1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
// **********************************************************************
//
// Copyright (c) 2003 - 2004
// ZeroC, Inc.
// North Palm Beach, FL, USA
//
// All Rights Reserved.
//
// This copy of Ice is licensed to you under the terms described in the
// ICE_LICENSE file included in this distribution.
//
// **********************************************************************
#include <Ice/Communicator.h>
#include <Ice/LoggerUtil.h>
#include <IceSSL/Exception.h>
#include <IceSSL/ClientContext.h>
#include <IceSSL/SslClientTransceiver.h>
#include <IceSSL/TraceLevels.h>
using namespace std;
using namespace Ice;
void
IceSSL::ClientContext::configure(const GeneralConfig& generalConfig,
const CertificateAuthority& certificateAuthority,
const BaseCertificates& baseCertificates)
{
Context::configure(generalConfig, certificateAuthority, baseCertificates);
loadCertificateAuthority(certificateAuthority);
if(_traceLevels->security >= SECURITY_PROTOCOL)
{
Trace out(_communicator->getLogger(), _traceLevels->securityCat);
out << "\n";
out << "general configuration (client)\n";
out << "------------------------------\n";
IceSSL::operator<<(out, generalConfig);
out << "\n\n";
out << "certificate authority (client)\n";
out << "------------------------------\n";
out << "file: " << certificateAuthority.getCAFileName() << "\n";
out << "path: " << certificateAuthority.getCAPath() << "\n";
out << "base certificates (client)\n";
out << "--------------------------\n";
IceSSL::operator<<(out, baseCertificates);
out << "\n";
}
}
IceSSL::SslTransceiverPtr
IceSSL::ClientContext::createTransceiver(int socket, const OpenSSLPluginIPtr& plugin, int timeout)
{
if(_sslContext == 0)
{
ContextNotConfiguredException contextEx(__FILE__, __LINE__);
throw contextEx;
}
SSL* ssl = createSSLConnection(socket);
SslTransceiverPtr transceiver = new SslClientTransceiver(plugin, socket, _certificateVerifier, ssl);
transceiverSetup(transceiver, timeout);
return transceiver;
}
IceSSL::ClientContext::ClientContext(const TraceLevelsPtr& traceLevels, const CommunicatorPtr& communicator) :
Context(traceLevels, communicator, Client)
{
_rsaPrivateKeyProperty = "IceSSL.Client.Overrides.RSA.PrivateKey";
_rsaPublicKeyProperty = "IceSSL.Client.Overrides.RSA.Certificate";
_dsaPrivateKeyProperty = "IceSSL.Client.Overrides.DSA.PrivateKey";
_dsaPublicKeyProperty = "IceSSL.Client.Overrides.DSA.Certificate";
_caCertificateProperty = "IceSSL.Client.Overrides.CACertificate";
_passphraseRetriesProperty = "IceSSL.Client.Passphrase.Retries";
_connectionHandshakeRetries = "IceSSL.Client.Handshake.Retries";
}
|
