Mercurial > hg > orthanc
comparison OrthancFramework/Sources/DicomNetworking/Internals/DicomTls.cpp @ 5623:56e1e7d0f92a tls-ignore-unexpected-tls
TLS test code
| author | Alain Mazy <am@orthanc.team> |
|---|---|
| date | Tue, 14 May 2024 09:44:01 +0200 |
| parents | 335e2079de1f |
| children | d9824edad40a |
comparison
equal
deleted
inserted
replaced
| 5622:335e2079de1f | 5623:56e1e7d0f92a |
|---|---|
| 154 throw OrthancException(ErrorCode_BadFileFormat, "The private key doesn't match the own certificate: " + | 154 throw OrthancException(ErrorCode_BadFileFormat, "The private key doesn't match the own certificate: " + |
| 155 ownPrivateKeyPath + " vs. " + ownCertificatePath); | 155 ownPrivateKeyPath + " vs. " + ownCertificatePath); |
| 156 } | 156 } |
| 157 | 157 |
| 158 #if DCMTK_VERSION_NUMBER >= 364 | 158 #if DCMTK_VERSION_NUMBER >= 364 |
| 159 if (IsFailure(tls->setTLSProfile(TSP_Profile_BCP195 /*opt_tlsProfile*/))) | 159 // TODO: add parameters to select TSP_Profile ? |
| 160 if (IsFailure(tls->setTLSProfile(TSP_Profile_AES /*opt_tlsProfile*/))) | |
| 161 //if (IsFailure(tls->setTLSProfile(TSP_Profile_BCP195 /*opt_tlsProfile*/))) | |
| 160 { | 162 { |
| 161 throw OrthancException(ErrorCode_InternalError, "Cannot set the DICOM TLS profile"); | 163 throw OrthancException(ErrorCode_InternalError, "Cannot set the DICOM TLS profile"); |
| 162 } | 164 } |
| 163 | 165 |
| 164 if (IsFailure(tls->activateCipherSuites())) | 166 if (IsFailure(tls->activateCipherSuites())) |
| 165 { | 167 { |
| 166 throw OrthancException(ErrorCode_InternalError, "Cannot activate the cipher suites for DICOM TLS"); | 168 throw OrthancException(ErrorCode_InternalError, "Cannot activate the cipher suites for DICOM TLS"); |
| 167 } | 169 } |
| 168 | 170 |
| 171 // TODO: add parameters to enable/disable IGNORE_UNEXPECTED_EOF ? | |
| 169 DcmTLSTransportLayer::native_handle_type sslNativeHandle = tls->getNativeHandle(); | 172 DcmTLSTransportLayer::native_handle_type sslNativeHandle = tls->getNativeHandle(); |
| 170 SSL_CTX_set_options(sslNativeHandle, SSL_OP_IGNORE_UNEXPECTED_EOF); | 173 SSL_CTX_set_options(sslNativeHandle, SSL_OP_IGNORE_UNEXPECTED_EOF); |
| 174 | |
| 171 #else | 175 #else |
| 172 CLOG(INFO, DICOM) << "Using the following cipher suites for DICOM TLS: " << opt_ciphersuites; | 176 CLOG(INFO, DICOM) << "Using the following cipher suites for DICOM TLS: " << opt_ciphersuites; |
| 173 if (IsFailure(tls->setCipherSuites(opt_ciphersuites.c_str()))) | 177 if (IsFailure(tls->setCipherSuites(opt_ciphersuites.c_str()))) |
| 174 { | 178 { |
| 175 throw OrthancException(ErrorCode_InternalError, "Unable to set cipher suites to: " + opt_ciphersuites); | 179 throw OrthancException(ErrorCode_InternalError, "Unable to set cipher suites to: " + opt_ciphersuites); |