Mercurial > hg > orthanc-wsi
comparison Framework/Orthanc/Core/HttpClient.cpp @ 39:533cbc4d520c
sync
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Wed, 09 Nov 2016 14:17:33 +0100 |
parents | dc730d11b101 |
children | 9621fd6f17c9 |
comparison
equal
deleted
inserted
replaced
38:8f68ad57fd18 | 39:533cbc4d520c |
---|---|
42 #include <curl/curl.h> | 42 #include <curl/curl.h> |
43 #include <boost/algorithm/string/predicate.hpp> | 43 #include <boost/algorithm/string/predicate.hpp> |
44 #include <boost/thread/mutex.hpp> | 44 #include <boost/thread/mutex.hpp> |
45 | 45 |
46 | 46 |
47 #if ORTHANC_SSL_ENABLED == 1 | 47 #if ORTHANC_ENABLE_SSL == 1 |
48 // For OpenSSL initialization and finalization | 48 // For OpenSSL initialization and finalization |
49 # include <openssl/conf.h> | 49 # include <openssl/conf.h> |
50 # include <openssl/engine.h> | 50 # include <openssl/engine.h> |
51 # include <openssl/err.h> | 51 # include <openssl/err.h> |
52 # include <openssl/evp.h> | 52 # include <openssl/evp.h> |
53 # include <openssl/ssl.h> | 53 # include <openssl/ssl.h> |
54 #endif | 54 #endif |
55 | 55 |
56 | 56 |
57 #if ORTHANC_PKCS11_ENABLED == 1 | 57 #if ORTHANC_ENABLE_PKCS11 == 1 |
58 # include "Pkcs11.h" | 58 # include "Pkcs11.h" |
59 #endif | 59 #endif |
60 | 60 |
61 | 61 |
62 extern "C" | 62 extern "C" |
159 { | 159 { |
160 boost::mutex::scoped_lock lock(mutex_); | 160 boost::mutex::scoped_lock lock(mutex_); |
161 return timeout_; | 161 return timeout_; |
162 } | 162 } |
163 | 163 |
164 #if ORTHANC_PKCS11_ENABLED == 1 | 164 #if ORTHANC_ENABLE_PKCS11 == 1 |
165 bool IsPkcs11Initialized() | 165 bool IsPkcs11Initialized() |
166 { | 166 { |
167 boost::mutex::scoped_lock lock(mutex_); | 167 boost::mutex::scoped_lock lock(mutex_); |
168 return Pkcs11::IsInitialized(); | 168 return Pkcs11::IsInitialized(); |
169 } | 169 } |
433 headerParameters.headers_ = answerHeaders; | 433 headerParameters.headers_ = answerHeaders; |
434 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HEADERFUNCTION, &CurlHeaderCallback)); | 434 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HEADERFUNCTION, &CurlHeaderCallback)); |
435 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HEADERDATA, &headerParameters)); | 435 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HEADERDATA, &headerParameters)); |
436 } | 436 } |
437 | 437 |
438 #if ORTHANC_SSL_ENABLED == 1 | 438 #if ORTHANC_ENABLE_SSL == 1 |
439 // Setup HTTPS-related options | 439 // Setup HTTPS-related options |
440 | 440 |
441 if (verifyPeers_) | 441 if (verifyPeers_) |
442 { | 442 { |
443 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_CAINFO, caCertificates_.c_str())); | 443 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_CAINFO, caCertificates_.c_str())); |
459 throw OrthancException(ErrorCode_ParameterOutOfRange); | 459 throw OrthancException(ErrorCode_ParameterOutOfRange); |
460 } | 460 } |
461 | 461 |
462 if (pkcs11Enabled_) | 462 if (pkcs11Enabled_) |
463 { | 463 { |
464 #if ORTHANC_PKCS11_ENABLED == 1 | 464 #if ORTHANC_ENABLE_PKCS11 == 1 |
465 if (GlobalParameters::GetInstance().IsPkcs11Initialized()) | 465 if (GlobalParameters::GetInstance().IsPkcs11Initialized()) |
466 { | 466 { |
467 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLENGINE, Pkcs11::GetEngineIdentifier())); | 467 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLENGINE, Pkcs11::GetEngineIdentifier())); |
468 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLKEYTYPE, "ENG")); | 468 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLKEYTYPE, "ENG")); |
469 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERTTYPE, "ENG")); | 469 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERTTYPE, "ENG")); |
478 throw OrthancException(ErrorCode_InternalError); | 478 throw OrthancException(ErrorCode_InternalError); |
479 #endif | 479 #endif |
480 } | 480 } |
481 else if (!clientCertificateFile_.empty()) | 481 else if (!clientCertificateFile_.empty()) |
482 { | 482 { |
483 #if ORTHANC_SSL_ENABLED == 1 | 483 #if ORTHANC_ENABLE_SSL == 1 |
