|
version 1.3, 2002/07/31 21:08:40
|
version 1.4, 2002/08/06 21:28:35
|
|
|
|
| #include <Pegasus/Common/Destroyer.h> | #include <Pegasus/Common/Destroyer.h> |
| #include <Pegasus/Common/Socket.h> | #include <Pegasus/Common/Socket.h> |
| #include <Pegasus/Common/Tracer.h> | #include <Pegasus/Common/Tracer.h> |
| #include <Pegasus/Config/ConfigManager.h> |
|
| | |
| #include "SSLContext.h" | #include "SSLContext.h" |
| #include "SSLContextRep.h" | #include "SSLContextRep.h" |
|
|
|
| | |
| PEGASUS_NAMESPACE_BEGIN | PEGASUS_NAMESPACE_BEGIN |
| | |
| |
// switch on if 'server needs certified client' |
| |
//#define CLIENT_CERTIFY |
| | |
| // | // |
| // use the following definitions only if SSL is available | // use the following definitions only if SSL is available |
|
|
|
| SSL_CTX_set_mode(_SSLContext, SSL_MODE_AUTO_RETRY); | SSL_CTX_set_mode(_SSLContext, SSL_MODE_AUTO_RETRY); |
| SSL_CTX_set_options(_SSLContext,SSL_OP_ALL); | SSL_CTX_set_options(_SSLContext,SSL_OP_ALL); |
| | |
| // |
#ifdef CLIENT_CERTIFY |
| // Check if the client certificate verification is required |
|
| // |
|
| ConfigManager* configManager = ConfigManager::getInstance(); |
|
| |
|
| if (String::equalNoCase( |
|
| configManager->getCurrentValue("enableClientCertification"), "true")) |
|
| { |
|
| SSL_CTX_set_verify(_SSLContext, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, | SSL_CTX_set_verify(_SSLContext, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, |
| prepareForCallback); | prepareForCallback); |
| } |
#else |
| else |
|
| { |
|
| if (verifyCert != NULL) | if (verifyCert != NULL) |
| { | { |
| SSL_CTX_set_verify(_SSLContext, | SSL_CTX_set_verify(_SSLContext, |
| SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, prepareForCallback); | SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, prepareForCallback); |
| } | } |
| } |
#endif |
| | |
| // | // |
| // check certificate given to me | // check certificate given to me |
Return to
SSLContext.cpp
CVS log
Up to [Pegasus] / pegasus / src / Pegasus / Common