Mercurial > hg > orthanc-gcp
changeset 16:25292488ff8f
using option HttpsVerifyPeers from Orthanc configuration
| author | Sebastien Jodogne <s.jodogne@gmail.com> |
|---|---|
| date | Wed, 26 Jun 2019 11:29:25 +0200 |
| parents | 11368fbbce2a |
| children | 2514880d4f0b |
| files | Plugin/GoogleConfiguration.cpp Plugin/GoogleConfiguration.h Plugin/GoogleUpdater.cpp |
| diffstat | 3 files changed, 48 insertions(+), 17 deletions(-) [+] |
line wrap: on
line diff
--- a/Plugin/GoogleConfiguration.cpp Thu Jun 20 11:38:22 2019 +0200 +++ b/Plugin/GoogleConfiguration.cpp Wed Jun 26 11:29:25 2019 +0200 @@ -47,7 +47,8 @@ { OrthancPlugins::OrthancConfiguration configuration; caInfo_ = configuration.GetStringValue("HttpsCACertificates", ""); - + httpsVerifyPeers_ = configuration.GetBooleanValue("HttpsVerifyPeers", true); + { #if HAS_ORTHANC_FRAMEWORK_1_5_7 == 1 OrthancPlugins::OrthancConfiguration dicomWeb(false);
--- a/Plugin/GoogleConfiguration.h Thu Jun 20 11:38:22 2019 +0200 +++ b/Plugin/GoogleConfiguration.h Wed Jun 26 11:29:25 2019 +0200 @@ -43,6 +43,7 @@ std::vector<GoogleAccount*> accounts_; unsigned int timeoutSeconds_; unsigned int refreshIntervalSeconds_; + bool httpsVerifyPeers_; GoogleConfiguration(); // Singleton pattern @@ -88,5 +89,10 @@ return timeoutSeconds_; } + bool IsHttpsVerifyPeers() const + { + return httpsVerifyPeers_; + } + static const GoogleConfiguration& GetInstance(); };
--- a/Plugin/GoogleUpdater.cpp Thu Jun 20 11:38:22 2019 +0200 +++ b/Plugin/GoogleUpdater.cpp Wed Jun 26 11:29:25 2019 +0200 @@ -54,11 +54,28 @@ long timeout = static_cast<long>(configuration.GetTimeoutSeconds()); - if ((!configuration.GetCaInfo().empty() && - curl_easy_setopt(handle.get(), CURLOPT_CAINFO, configuration.GetCaInfo().c_str()) != CURLE_OK) || - curl_easy_setopt(handle.get(), CURLOPT_SSL_VERIFYHOST, 2) != CURLE_OK || - curl_easy_setopt(handle.get(), CURLOPT_SSL_VERIFYPEER, 1) != CURLE_OK || - curl_easy_setopt(handle.get(), CURLOPT_TIMEOUT, timeout) != CURLE_OK) + if (!configuration.GetCaInfo().empty() && + curl_easy_setopt(handle.get(), CURLOPT_CAINFO, configuration.GetCaInfo().c_str()) != CURLE_OK) + { + throw Orthanc::OrthancException(Orthanc::ErrorCode_InternalError, + "Cannot set the trusted Certificate Authorities"); + } + + bool ok; + + if (configuration.IsHttpsVerifyPeers()) + { + ok = (curl_easy_setopt(handle.get(), CURLOPT_SSL_VERIFYHOST, 2) == CURLE_OK && + curl_easy_setopt(handle.get(), CURLOPT_SSL_VERIFYPEER, 1) == CURLE_OK && + curl_easy_setopt(handle.get(), CURLOPT_TIMEOUT, timeout) == CURLE_OK); + } + else + { + ok = (curl_easy_setopt(handle.get(), CURLOPT_SSL_VERIFYHOST, 0) == CURLE_OK && + curl_easy_setopt(handle.get(), CURLOPT_SSL_VERIFYPEER, 0) == CURLE_OK); + } + + if (!ok) { throw Orthanc::OrthancException(Orthanc::ErrorCode_InternalError, "Cannot initialize a libcurl handle"); @@ -96,20 +113,27 @@ { std::shared_ptr<google::cloud::storage::oauth2::Credentials> credentials; - switch (account->GetType()) + try { - case GoogleAccount::Type_ServiceAccount: - credentials = std::make_shared<google::cloud::storage::oauth2::ServiceAccountCredentials - <CurlBuilder>>(account->GetServiceAccount()); - break; + switch (account->GetType()) + { + case GoogleAccount::Type_ServiceAccount: + credentials = std::make_shared<google::cloud::storage::oauth2::ServiceAccountCredentials + <CurlBuilder>>(account->GetServiceAccount()); + break; - case GoogleAccount::Type_AuthorizedUser: - credentials = std::make_shared<google::cloud::storage::oauth2::AuthorizedUserCredentials - <CurlBuilder>>(account->GetAuthorizedUser()); - break; + case GoogleAccount::Type_AuthorizedUser: + credentials = std::make_shared<google::cloud::storage::oauth2::AuthorizedUserCredentials + <CurlBuilder>>(account->GetAuthorizedUser()); + break; - default: - throw Orthanc::OrthancException(Orthanc::ErrorCode_NotImplemented); + default: + throw Orthanc::OrthancException(Orthanc::ErrorCode_NotImplemented); + } + } + catch (Orthanc::OrthancException& e) + { + credentials.reset(); } if (credentials.get() == NULL)