|
version 1.79, 2007/05/09 19:17:59
|
version 1.80, 2007/05/25 18:35:13
|
|
|
|
| | |
| #ifdef PEGASUS_HAS_SSL | #ifdef PEGASUS_HAS_SSL |
| # include <Pegasus/Common/Config.h> | # include <Pegasus/Common/Config.h> |
| |
# include <Pegasus/Common/Executor.h> |
| # include <Pegasus/Common/Network.h> | # include <Pegasus/Common/Network.h> |
| # define OPENSSL_NO_KRB5 1 | # define OPENSSL_NO_KRB5 1 |
| # include <openssl/err.h> | # include <openssl/err.h> |
|
|
|
| { | { |
| PEG_METHOD_ENTER(TRC_SSL, "_verifyPrivateKey()"); | PEG_METHOD_ENTER(TRC_SSL, "_verifyPrivateKey()"); |
| | |
| if (SSL_CTX_use_PrivateKey_file( |
// Open the private key file. |
| ctx, keyPath.getCString(), SSL_FILETYPE_PEM) <= 0) |
|
| |
FILE* is = Executor::openFile(keyPath.getCString(), 'r'); |
| |
|
| |
if (!is) |
| |
{ |
| |
PEG_TRACE_STRING(TRC_SSL, Tracer::LEVEL2, |
| |
String("failed to open private key file: ") + String(keyPath)); |
| |
return false; |
| |
} |
| |
|
| |
// Read the private key from the input stream. |
| |
|
| |
EVP_PKEY* pkey; |
| |
pkey = PEM_read_PrivateKey(is, NULL, NULL, NULL); |
| |
|
| |
if (!pkey) |
| |
{ |
| |
PEG_TRACE_STRING( |
| |
TRC_SSL, Tracer::LEVEL2, "failed to create private key"); |
| |
return false; |
| |
} |
| |
|
| |
// Close the input stream. |
| |
|
| |
fclose(is); |
| |
|
| |
// Associate the new private key with the SSL context object. |
| |
|
| |
if (SSL_CTX_use_PrivateKey(ctx, pkey) <= 0) |
| { | { |
| PEG_TRACE_STRING(TRC_SSL, Tracer::LEVEL2, | PEG_TRACE_STRING(TRC_SSL, Tracer::LEVEL2, |
| "---> SSL: no private key found in " + String(keyPath)); | "---> SSL: no private key found in " + String(keyPath)); |
|
|
|
| return false; | return false; |
| } | } |
| | |
| |
// Check private key for validity. |
| |
|
| if (!SSL_CTX_check_private_key(ctx)) | if (!SSL_CTX_check_private_key(ctx)) |
| { | { |
| PEG_TRACE_CSTRING(TRC_SSL, Tracer::LEVEL2, | PEG_TRACE_CSTRING(TRC_SSL, Tracer::LEVEL2, |
Return to
SSLContext.cpp
CVS log
Up to [Pegasus] / pegasus / src / Pegasus / Common