This commit is contained in:
Ren RenJuan
parent
59354d66ca
commit
2b472021c9
|
|
@ -19,6 +19,9 @@
|
|||
#include <iostream>
|
||||
#include <signal.h>
|
||||
|
||||
const char *otePeer="epp.ote.donuts.co";
|
||||
static int tkScenario=0;
|
||||
|
||||
namespace {
|
||||
|
||||
void initEnumTypes()
|
||||
|
|
@ -77,10 +80,18 @@ public:
|
|||
}
|
||||
};
|
||||
|
||||
} // anonymous namepsace
|
||||
} // anonymous namespace
|
||||
|
||||
|
||||
void init(const std::string& system_props_file)
|
||||
{
|
||||
static const Init doInit(system_props_file);
|
||||
}
|
||||
|
||||
void scenario(int scenario)
|
||||
{
|
||||
std::string stdPropsPath("etc/toolkit2.conf");
|
||||
|
||||
tkScenario = scenario;
|
||||
static const Init doInit(stdPropsPath);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,5 +4,6 @@
|
|||
#include <string>
|
||||
|
||||
void init(const std::string &system_props_file);
|
||||
void scenario(int which);
|
||||
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -7,6 +7,9 @@
|
|||
#include <unistd.h>
|
||||
#include <netinet/in.h> // htonl
|
||||
|
||||
extern char *otePeer;
|
||||
extern const int tkScenario;
|
||||
|
||||
using namespace std;
|
||||
|
||||
TLSSocket::TLSSocket(SSL_CTX* ctx, int sock, const string& host,
|
||||
|
|
@ -38,21 +41,26 @@ TLSSocket::TLSSocket(SSL_CTX* ctx, int sock, const string& host,
|
|||
throw e;
|
||||
}
|
||||
|
||||
// Common name
|
||||
char cn[256];
|
||||
X509 *peer = SSL_get_peer_certificate(ssl);
|
||||
X509_NAME_get_text_by_NID(X509_get_subject_name(peer), NID_commonName, cn, 256);
|
||||
commonName = cn;
|
||||
if (tkScenario == 1) commonName = otePeer;
|
||||
else {
|
||||
|
||||
if ((ret = SSL_get_verify_result(ssl)) != X509_V_OK)
|
||||
{char why[100]; sprintf(why,"Cert verify fail: %d",ret);
|
||||
{char why[100]; sprintf(why,"SSL verify result: %d",ret);
|
||||
|
||||
SSLException e(why, ssl, ret);
|
||||
SSL_shutdown(ssl);
|
||||
throw e;
|
||||
}
|
||||
|
||||
// Common name
|
||||
char cn[256];
|
||||
X509 *peer = SSL_get_peer_certificate(ssl);
|
||||
X509_NAME_get_text_by_NID(X509_get_subject_name(peer), NID_commonName, cn, 256);
|
||||
commonName = cn;
|
||||
|
||||
X509_free(peer);
|
||||
|
||||
} // scenario 1
|
||||
}
|
||||
|
||||
TLSSocket::~TLSSocket()
|
||||
|
|
|
|||
|
|
@ -5,6 +5,10 @@ class ausRegEPPTK {
|
|||
|
||||
friend class masterDaemon;
|
||||
|
||||
public: int tkScenario;
|
||||
// See the Toolkit Overview. At this level supposedly it can do everything.
|
||||
|
||||
ausRegEPPTK() { tkScenario = 0; }
|
||||
bool didInit(const std::string propertiesFilePath);
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -60,6 +60,7 @@
|
|||
using namespace std;
|
||||
using boost::asio::ip::udp;
|
||||
|
||||
#define MAX_SCENARIO 1 // defined by increasing assumption of control from TK
|
||||
#define MAX_AC 1
|
||||
#define MAX_CLIENTS 1
|
||||
#define MAX_CLIEVER 10
|
||||
|
|
|
|||
|
|
@ -4,18 +4,32 @@
|
|||
|
||||
bool ausRegEPPTK::didInit(const std::string propPath) {
|
||||
|
||||
bool did=false;;
|
||||
bool did=false;
|
||||
|
||||
try {
|
||||
getPeerService:
|
||||
|
||||
switch(tkScenario) {
|
||||
case 0:
|
||||
try {
|
||||
init( propPath );
|
||||
did = true;
|
||||
|
||||
}
|
||||
catch(std::exception &e) {
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
catch(std::exception &e) {
|
||||
theseLogs->logN(1,"Scenario Zero TK Exception: %s .",e.what());
|
||||
}
|
||||
if (!did) { if (tkScenario++ <= MAX_SCENARIO) goto getPeerService; }
|
||||
break;
|
||||
case 1: // Our first level of implementation, allow an insecure partially authenticated TLS Session.
|
||||
try {
|
||||
scenario( tkScenario );
|
||||
did = true;
|
||||
}
|
||||
catch(std::exception &e) {
|
||||
theseLogs->logN(1,"Scenario One TK Exception: %s .",e.what());
|
||||
}
|
||||
if (!did) { if (tkScenario++ <= MAX_SCENARIO) goto getPeerService; }
|
||||
break;
|
||||
}
|
||||
return did;
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue