Mercurial > hg > orthanc-stone

comparison Framework/Orthanc/Core/HttpClient.cpp @ 12:9220cf4a63d5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
sync
author Sebastien Jodogne <s.jodogne@gmail.com>
date Wed, 09 Nov 2016 14:14:34 +0100
parents 4b7e0244881f
children da2cf3ace87a
comparison
equal deleted inserted replaced
11:4b7e0244881f 12:9220cf4a63d5
42 #include <curl/curl.h> 42 #include <curl/curl.h>
43 #include <boost/algorithm/string/predicate.hpp> 43 #include <boost/algorithm/string/predicate.hpp>
44 #include <boost/thread/mutex.hpp> 44 #include <boost/thread/mutex.hpp>
45 45
46 46
47 #if ORTHANC_SSL_ENABLED == 1 47 #if ORTHANC_ENABLE_SSL == 1
48 // For OpenSSL initialization and finalization 48 // For OpenSSL initialization and finalization
49 # include <openssl/conf.h> 49 # include <openssl/conf.h>
50 # include <openssl/engine.h> 50 # include <openssl/engine.h>
51 # include <openssl/err.h> 51 # include <openssl/err.h>
52 # include <openssl/evp.h> 52 # include <openssl/evp.h>
53 # include <openssl/ssl.h> 53 # include <openssl/ssl.h>
54 #endif 54 #endif
55 55
56 56
57 #if ORTHANC_PKCS11_ENABLED == 1 57 #if ORTHANC_ENABLE_PKCS11 == 1
58 # include "Pkcs11.h" 58 # include "Pkcs11.h"
59 #endif 59 #endif
60 60
61 61
62 extern "C" 62 extern "C"
159 { 159 {
160 boost::mutex::scoped_lock lock(mutex_); 160 boost::mutex::scoped_lock lock(mutex_);
161 return timeout_; 161 return timeout_;
162 } 162 }
163 163
164 #if ORTHANC_PKCS11_ENABLED == 1 164 #if ORTHANC_ENABLE_PKCS11 == 1
165 bool IsPkcs11Initialized() 165 bool IsPkcs11Initialized()
166 { 166 {
167 boost::mutex::scoped_lock lock(mutex_); 167 boost::mutex::scoped_lock lock(mutex_);
168 return Pkcs11::IsInitialized(); 168 return Pkcs11::IsInitialized();
169 } 169 }
433 headerParameters.headers_ = answerHeaders; 433 headerParameters.headers_ = answerHeaders;
434 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HEADERFUNCTION, &CurlHeaderCallback)); 434 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HEADERFUNCTION, &CurlHeaderCallback));
435 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HEADERDATA, &headerParameters)); 435 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HEADERDATA, &headerParameters));
436 } 436 }
437 437
438 #if ORTHANC_SSL_ENABLED == 1 438 #if ORTHANC_ENABLE_SSL == 1
439 // Setup HTTPS-related options 439 // Setup HTTPS-related options
440 440
441 if (verifyPeers_) 441 if (verifyPeers_)
442 { 442 {
443 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_CAINFO, caCertificates_.c_str())); 443 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_CAINFO, caCertificates_.c_str()));
459 throw OrthancException(ErrorCode_ParameterOutOfRange); 459 throw OrthancException(ErrorCode_ParameterOutOfRange);
460 } 460 }
461 461
462 if (pkcs11Enabled_) 462 if (pkcs11Enabled_)
463 { 463 {
464 #if ORTHANC_PKCS11_ENABLED == 1 464 #if ORTHANC_ENABLE_PKCS11 == 1
465 if (GlobalParameters::GetInstance().IsPkcs11Initialized()) 465 if (GlobalParameters::GetInstance().IsPkcs11Initialized())
466 { 466 {
467 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLENGINE, Pkcs11::GetEngineIdentifier())); 467 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLENGINE, Pkcs11::GetEngineIdentifier()));
468 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLKEYTYPE, "ENG")); 468 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLKEYTYPE, "ENG"));
469 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERTTYPE, "ENG")); 469 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERTTYPE, "ENG"));
478 throw OrthancException(ErrorCode_InternalError); 478 throw OrthancException(ErrorCode_InternalError);
479 #endif 479 #endif
480 } 480 }
481 else if (!clientCertificateFile_.empty()) 481 else if (!clientCertificateFile_.empty())
482 { 482 {
483 #if ORTHANC_SSL_ENABLED == 1 483 #if ORTHANC_ENABLE_SSL == 1
