEp4UYYNGzWtTj5rQhE5SRK9O0V67fG8598GXsP1lcXlnR84UyP1vkdQVuJ0PPJ
+56okHoz9d52XiIliweQaC1F740zKtAdA2Ul8eSOfRneoMzzzN2LcqPMysTV2Mjut
+iecxeH+A/5aGhaDoaeZkzPkyVyYxZeGPszQ5Bqw3epY0jwIDAQABoyowKDAOBgNV
+HQ8BAf8EBAMCB4AwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQEL
+BQADggEBAFiRTh/TLAPGggHY/5SmXkbGaZ0htoRdAvM43J2MGayDmTlP3yZZY/rc
+vLtJrPnmZvVUsQhpnGMF3ZFBtrE0Tllq2DlqJeJOyoV+jQNzD1cRlJUnoFdM8WV1
+7HcVzJx7DoxjFPBn6AHjyCW6S3TKQNpsAd/kvV3lUsJyZf/7Z/un7Nc5FNWo5mkp
+NMYFIxTJGZNPGl0jVS59Wd7fuNVXqEBz22Bx6xFxKcJVEgRFy46arwUhjzh8mDBb
+bpt2AWq9i4kujlOYi585aUt8zqWS8gl7rG7D/EQOuiWEEmuzeuRkyGZf82HmXLjN
+lq7q/lcZji2slXMBRCu5mIG50YHKKmU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDQzCCAiugAwIBAgIBAjALBgkqhkiG9w0BAQswTDEYMBYGA1UEAwwPWmFwaG95
+ZCBTdHVkaW9zMQswCQYDVQQGEwJVUzEjMCEGCSqGSIb3DQEJARYUemFwaG95ZEB1
+Y2hpY2Fnby5lZHUwHhcNMTExMTE1MjE0NDQ2WhcNMTIxMTE0MjE0NDQ2WjBUMSAw
+HgYDVQQDDBdXZWJTb2NrZXQrKyBTZXJ2ZXIgVGVzdDELMAkGA1UEBhMCVVMxIzAh
+BgkqhkiG9w0BCQEWFHphcGhveWRAdWNoaWNhZ28uZWR1MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAz4iD0ZGDVk8qscrQgZ4BPkhKiaSUWTWTKYiquddT
+4J0C0RIy/RVFeNEZeUL4gzKoRJvG37GxvbMIOYriP9Xm3ydJSvLU7JTs+3yqYTen
+3U5xlKNwOjpc79Mp+O7ciJ36cZ8ATCoqQexf6B6IGCS7/Zo4VTj+YuKdaizZKY3X
+FDEp4UYYNGzWtTj5rQhE5SRK9O0V67fG8598GXsP1lcXlnR84UyP1vkdQVuJ0PPJ
+56okHoz9d52XiIliweQaC1F740zKtAdA2Ul8eSOfRneoMzzzN2LcqPMysTV2Mjut
+iecxeH+A/5aGhaDoaeZkzPkyVyYxZeGPszQ5Bqw3epY0jwIDAQABoyowKDAOBgNV
+HQ8BAf8EBAMCB4AwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQEL
+BQADggEBAFiRTh/TLAPGggHY/5SmXkbGaZ0htoRdAvM43J2MGayDmTlP3yZZY/rc
+vLtJrPnmZvVUsQhpnGMF3ZFBtrE0Tllq2DlqJeJOyoV+jQNzD1cRlJUnoFdM8WV1
+7HcVzJx7DoxjFPBn6AHjyCW6S3TKQNpsAd/kvV3lUsJyZf/7Z/un7Nc5FNWo5mkp
+NMYFIxTJGZNPGl0jVS59Wd7fuNVXqEBz22Bx6xFxKcJVEgRFy46arwUhjzh8mDBb
+bpt2AWq9i4kujlOYi585aUt8zqWS8gl7rG7D/EQOuiWEEmuzeuRkyGZf82HmXLjN
+lq7q/lcZji2slXMBRCu5mIG50YHKKmU=
+-----END CERTIFICATE-----
--- a/src/ssl/server.pem
+++ b/src/ssl/server.pem
@@ -0,0 +1,58 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,A0ED66EF872A48A9
+
+gXuvKojXzApVhhPVNdRliiajbC4PtwQG5c8TA7JADLgwOR7o9t6KtXEr37bDRpvB
+9aO9P+SJaK5OOp3XKPGthOdqv+tvCRTlmzmC8GjPLBX389DWT2xoGu7JkGwDtdSm
+rnF49Rlp5bfjpACk5xKNiKeDo1CWfeEJzw9Kto0g+5eMaEdors64oPzjXs3geA2g
+TxCJSHv9qSX6++pCLKKCUTbyzidAxV/Zb0AAubt5V40QKqX4HhSwwstFnTaX3tlb
+3QOdY+y04VIkM6d7qN5W8M7NzRkMpZ1qBpQcUMpkhQcRzWP2wub5AAff9D2GntRd
+4Dz1vn3u41U3Okdr0CNj+iH7byCzuokoAhk6ZQEN6WB+GTpGgfBXdtUZrfpb0MKm
+UNYP5AF2AmUqJRXhViTDVtu/V2tHF3LGuNT+W2Dz+spFZEq0byEO0N858eR0dikc
+6jOASvNQbSwD0+mkgBC1gXKKU3ngj2gpJUwljeACdWFd8N2egrZfyI05CmX7vPNC
+NXbs7k2buWNdjP4/D8IM+HDVidWzQa/kG/qokXKqllem9Egg37lUucwnP3cX2/Hw
+U2mfaBWzeZtqc+GqRp08rYIql+Reai3sUYlQMnNk01prVY47UQb+dxuqjaxGV5Xx
+Xkx0s2mfQnNRjL4S7Hjhqelufi6GpkCQ2EGsPpA+6K1ztZ0ame9Q2BE1SXeM/6vU
+rxT5nRrCxueyXAyQSGcqMX9//gSeK8WWBqG/c1IAMVDa0NWrJeOJhSziE+ta3B0m
+bHAPBY6vh0iB3lLdRlbUOPbC6R1TpxMOs+6Vbs2+OTifFpvOVymEoZq/nroyg68P