484 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERTTYPE, "PEM")); | 484 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERTTYPE, "PEM")); |
485 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERT, clientCertificateFile_.c_str())); | 485 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERT, clientCertificateFile_.c_str())); |
486 | 486 |
487 if (!clientCertificateKeyPassword_.empty()) | 487 if (!clientCertificateKeyPassword_.empty()) |
488 { | 488 { |
669 | 669 |
670 | 670 |
671 void HttpClient::ConfigureSsl(bool httpsVerifyPeers, | 671 void HttpClient::ConfigureSsl(bool httpsVerifyPeers, |
672 const std::string& httpsVerifyCertificates) | 672 const std::string& httpsVerifyCertificates) |
673 { | 673 { |
674 #if ORTHANC_SSL_ENABLED == 1 | 674 #if ORTHANC_ENABLE_SSL == 1 |
675 if (httpsVerifyPeers) | 675 if (httpsVerifyPeers) |
676 { | 676 { |
677 if (httpsVerifyCertificates.empty()) | 677 if (httpsVerifyCertificates.empty()) |
678 { | 678 { |
679 LOG(WARNING) << "No certificates are provided to validate peers, " | 679 LOG(WARNING) << "No certificates are provided to validate peers, " |
694 } | 694 } |
695 | 695 |
696 | 696 |
697 void HttpClient::GlobalInitialize() | 697 void HttpClient::GlobalInitialize() |
698 { | 698 { |
699 #if ORTHANC_SSL_ENABLED == 1 | 699 #if ORTHANC_ENABLE_SSL == 1 |
700 CheckCode(curl_global_init(CURL_GLOBAL_ALL)); | 700 CheckCode(curl_global_init(CURL_GLOBAL_ALL)); |
701 #else | 701 #else |
702 CheckCode(curl_global_init(CURL_GLOBAL_ALL & ~CURL_GLOBAL_SSL)); | 702 CheckCode(curl_global_init(CURL_GLOBAL_ALL & ~CURL_GLOBAL_SSL)); |
703 #endif | 703 #endif |
704 } | 704 } |
706 | 706 |
707 void HttpClient::GlobalFinalize() | 707 void HttpClient::GlobalFinalize() |
708 { | 708 { |
709 curl_global_cleanup(); | 709 curl_global_cleanup(); |
710 | 710 |
711 #if ORTHANC_PKCS11_ENABLED == 1 | 711 #if ORTHANC_ENABLE_PKCS11 == 1 |
712 Pkcs11::Finalize(); | 712 Pkcs11::Finalize(); |
713 #endif | 713 #endif |
714 } | 714 } |
715 | 715 |
716 | 716 |
794 | 794 |
795 void HttpClient::InitializePkcs11(const std::string& module, | 795 void HttpClient::InitializePkcs11(const std::string& module, |
796 const std::string& pin, | 796 const std::string& pin, |
797 bool verbose) | 797 bool verbose) |
798 { | 798 { |
799 #if ORTHANC_PKCS11_ENABLED == 1 | 799 #if ORTHANC_ENABLE_PKCS11 == 1 |
800 LOG(INFO) << "Initializing PKCS#11 using " << module | 800 LOG(INFO) << "Initializing PKCS#11 using " << module |
801 << (pin.empty() ? " (no PIN provided)" : " (PIN is provided)"); | 801 << (pin.empty() ? " (no PIN provided)" : " (PIN is provided)"); |
802 GlobalParameters::GetInstance().InitializePkcs11(module, pin, verbose); | 802 GlobalParameters::GetInstance().InitializePkcs11(module, pin, verbose); |
803 #else | 803 #else |
804 LOG(ERROR) << "This version of Orthanc is compiled without support for PKCS#11"; | 804 LOG(ERROR) << "This version of Orthanc is compiled without support for PKCS#11"; |
807 } | 807 } |
808 | 808 |
809 | 809 |
810 void HttpClient::InitializeOpenSsl() | 810 void HttpClient::InitializeOpenSsl() |
811 { | 811 { |
812 #if ORTHANC_SSL_ENABLED == 1 | 812 #if ORTHANC_ENABLE_SSL == 1 |
813 // https://wiki.openssl.org/index.php/Library_Initialization | 813 // https://wiki.openssl.org/index.php/Library_Initialization |
814 SSL_library_init(); | 814 SSL_library_init(); |
815 SSL_load_error_strings(); | 815 SSL_load_error_strings(); |
816 OpenSSL_add_all_algorithms(); | 816 OpenSSL_add_all_algorithms(); |
817 ERR_load_crypto_strings(); | 817 ERR_load_crypto_strings(); |
819 } | 819 } |
820 | 820 |
821 | 821 |
822 void HttpClient::FinalizeOpenSsl() | 822 void HttpClient::FinalizeOpenSsl() |
823 { | 823 { |
824 #if ORTHANC_SSL_ENABLED == 1 | 824 #if ORTHANC_ENABLE_SSL == 1 |
825 // Finalize OpenSSL | 825 // Finalize OpenSSL |
826 // https://wiki.openssl.org/index.php/Library_Initialization#Cleanup | 826 // https://wiki.openssl.org/index.php/Library_Initialization#Cleanup |
827 FIPS_mode_set(0); | 827 FIPS_mode_set(0); |
828 ENGINE_cleanup(); | 828 ENGINE_cleanup(); |
829 CONF_modules_unload(1); | 829 CONF_modules_unload(1); |