484 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERTTYPE, "PEM")); 484 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERTTYPE, "PEM"));
485 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERT, clientCertificateFile_.c_str())); 485 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERT, clientCertificateFile_.c_str()));
486 486
487 if (!clientCertificateKeyPassword_.empty()) 487 if (!clientCertificateKeyPassword_.empty())
488 { 488 {
669 669
670 670
671 void HttpClient::ConfigureSsl(bool httpsVerifyPeers, 671 void HttpClient::ConfigureSsl(bool httpsVerifyPeers,
672 const std::string& httpsVerifyCertificates) 672 const std::string& httpsVerifyCertificates)
673 { 673 {
674 #if ORTHANC_SSL_ENABLED == 1 674 #if ORTHANC_ENABLE_SSL == 1
675 if (httpsVerifyPeers) 675 if (httpsVerifyPeers)
676 { 676 {
677 if (httpsVerifyCertificates.empty()) 677 if (httpsVerifyCertificates.empty())
678 { 678 {
679 LOG(WARNING) << "No certificates are provided to validate peers, " 679 LOG(WARNING) << "No certificates are provided to validate peers, "
694 } 694 }
695 695
696 696
697 void HttpClient::GlobalInitialize() 697 void HttpClient::GlobalInitialize()
698 { 698 {
699 #if ORTHANC_SSL_ENABLED == 1 699 #if ORTHANC_ENABLE_SSL == 1
700 CheckCode(curl_global_init(CURL_GLOBAL_ALL)); 700 CheckCode(curl_global_init(CURL_GLOBAL_ALL));
701 #else 701 #else
702 CheckCode(curl_global_init(CURL_GLOBAL_ALL & ~CURL_GLOBAL_SSL)); 702 CheckCode(curl_global_init(CURL_GLOBAL_ALL & ~CURL_GLOBAL_SSL));
703 #endif 703 #endif
704 } 704 }
706 706
707 void HttpClient::GlobalFinalize() 707 void HttpClient::GlobalFinalize()
708 { 708 {
709 curl_global_cleanup(); 709 curl_global_cleanup();
710 710
711 #if ORTHANC_PKCS11_ENABLED == 1 711 #if ORTHANC_ENABLE_PKCS11 == 1
712 Pkcs11::Finalize(); 712 Pkcs11::Finalize();
713 #endif 713 #endif
714 } 714 }
715 715
716 716
794 794
795 void HttpClient::InitializePkcs11(const std::string& module, 795 void HttpClient::InitializePkcs11(const std::string& module,
796 const std::string& pin, 796 const std::string& pin,
797 bool verbose) 797 bool verbose)
798 { 798 {
799 #if ORTHANC_PKCS11_ENABLED == 1 799 #if ORTHANC_ENABLE_PKCS11 == 1
800 LOG(INFO) << "Initializing PKCS#11 using " << module 800 LOG(INFO) << "Initializing PKCS#11 using " << module
801 << (pin.empty() ? " (no PIN provided)" : " (PIN is provided)"); 801 << (pin.empty() ? " (no PIN provided)" : " (PIN is provided)");
802 GlobalParameters::GetInstance().InitializePkcs11(module, pin, verbose); 802 GlobalParameters::GetInstance().InitializePkcs11(module, pin, verbose);
803 #else 803 #else
804 LOG(ERROR) << "This version of Orthanc is compiled without support for PKCS#11"; 804 LOG(ERROR) << "This version of Orthanc is compiled without support for PKCS#11";
807 } 807 }
808 808
809 809
810 void HttpClient::InitializeOpenSsl() 810 void HttpClient::InitializeOpenSsl()
811 { 811 {
812 #if ORTHANC_SSL_ENABLED == 1 812 #if ORTHANC_ENABLE_SSL == 1
813 // https://wiki.openssl.org/index.php/Library_Initialization 813 // https://wiki.openssl.org/index.php/Library_Initialization
814 SSL_library_init(); 814 SSL_library_init();
815 SSL_load_error_strings(); 815 SSL_load_error_strings();
816 OpenSSL_add_all_algorithms(); 816 OpenSSL_add_all_algorithms();
817 ERR_load_crypto_strings(); 817 ERR_load_crypto_strings();
819 } 819 }
820 820
821 821
822 void HttpClient::FinalizeOpenSsl() 822 void HttpClient::FinalizeOpenSsl()
823 { 823 {
824 #if ORTHANC_SSL_ENABLED == 1 824 #if ORTHANC_ENABLE_SSL == 1
825 // Finalize OpenSSL 825 // Finalize OpenSSL
826 // https://wiki.openssl.org/index.php/Library_Initialization#Cleanup 826 // https://wiki.openssl.org/index.php/Library_Initialization#Cleanup
827 FIPS_mode_set(0); 827 FIPS_mode_set(0);
828 ENGINE_cleanup(); 828 ENGINE_cleanup();
829 CONF_modules_unload(1); 829 CONF_modules_unload(1);