Mercurial > hg > orthanc
comparison OrthancServer/Sources/main.cpp @ 4785:61da49321754 openssl-3.x
integration mainline->openssl-3.x
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Mon, 30 Aug 2021 22:21:24 +0200 |
parents | f0038043fb97 ec8aef42a7db |
children | 70d2a97ca8cb |
comparison
equal
deleted
inserted
replaced
4760:b2417ac5055a | 4785:61da49321754 |
---|---|
265 private: | 265 private: |
266 ServerContext& context_; | 266 ServerContext& context_; |
267 bool alwaysAllowEcho_; | 267 bool alwaysAllowEcho_; |
268 bool alwaysAllowFind_; // New in Orthanc 1.9.0 | 268 bool alwaysAllowFind_; // New in Orthanc 1.9.0 |
269 bool alwaysAllowGet_; // New in Orthanc 1.9.0 | 269 bool alwaysAllowGet_; // New in Orthanc 1.9.0 |
270 bool alwaysAllowMove_; // New in Orthanc 1.9.7 | |
270 bool alwaysAllowStore_; | 271 bool alwaysAllowStore_; |
271 | 272 |
272 public: | 273 public: |
273 explicit OrthancApplicationEntityFilter(ServerContext& context) : | 274 explicit OrthancApplicationEntityFilter(ServerContext& context) : |
274 context_(context) | 275 context_(context) |
276 { | 277 { |
277 OrthancConfiguration::ReaderLock lock; | 278 OrthancConfiguration::ReaderLock lock; |
278 alwaysAllowEcho_ = lock.GetConfiguration().GetBooleanParameter("DicomAlwaysAllowEcho", true); | 279 alwaysAllowEcho_ = lock.GetConfiguration().GetBooleanParameter("DicomAlwaysAllowEcho", true); |
279 alwaysAllowFind_ = lock.GetConfiguration().GetBooleanParameter("DicomAlwaysAllowFind", false); | 280 alwaysAllowFind_ = lock.GetConfiguration().GetBooleanParameter("DicomAlwaysAllowFind", false); |
280 alwaysAllowGet_ = lock.GetConfiguration().GetBooleanParameter("DicomAlwaysAllowGet", false); | 281 alwaysAllowGet_ = lock.GetConfiguration().GetBooleanParameter("DicomAlwaysAllowGet", false); |
282 alwaysAllowMove_ = lock.GetConfiguration().GetBooleanParameter("DicomAlwaysAllowMove", false); | |
281 alwaysAllowStore_ = lock.GetConfiguration().GetBooleanParameter("DicomAlwaysAllowStore", true); | 283 alwaysAllowStore_ = lock.GetConfiguration().GetBooleanParameter("DicomAlwaysAllowStore", true); |
282 } | 284 } |
283 | 285 |
284 if (alwaysAllowFind_) | 286 if (alwaysAllowFind_) |
285 { | 287 { |
287 } | 289 } |
288 | 290 |
289 if (alwaysAllowGet_) | 291 if (alwaysAllowGet_) |
290 { | 292 { |
291 LOG(WARNING) << "Security risk in DICOM SCP: C-GET requests are always allowed, even from unknown modalities"; | 293 LOG(WARNING) << "Security risk in DICOM SCP: C-GET requests are always allowed, even from unknown modalities"; |
294 } | |
295 | |
296 if (alwaysAllowMove_) | |
297 { | |
298 LOG(WARNING) << "Security risk in DICOM SCP: C-MOOVE requests are always allowed, even from unknown modalities"; | |
292 } | 299 } |
293 } | 300 } |
294 | 301 |
295 virtual bool IsAllowedConnection(const std::string& remoteIp, | 302 virtual bool IsAllowedConnection(const std::string& remoteIp, |
296 const std::string& remoteAet, | 303 const std::string& remoteAet, |
300 << " on IP " << remoteIp << ", calling AET " << calledAet; | 307 << " on IP " << remoteIp << ", calling AET " << calledAet; |
301 | 308 |
302 if (alwaysAllowEcho_ || | 309 if (alwaysAllowEcho_ || |
303 alwaysAllowFind_ || | 310 alwaysAllowFind_ || |
304 alwaysAllowGet_ || | 311 alwaysAllowGet_ || |
312 alwaysAllowMove_ || | |
305 alwaysAllowStore_) | 313 alwaysAllowStore_) |
306 { | 314 { |
307 return true; | 315 return true; |
308 } | 316 } |
309 else | 317 else |
352 } | 360 } |
353 else if (type == DicomRequestType_Get && | 361 else if (type == DicomRequestType_Get && |
354 alwaysAllowGet_) | 362 alwaysAllowGet_) |
355 { | 363 { |
356 // Incoming C-Get requests are always accepted, even from unknown AET | 364 // Incoming C-Get requests are always accepted, even from unknown AET |
365 return true; | |
366 } | |
367 else if (type == DicomRequestType_Move && | |
368 alwaysAllowMove_) | |
369 { | |
370 // Incoming C-Move requests are always accepted, even from unknown AET | |
357 return true; | 371 return true; |
358 } | 372 } |
359 else | 373 else |
360 { | 374 { |
361 bool checkIp; | 375 bool checkIp; |