diff options
| author | Anthony Neal <aneal@zeroc.com> | 2002-04-15 14:34:56 +0000 |
|---|---|---|
| committer | Anthony Neal <aneal@zeroc.com> | 2002-04-15 14:34:56 +0000 |
| commit | c4d01aa7c6f8f56e32a6ee14db79dce17621703d (patch) | |
| tree | 943ecadcb4fbc9a672edc710dc07716bcf80c1c0 /cpp | |
| parent | fixes (diff) | |
| download | ice-c4d01aa7c6f8f56e32a6ee14db79dce17621703d.tar.bz2 ice-c4d01aa7c6f8f56e32a6ee14db79dce17621703d.tar.xz ice-c4d01aa7c6f8f56e32a6ee14db79dce17621703d.zip | |
Fixed a bug regarding the handling of the override properties. Truthfully,
the override propery handling was unnecessary as Ice does this
directly.
Diffstat (limited to 'cpp')
| -rw-r--r-- | cpp/src/Glacier/GlacierRouter.cpp | 28 |
1 files changed, 12 insertions, 16 deletions
diff --git a/cpp/src/Glacier/GlacierRouter.cpp b/cpp/src/Glacier/GlacierRouter.cpp index 18b20dfed19..142c9ab8cda 100644 --- a/cpp/src/Glacier/GlacierRouter.cpp +++ b/cpp/src/Glacier/GlacierRouter.cpp @@ -128,31 +128,27 @@ Glacier::Router::run(int argc, char* argv[]) // Only do this if we've been configured for SSL if (!clientConfig.empty() && !serverConfig.empty()) { - string clientPrivKey = properties->getProperty("Ice.SSL.Client.Overrides.RSA.PrivateKey"); - string clientPubKey = properties->getProperty("Ice.SSL.Client.Overrides.RSA.Certificate"); - string serverPrivKey = properties->getProperty("Ice.SSL.Server.Overrides.RSA.PrivateKey"); - string serverPubKey = properties->getProperty("Ice.SSL.Server.Overrides.RSA.Certificate"); - IceSSL::ContextType contextType = IceSSL::ClientServer; - // Get our SSL System and an instance of the SSL Extension itself + // Get our SSL System IceSSL::SystemPtr sslSystem = communicator()->getSslSystem(); - IceSSL::SslExtensionPtr sslExtension = communicator()->getSslExtension(); // The system must configure itself (using config files as specified) sslSystem->configure(contextType); - // Set the keys we will be using. - sslSystem->setRSAKeysBase64(IceSSL::Client, clientPrivKey, clientPubKey); - sslSystem->setRSAKeysBase64(IceSSL::Server, serverPrivKey, serverPubKey); - - // Install a Certificate Verifier that only accepts the client's certificate. + // If we have been told only to only accept a single certificate. string clientCertBase64 = properties->getProperty("Glacier.Router.AcceptCert"); - Ice::ByteSeq clientCert = IceUtil::Base64::decode(clientCertBase64); - sslSystem->setCertificateVerifier(contextType, sslExtension->getSingleCertVerifier(clientCert)); + if (!clientCertBase64.empty()) + { + // Get an instance of the SSL Extension itself + IceSSL::SslExtensionPtr sslExtension = communicator()->getSslExtension(); + // Install a Certificate Verifier that only accepts indicated certificate. + Ice::ByteSeq clientCert = IceUtil::Base64::decode(clientCertBase64); + sslSystem->setCertificateVerifier(contextType, sslExtension->getSingleCertVerifier(clientCert)); - // Add the Client's certificate as a trusted certificate. - sslSystem->addTrustedCertificateBase64(contextType, clientCertBase64); + // Add the Client's certificate as a trusted certificate. + sslSystem->addTrustedCertificateBase64(contextType, clientCertBase64); + } } // |