This commit is contained in:
Ren RenJuan 2014-01-10 20:05:42 +00:00
parent 59354d66ca
commit 2b472021c9
6 changed files with 54 additions and 15 deletions

View File

@ -19,6 +19,9 @@
#include <iostream>
#include <signal.h>
const char *otePeer="epp.ote.donuts.co";
static int tkScenario=0;
namespace {
void initEnumTypes()
@ -77,10 +80,18 @@ public:
}
};
} // anonymous namepsace
} // anonymous namespace
void init(const std::string& system_props_file)
{
static const Init doInit(system_props_file);
}
void scenario(int scenario)
{
std::string stdPropsPath("etc/toolkit2.conf");
tkScenario = scenario;
static const Init doInit(stdPropsPath);
}

View File

@ -4,5 +4,6 @@
#include <string>
void init(const std::string &system_props_file);
void scenario(int which);
#endif

View File

@ -7,6 +7,9 @@
#include <unistd.h>
#include <netinet/in.h> // htonl
extern char *otePeer;
extern const int tkScenario;
using namespace std;
TLSSocket::TLSSocket(SSL_CTX* ctx, int sock, const string& host,
@ -38,21 +41,26 @@ TLSSocket::TLSSocket(SSL_CTX* ctx, int sock, const string& host,
throw e;
}
// Common name
char cn[256];
X509 *peer = SSL_get_peer_certificate(ssl);
X509_NAME_get_text_by_NID(X509_get_subject_name(peer), NID_commonName, cn, 256);
commonName = cn;
if (tkScenario == 1) commonName = otePeer;
else {
if ((ret = SSL_get_verify_result(ssl)) != X509_V_OK)
{char why[100]; sprintf(why,"Cert verify fail: %d",ret);
{char why[100]; sprintf(why,"SSL verify result: %d",ret);
SSLException e(why, ssl, ret);
SSL_shutdown(ssl);
throw e;
}
// Common name
char cn[256];
X509 *peer = SSL_get_peer_certificate(ssl);
X509_NAME_get_text_by_NID(X509_get_subject_name(peer), NID_commonName, cn, 256);
commonName = cn;
X509_free(peer);
} // scenario 1
}
TLSSocket::~TLSSocket()

View File

@ -5,6 +5,10 @@ class ausRegEPPTK {
friend class masterDaemon;
public: int tkScenario;
// See the Toolkit Overview. At this level supposedly it can do everything.
ausRegEPPTK() { tkScenario = 0; }
bool didInit(const std::string propertiesFilePath);

View File

@ -60,6 +60,7 @@
using namespace std;
using boost::asio::ip::udp;
#define MAX_SCENARIO 1 // defined by increasing assumption of control from TK
#define MAX_AC 1
#define MAX_CLIENTS 1
#define MAX_CLIEVER 10

View File

@ -4,18 +4,32 @@
bool ausRegEPPTK::didInit(const std::string propPath) {
bool did=false;;
bool did=false;
try {
getPeerService:
switch(tkScenario) {
case 0:
try {
init( propPath );
did = true;
}
catch(std::exception &e) {
}
}
catch(std::exception &e) {
theseLogs->logN(1,"Scenario Zero TK Exception: %s .",e.what());
}
if (!did) { if (tkScenario++ <= MAX_SCENARIO) goto getPeerService; }
break;
case 1: // Our first level of implementation, allow an insecure partially authenticated TLS Session.
try {
scenario( tkScenario );
did = true;
}
catch(std::exception &e) {
theseLogs->logN(1,"Scenario One TK Exception: %s .",e.what());
}
if (!did) { if (tkScenario++ <= MAX_SCENARIO) goto getPeerService; }
break;
}
return did;
}