diff options
| author | Anthony Neal <aneal@zeroc.com> | 2002-03-19 19:59:40 +0000 |
|---|---|---|
| committer | Anthony Neal <aneal@zeroc.com> | 2002-03-19 19:59:40 +0000 |
| commit | 285fbbfd2f7133eeb246b342b49417e1b88a725e (patch) | |
| tree | e93702456b8d4e777f41e798b80f21e8f6ac10f9 /cpp/src/Ice/SystemOpenSSL.cpp | |
| parent | Updated to allow for binary representation of trusted certificates. (diff) | |
| download | ice-285fbbfd2f7133eeb246b342b49417e1b88a725e.tar.bz2 ice-285fbbfd2f7133eeb246b342b49417e1b88a725e.tar.xz ice-285fbbfd2f7133eeb246b342b49417e1b88a725e.zip | |
Updated to support binary addition of trusted certificates.
Diffstat (limited to 'cpp/src/Ice/SystemOpenSSL.cpp')
| -rw-r--r-- | cpp/src/Ice/SystemOpenSSL.cpp | 52 |
1 files changed, 43 insertions, 9 deletions
diff --git a/cpp/src/Ice/SystemOpenSSL.cpp b/cpp/src/Ice/SystemOpenSSL.cpp index 098f09daaba..9a242da85ce 100644 --- a/cpp/src/Ice/SystemOpenSSL.cpp +++ b/cpp/src/Ice/SystemOpenSSL.cpp @@ -23,6 +23,7 @@ // #include <IceUtil/Config.h> #include <IceUtil/Mutex.h> +#include <IceUtil/RecMutex.h>
#include <Ice/SslConnectionOpenSSL.h> #include <Ice/SystemOpenSSL.h> #include <Ice/SslException.h> @@ -47,6 +48,8 @@ using IceSSL::SystemInternalPtr; IceSSL::ConnectionPtr IceSSL::OpenSSL::System::createConnection(ContextType connectionType, int socket) { + IceUtil::RecMutex::Lock sync(_configMutex);
+
if (connectionType == ClientServer) { UnsupportedContextException unsupportedException(__FILE__, __LINE__); @@ -103,6 +106,8 @@ IceSSL::OpenSSL::System::shutdown() bool IceSSL::OpenSSL::System::isConfigured(ContextType contextType) { + IceUtil::RecMutex::Lock sync(_configMutex);
+
bool retCode = false; switch (contextType) @@ -132,6 +137,8 @@ IceSSL::OpenSSL::System::isConfigured(ContextType contextType) void IceSSL::OpenSSL::System::configure(ContextType contextType) { + IceUtil::RecMutex::Lock sync(_configMutex);
+
switch (contextType) { case Client : @@ -158,7 +165,7 @@ IceSSL::OpenSSL::System::configure(ContextType contextType) string serverCertPath = _properties->getProperty("Ice.SSL.Server.CertPath"); // Short cut, so that we only have to load the file once. - if ((clientConfigFile == serverConfigFile) && (clientCertPath == serverCertPath)) + if ((clientConfigFile == serverConfigFile) && (clientCertPath == serverCertPath))
{ loadConfig(ClientServer, clientConfigFile, clientCertPath); } @@ -170,7 +177,10 @@ IceSSL::OpenSSL::System::configure(ContextType contextType) break; } } -} +}
+
+
+ void IceSSL::OpenSSL::System::loadConfig(ContextType contextType, @@ -218,8 +228,8 @@ IceSSL::OpenSSL::System::loadConfig(ContextType contextType, // Actually parse the file now. sslConfig.process(); - - if (contextType == Client || contextType == ClientServer) +
+ if ((contextType == Client || contextType == ClientServer)) { GeneralConfig clientGeneral; CertificateAuthority clientCertAuth; @@ -233,8 +243,8 @@ IceSSL::OpenSSL::System::loadConfig(ContextType contextType, _clientContext.configure(clientGeneral, clientCertAuth, clientBaseCerts); } } - - if (contextType == Server || contextType == ClientServer) +
+ if ((contextType == Server || contextType == ClientServer)) { GeneralConfig serverGeneral; CertificateAuthority serverCertAuth; @@ -387,6 +397,8 @@ void IceSSL::OpenSSL::System::setCertificateVerifier(ContextType contextType, const IceSSL::CertificateVerifierPtr& verifier) { + IceUtil::RecMutex::Lock sync(_configMutex);
+
CertificateVerifierPtr castVerifier = CertificateVerifierPtr::dynamicCast(verifier); if (!castVerifier.get()) @@ -407,24 +419,44 @@ IceSSL::OpenSSL::System::setCertificateVerifier(ContextType contextType, } void -IceSSL::OpenSSL::System::addTrustedCertificate(ContextType contextType, const string& certString) +IceSSL::OpenSSL::System::addTrustedCertificateBase64(ContextType contextType, const string& certString) { + IceUtil::RecMutex::Lock sync(_configMutex);
+
if (contextType == Client || contextType == ClientServer) { - _clientContext.addTrustedCertificate(certString); + _clientContext.addTrustedCertificateBase64(certString); } if (contextType == Server || contextType == ClientServer) { - _serverContext.addTrustedCertificate(certString); + _serverContext.addTrustedCertificateBase64(certString); } } +void
+IceSSL::OpenSSL::System::addTrustedCertificate(ContextType contextType, const Ice::ByteSeq& certSeq)
+{
+ IceUtil::RecMutex::Lock sync(_configMutex);
+
+ if (contextType == Client || contextType == ClientServer)
+ {
+ _clientContext.addTrustedCertificate(certSeq);
+ }
+
+ if (contextType == Server || contextType == ClientServer)
+ {
+ _serverContext.addTrustedCertificate(certSeq);
+ }
+}
+
void IceSSL::OpenSSL::System::setRSAKeysBase64(ContextType contextType, const std::string& privateKey, const std::string& publicKey) { + IceUtil::RecMutex::Lock sync(_configMutex);
+
if (contextType == Client || contextType == ClientServer) { _clientContext.setRSAKeysBase64(privateKey, publicKey); @@ -441,6 +473,8 @@ IceSSL::OpenSSL::System::setRSAKeys(ContextType contextType, const ::Ice::ByteSeq& privateKey, const ::Ice::ByteSeq& publicKey) { + IceUtil::RecMutex::Lock sync(_configMutex);
+
if (contextType == Client || contextType == ClientServer) { _clientContext.setRSAKeys(privateKey, publicKey); |