+vn5uCKogwWA7o8EArf/UTlIwWJmH9bgILdZKld4wMel2HQg16RDzm+mEXAJi52a/
+FC+fgfphdxltmUJ+rqOyR4AHULjaTWUQqTIB6sdlzgmES1nXAiE71zX//KFqomar
+O60SPPk3C1bs0x5DsvmGJa8SIfDhyd+D7NPyqwEKqrZsaotYGklNkfqxa6pa8mrc
+ejxquW1PK4FvBk26+osu5a90Jih0PcQM7DUMMr2WHdTiMSXWAiK2ToYF8Itt25Qv
+Cd0CsSYw9CJkXNr1u1+mObheaY9QYOmztnSJLy4ZO2JsMhqNwuAueIcwmhXOREq7
+kzlnGMgJcuSeAS/OBNj8Zgx0c7QQ0kzc+YmnOCsqoMtPsu/CsXJ4iJiM3Tki/2jT
+bywrTiQwE6R3a/87GREOREX+WLicZBWX3k9/4tBL5XSe1p5wPpuIRQUDvAGNfNHP
+JN7kujDF4SehilF1qtvCygAwvxHFDj+EwhXKNDKJzoZZIM15rAk3k92n2j6nz1qH
+a3xOU05yydOlO6F6w51I1QoDddmkzCRNB0TeO3D6rekHsCK1aDWmC+qRcm2ZFtVz
+sY6fdZN2NEmMQokIh9Opi1f8CSYSizPESMzdu2SF0xVO9n/IGIkn1ksK04O2BZo0
+X3LBPHLfCRsQNY1eF17bj07fYU2oPZKs/XzJiwxkqK6LFvpeAVaYrtg9fqRO/UVe
+QhUIj3BL550ocEpa15xLehLrmwzYiW5zwGjSHQ4EgZluGLCwyKGTh4QswEJRA9Rt
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIE0DCCA7igAwIBAgIJAM5MuKJezXq0MA0GCSqGSIb3DQEBBQUAMIGgMQswCQYD
+VQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xGDAW
+BgNVBAoTD1phcGhveWQgU3R1ZGlvczEUMBIGA1UECxMLV2ViU29ja2V0KysxFjAU
+BgNVBAMTDVBldGVyIFRob3Jzb24xJDAiBgkqhkiG9w0BCQEWFXdlYm1hc3RlckB6
+YXBob3lkLmNvbTAeFw0xMTExMTUyMTIwMDZaFw0xMjExMTQyMTIwMDZaMIGgMQsw
+CQYDVQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28x
+GDAWBgNVBAoTD1phcGhveWQgU3R1ZGlvczEUMBIGA1UECxMLV2ViU29ja2V0Kysx
+FjAUBgNVBAMTDVBldGVyIFRob3Jzb24xJDAiBgkqhkiG9w0BCQEWFXdlYm1hc3Rl
+ckB6YXBob3lkLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANR0
+tdwAnIB8I9qRZ7QbzEWY95RpM7GIn0u/9oH90PzdHiE0rXSkKT+yw3XUzH0iw5t0
+5dEwSC+srSP5Vm4cA6kXc94agVVaPW89tGcdP4fHptCruSrzQsDXELCPl5UUvMpA
+YUcGisdXYPN/EeOoqb9wKWxoW5mREsyyeWWS89fYN5qU/d0QpbSvEWghqLbL/ZS2
+hOlXT9LufOeA+vHiV1/T/h5xC7ecIH02YDQw1EnqxbPmkLPcWThztLS9FiufNDRM
+Rhcoaj2b9VDHvDwdbeA0T5v5qNdG34LaapYOelxzQMOtM0f9Dgqehodyxl2qm9mR
+lq432dlOEzDnVCPNHwECAwEAAaOCAQkwggEFMB0GA1UdDgQWBBTTPKfNMnKOykhv
+vKS7vql5JsMyzCB1QYDVR0jBIHNMIHKgBTTPKfNMnKOykhv+vKS7vql5JsMy6GB
+pqSBozCBoDELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlub2lzMRAwDgYDVQQH
+EwdDaGljYWdvMRgwFgYDVQQKEw9aYXBob3lkIFN0dWRpb3MxFDASBgNVBAsTC1dl
+YlNvY2tldCsrMRYwFAYDVQQDEw1QZXRlciBUaG9yc29uMSQwIgYJKoZIhvcNAQkB
+FhV3ZWJtYXN0ZXJAemFwaG95ZC5jb22CCQDOTLiiXs16tDAMBgNVHRMEBTADAQH/
+MA0GCSqGSIb3DQEBBQUAA4IBAQB+SH0s/hrv5VYqgX6SNLzxdSLvCVsUkCdTpxwY
+wOJ84XmYcXDMhKDtZqLtOtN6pfEwVusFlC9mkieuunztCnWNmsSG83RuljJPjFSi
+1d4Id4bKEQkQ4cfnjoHKivRrViWLnxuNnLzC6tpyGH/35kKWhhr6T58AXerFgVw3
+mHvLPTr1DuhdAZA0ZuvuseVAFFAjI3RetSySwHJE3ak8KswDVfLi6E3XxMVsIWTS
+/iFsC2WwoZQlljya2V/kRYIhu+uCdqJ01wunn2BvmURPSgr4GTBF0FQ9JGpNbXxM
+TAU7oQJgyFc5sCcuEgPTO0dWVQTvdZVgay4tkmduKDRkmJBF
+-----END CERTIFICATE-----
--- a/websocketpp.xcodeproj/project.pbxproj
+++ b/websocketpp.xcodeproj/project.pbxproj
@@ -75,6 +75,11 @@
 		B6FE8D191468708200B32547 /* md5.h in Headers */ = {isa = PBXBuildFile; fileRef = B6FE8D1714686A8500B32547 /* md5.h */; };
 		B6FE8D1A1468709300B32547 /* md5.c in Sources */ = {isa = PBXBuildFile; fileRef = B6FE8D1614686A8500B32547 /* md5.c */; };
