Mercurial > hg > orthanc
comparison OrthancFramework/Sources/DicomNetworking/Internals/DicomTls.cpp @ 4656:82a314325351
New configuration option: "DicomTlsRemoteCertificateRequired"
| author | Sebastien Jodogne <s.jodogne@gmail.com> |
|---|---|
| date | Thu, 06 May 2021 18:39:19 +0200 |
| parents | 4a4e33c9082d |
| children | 7053502fbf97 |
comparison
equal
deleted
inserted
replaced
| 4655:9f7eef20bc7d | 4656:82a314325351 |
|---|---|
| 46 { | 46 { |
| 47 DcmTLSTransportLayer* InitializeDicomTls(T_ASC_Network *network, | 47 DcmTLSTransportLayer* InitializeDicomTls(T_ASC_Network *network, |
| 48 T_ASC_NetworkRole role, | 48 T_ASC_NetworkRole role, |
| 49 const std::string& ownPrivateKeyPath, | 49 const std::string& ownPrivateKeyPath, |
| 50 const std::string& ownCertificatePath, | 50 const std::string& ownCertificatePath, |
| 51 const std::string& trustedCertificatesPath) | 51 const std::string& trustedCertificatesPath, |
| 52 bool requireRemoteCertificate) | |
| 52 { | 53 { |
| 53 if (network == NULL) | 54 if (network == NULL) |
| 54 { | 55 { |
| 55 throw OrthancException(ErrorCode_NullPointer); | 56 throw OrthancException(ErrorCode_NullPointer); |
| 56 } | 57 } |
| 145 { | 146 { |
| 146 throw OrthancException(ErrorCode_InternalError, "Unable to set cipher suites to: " + opt_ciphersuites); | 147 throw OrthancException(ErrorCode_InternalError, "Unable to set cipher suites to: " + opt_ciphersuites); |
| 147 } | 148 } |
| 148 #endif | 149 #endif |
| 149 | 150 |
| 150 tls->setCertificateVerification(DCV_requireCertificate /*opt_certVerification*/); | 151 if (requireRemoteCertificate) |
| 152 { | |
| 153 // Check remote certificate, fail if no certificate is present | |
| 154 tls->setCertificateVerification(DCV_requireCertificate /*opt_certVerification*/); | |
| 155 } | |
| 156 else | |
| 157 { | |
| 158 // Check remote certificate if present, succeed if no certificate is present | |
| 159 tls->setCertificateVerification(DCV_checkCertificate /*opt_certVerification*/); | |
| 160 } | |
| 151 | 161 |
| 152 if (ASC_setTransportLayer(network, tls.get(), 0).bad()) | 162 if (ASC_setTransportLayer(network, tls.get(), 0).bad()) |
| 153 { | 163 { |
| 154 throw OrthancException(ErrorCode_InternalError, "Cannot enable DICOM TLS in the Orthanc " + | 164 throw OrthancException(ErrorCode_InternalError, "Cannot enable DICOM TLS in the Orthanc " + |
| 155 std::string(role == NET_ACCEPTOR ? "SCP" : "SCU")); | 165 std::string(role == NET_ACCEPTOR ? "SCP" : "SCU")); |