*

ACTK1_0/common/init.cpp

@@ -19,6 +19,9 @@
 #include <iostream>
 #include <signal.h>
 
+const char       *otePeer="epp.ote.donuts.co";
+static int                       tkScenario=0;
+
 namespace {
 
 void initEnumTypes()
@@ -77,10 +80,18 @@ public:
     }
 };
 
-} // anonymous namepsace
+} // anonymous namespace
 
 
 void init(const std::string& system_props_file)
 {
 	static const Init doInit(system_props_file);
 }
+
+void scenario(int scenario)
+{
+	std::string stdPropsPath("etc/toolkit2.conf");
+
+	tkScenario = scenario;
+	static const Init doInit(stdPropsPath);
+}

ACTK1_0/common/init.hpp

@@ -4,5 +4,6 @@
 #include <string>
 
 void init(const std::string &system_props_file);
+void scenario(int which);
 
 #endif

ACTK1_0/session/TLSSocket.cpp

@@ -7,6 +7,9 @@
 #include <unistd.h>
 #include <netinet/in.h>  // htonl
 
+extern char     *otePeer;
+extern const int tkScenario;
+
 using namespace std;
 
 TLSSocket::TLSSocket(SSL_CTX* ctx, int sock, const string& host,
@@ -38,21 +41,26 @@ TLSSocket::TLSSocket(SSL_CTX* ctx, int sock, const string& host,
 		throw e;
 	}
 
-	// Common name
+	if (tkScenario == 1) commonName = otePeer;
-	char cn[256];
+	else {
-	X509 *peer = SSL_get_peer_certificate(ssl);
-	X509_NAME_get_text_by_NID(X509_get_subject_name(peer), NID_commonName, cn, 256);
-	commonName = cn;
 
 	if ((ret = SSL_get_verify_result(ssl)) != X509_V_OK)
-	{char why[100]; sprintf(why,"Cert verify fail: %d",ret);
+	{char why[100]; sprintf(why,"SSL verify result: %d",ret);
 
 		SSLException e(why, ssl, ret);
 		SSL_shutdown(ssl);
 		throw e;
 	}
 
+	// Common name
+		char cn[256];
+		X509 *peer = SSL_get_peer_certificate(ssl);
+		X509_NAME_get_text_by_NID(X509_get_subject_name(peer), NID_commonName, cn, 256);
+		commonName = cn;
+
 	X509_free(peer);
+
+	} // scenario 1
 }
 
 TLSSocket::~TLSSocket()

AusRegCliever/include/ausRegTK.h

@@ -5,6 +5,10 @@ class ausRegEPPTK {
 
   friend class masterDaemon;
 
+  public: int tkScenario;
+   // See the Toolkit Overview. At this level supposedly it can do everything.
+
+   ausRegEPPTK() { tkScenario = 0; }
    bool didInit(const std::string propertiesFilePath);
 
 

AusRegCliever/include/mdcommon.h

@@ -60,6 +60,7 @@
 using namespace std;
 using boost::asio::ip::udp;
 
+#define MAX_SCENARIO                 1        // defined by increasing assumption of control from TK
 #define MAX_AC                       1
 #define MAX_CLIENTS                  1
 #define MAX_CLIEVER                  10

AusRegCliever/server/mdAusReg.cpp

@@ -4,18 +4,32 @@
 
 bool ausRegEPPTK::didInit(const std::string propPath) {
 
-	bool did=false;;
+	bool did=false;
 
-	try {
+getPeerService:
 
+	switch(tkScenario) {
+	case 0:
+		try {
 		init( propPath );
 		did = true;
-
+	    }
-	}
+	    catch(std::exception &e) {
-	catch(std::exception &e) {
+	        theseLogs->logN(1,"Scenario Zero TK Exception: %s .",e.what());
-
+	    }
-	}
+        if (!did) { if (tkScenario++ <= MAX_SCENARIO) goto getPeerService; }
-
+        break;
+	case 1: // Our first level of implementation, allow an insecure partially authenticated TLS Session.
+		try {
+		scenario( tkScenario );
+		did = true;
+	    }
+	    catch(std::exception &e) {
+	        theseLogs->logN(1,"Scenario One TK Exception: %s .",e.what());
+	    }
+        if (!did) { if (tkScenario++ <= MAX_SCENARIO) goto getPeerService; }
+        break;
+        }
 	return did;
 
 }