 		B6FE8D1B1468709A00B32547 /* md5.h in Headers */ = {isa = PBXBuildFile; fileRef = B6FE8D1714686A8500B32547 /* md5.h */; };
+		B6FE8D5514730AEA00B32547 /* Policy_Test.1 in CopyFiles */ = {isa = PBXBuildFile; fileRef = B6FE8D5414730AEA00B32547 /* Policy_Test.1 */; };
+		B6FE8D5914730B0300B32547 /* policy.cpp in Sources */ = {isa = PBXBuildFile; fileRef = B6FE8D4914730AA600B32547 /* policy.cpp */; };
+		B6FE8D5A14730B1200B32547 /* libboost_system.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = B6DF1CBC1434AE070029A1B1 /* libboost_system.dylib */; };
+		B6FE8D5C14730B1A00B32547 /* libcrypto.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = B6FE8D5B14730B1A00B32547 /* libcrypto.dylib */; };
+		B6FE8D5E14730B2200B32547 /* libssl.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = B6FE8D5D14730B2200B32547 /* libssl.dylib */; };
 /* End PBXBuildFile section */

 /* Begin PBXContainerItemProxy section */
@@ -122,6 +127,16 @@
 			);
 			runOnlyForDeploymentPostprocessing = 1;
 		};
+		B6FE8D4D14730AE900B32547 /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 2147483647;
+			dstPath = /usr/share/man/man1/;
+			dstSubfolderSpec = 0;
+			files = (
+				B6FE8D5514730AEA00B32547 /* Policy_Test.1 in CopyFiles */,
+			);
+			runOnlyForDeploymentPostprocessing = 1;
+		};
 /* End PBXCopyFilesBuildPhase section */

 /* Begin PBXFileReference section */
@@ -199,6 +214,12 @@
 		B6FE8D1714686A8500B32547 /* md5.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; name = md5.h; path = src/md5/md5.h; sourceTree = "<group>"; };
 		B6FE8D2E146C2C9500B32547 /* hybi_legacy_processor.hpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.h; name = hybi_legacy_processor.hpp; path = src/hybi_legacy_processor.hpp; sourceTree = "<group>"; };
 		B6FE8D30146C721200B32547 /* hybi_processor.hpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.h; name = hybi_processor.hpp; path = src/hybi_processor.hpp; sourceTree = "<group>"; };
+		B6FE8D4914730AA600B32547 /* policy.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; name = policy.cpp; path = src/policy.cpp; sourceTree = "<group>"; };
+		B6FE8D4F14730AE900B32547 /* Policy Test */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = "Policy Test"; sourceTree = BUILT_PRODUCTS_DIR; };
+		B6FE8D5214730AEA00B32547 /* main.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = main.cpp; sourceTree = "<group>"; };
+		B6FE8D5414730AEA00B32547 /* Policy_Test.1 */ = {isa = PBXFileReference; lastKnownFileType = text.man; path = Policy_Test.1; sourceTree = "<group>"; };
+		B6FE8D5B14730B1A00B32547 /* libcrypto.dylib */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.dylib"; name = libcrypto.dylib; path = usr/lib/libcrypto.dylib; sourceTree = SDKROOT; };
+		B6FE8D5D14730B2200B32547 /* libssl.dylib */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.dylib"; name = libssl.dylib; path = usr/lib/libssl.dylib; sourceTree = SDKROOT; };
 /* End PBXFileReference section */

 /* Begin PBXFrameworksBuildPhase section */
@@ -252,6 +273,16 @@
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
+		B6FE8D4C14730AE900B32547 /* Frameworks */ = {
+			isa = PBXFrameworksBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				B6FE8D5E14730B2200B32547 /* libssl.dylib in Frameworks */,
+				B6FE8D5C14730B1A00B32547 /* libcrypto.dylib in Frameworks */,
+				B6FE8D5A14730B1200B32547 /* libboost_system.dylib in Frameworks */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
 /* End PBXFrameworksBuildPhase section */

 /* Begin PBXGroup section */
@@ -298,6 +329,8 @@
 		B6DF1C451434A5940029A1B1 = {
 			isa = PBXGroup;
 			children = (
+				B6FE8D5D14730B2200B32547 /* libssl.dylib */,
+				B6FE8D5B14730B1A00B32547 /* libcrypto.dylib */,
 				B6FE8CEB145A0F1900B32547 /* libboost_program_options.dylib */,
 				B6CF182B1437C3CA009295BE /* libboost_system.dylib */,
 				B682888E14374689002BA48B /* libboost_thread.dylib */,
@@ -309,6 +342,7 @@
 				B6DF1CC51435ECE40029A1B1 /* libraries */,
 				B6138791145CA6F700ED9B19 /* Makefile */,
 				B6DF1C7F1434ABB70029A1B1 /* src */,
+				B6FE8D5114730AE900B32547 /* Policy Test */,
 				B6DF1C6A1434A7A30029A1B1 /* Products */,
 			);
 			sourceTree = "<group>";
@@ -321,6 +355,7 @@
 				B6DF1CD11435ED910029A1B1 /* echo_server */,
 				B682887D143745F2002BA48B /* chat_client */,
 				B6CF181C1437C397009295BE /* echo_client */,
+				B6FE8D4F14730AE900B32547 /* Policy Test */,
 			);
 			name = Products;
 			sourceTree = "<group>";
@@ -336,6 +371,7 @@
 				B61387A4145D847A00ED9B19 /* http */,
 				B6FE8D09145B0F7400B32547 /* rng */,
 				B6FE8D05145AFF5F00B32547 /* websocket_constants.hpp */,
+				B6FE8D4914730AA600B32547 /* policy.cpp */,
 				B6DF1C921434AC470029A1B1 /* websocket_client_session.cpp */,
 				B6DF1C931434AC470029A1B1 /* websocket_client_session.hpp */,
 				B6DF1C941434AC470029A1B1 /* websocket_client.cpp */,
@@ -474,6 +510,15 @@
 			name = md5;
 			sourceTree = "<group>";
 		};
+		B6FE8D5114730AE900B32547 /* Policy Test */ = {
+			isa = PBXGroup;
+			children = (
+				B6FE8D5214730AEA00B32547 /* main.cpp */,
+				B6FE8D5414730AEA00B32547 /* Policy_Test.1 */,
+			);
+			path = "Policy Test";
+			sourceTree = "<group>";
+		};
 /* End PBXGroup section */

 /* Begin PBXHeadersBuildPhase section */
@@ -611,6 +656,23 @@
 			productReference = B6DF1CD11435ED910029A1B1 /* echo_server */;
 			productType = "com.apple.product-type.tool";
 		};
+		B6FE8D4E14730AE900B32547 /* policy_test */ = {
+			isa = PBXNativeTarget;
+			buildConfigurationList = B6FE8D5614730AEA00B32547 /* Build configuration list for PBXNativeTarget "policy_test" */;
+			buildPhases = (
+				B6FE8D4B14730AE900B32547 /* Sources */,
+				B6FE8D4C14730AE900B32547 /* Frameworks */,
+				B6FE8D4D14730AE900B32547 /* CopyFiles */,
+			);
+			buildRules = (
+			);
+			dependencies = (
+			);
+			name = policy_test;
+			productName = "Policy Test";
+			productReference = B6FE8D4F14730AE900B32547 /* Policy Test */;
+			productType = "com.apple.product-type.tool";
+		};
 /* End PBXNativeTarget section */

 /* Begin PBXProject section */
@@ -636,6 +698,7 @@
 				B6DF1CD01435ED910029A1B1 /* echo_server */,
 				B682887C143745F2002BA48B /* chat_client */,
 				B6CF181B1437C397009295BE /* echo_client */,
+				B6FE8D4E14730AE900B32547 /* policy_test */,
 			);
 		};
 /* End PBXProject section */
@@ -699,6 +762,14 @@
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
+		B6FE8D4B14730AE900B32547 /* Sources */ = {
+			isa = PBXSourcesBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				B6FE8D5914730B0300B32547 /* policy.cpp in Sources */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
 /* End PBXSourcesBuildPhase section */

 /* Begin PBXTargetDependency section */
@@ -936,6 +1007,44 @@
 			};
 			name = Release;
 		};
+		B6FE8D5714730AEA00B32547 /* Debug */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ALWAYS_SEARCH_USER_PATHS = NO;
+				ARCHS = "$(ARCHS_STANDARD_64_BIT)";
+				GCC_C_LANGUAGE_STANDARD = gnu99;
+				GCC_DYNAMIC_NO_PIC = NO;
+				GCC_ENABLE_OBJC_EXCEPTIONS = YES;
+				GCC_OPTIMIZATION_LEVEL = 0;
+				GCC_PREPROCESSOR_DEFINITIONS = (
+					"DEBUG=1",
+					"$(inherited)",
+				);
+				GCC_SYMBOLS_PRIVATE_EXTERN = NO;
+				GCC_VERSION = com.apple.compilers.llvm.clang.1_0;
+				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
+				GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES;
+				MACOSX_DEPLOYMENT_TARGET = 10.7;
+				PRODUCT_NAME = "$(TARGET_NAME)";
+			};
+			name = Debug;
+		};
+		B6FE8D5814730AEA00B32547 /* Release */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ALWAYS_SEARCH_USER_PATHS = NO;
+				ARCHS = "$(ARCHS_STANDARD_64_BIT)";
+				DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";
+				GCC_C_LANGUAGE_STANDARD = gnu99;
+				GCC_ENABLE_OBJC_EXCEPTIONS = YES;
+				GCC_VERSION = com.apple.compilers.llvm.clang.1_0;
+				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
+				GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES;
+				MACOSX_DEPLOYMENT_TARGET = 10.7;
+				PRODUCT_NAME = "$(TARGET_NAME)";
+			};
+			name = Release;
+		};
 /* End XCBuildConfiguration section */

 /* Begin XCConfigurationList section */
@@ -993,6 +1102,14 @@
 			defaultConfigurationIsVisible = 0;
 			defaultConfigurationName = Release;
 		};
+		B6FE8D5614730AEA00B32547 /* Build configuration list for PBXNativeTarget "policy_test" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				B6FE8D5714730AEA00B32547 /* Debug */,
+				B6FE8D5814730AEA00B32547 /* Release */,
+			);
+			defaultConfigurationIsVisible = 0;
+		};
 /* End XCConfigurationList section */
 	};
 	rootObject = B6DF1C471434A5940029A1B1 /* Project object */;