Mercurial > hg > orthanc
comparison Core/HttpClient.cpp @ 2019:9c9332e486ca
HTTPS client certificates can be associated with Orthanc peers to enhance security over Internet
| author | Sebastien Jodogne <s.jodogne@gmail.com> |
|---|---|
| date | Tue, 14 Jun 2016 17:53:23 +0200 |
| parents | 0ae26237569a |
| children | a0bd8cd55da7 |
comparison
equal
deleted
inserted
replaced
| 2018:300599489cab | 2019:9c9332e486ca |
|---|---|
| 347 if (proxy_.size() != 0) | 347 if (proxy_.size() != 0) |
| 348 { | 348 { |
| 349 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_PROXY, proxy_.c_str())); | 349 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_PROXY, proxy_.c_str())); |
| 350 } | 350 } |
| 351 | 351 |
| 352 // Set the HTTPS client certificate | |
| 353 if (!clientCertificateFile_.empty()) | |
| 354 { | |
| 355 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERTTYPE, "PEM")); | |
| 356 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERT, clientCertificateFile_.c_str())); | |
| 357 | |
| 358 if (!clientCertificateKeyPassword_.empty()) | |
| 359 { | |
| 360 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_KEYPASSWD, clientCertificateKeyPassword_.c_str())); | |
| 361 } | |
| 362 | |
| 363 // NB: If no "clientKeyFile_" is provided, the key must be | |
| 364 // prepended to the certificate file | |
| 365 if (!clientCertificateKeyFile_.empty()) | |
| 366 { | |
| 367 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLKEYTYPE, "PEM")); | |
| 368 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLKEY, clientCertificateKeyFile_.c_str())); | |
| 369 } | |
| 370 } | |
| 371 | |
| 352 switch (method_) | 372 switch (method_) |
| 353 { | 373 { |
| 354 case HttpMethod_Get: | 374 case HttpMethod_Get: |
| 355 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HTTPGET, 1L)); | 375 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HTTPGET, 1L)); |
| 356 break; | 376 break; |
| 528 if (!Apply(answer)) | 548 if (!Apply(answer)) |
| 529 { | 549 { |
| 530 ThrowException(GetLastStatus()); | 550 ThrowException(GetLastStatus()); |
| 531 } | 551 } |
| 532 } | 552 } |
| 553 | |
| 554 | |
| 555 void HttpClient::SetClientCertificate(const std::string& certificateFile, | |
| 556 const std::string& certificateKeyFile, | |
| 557 const std::string& certificateKeyPassword) | |
| 558 { | |
| 559 if (certificateFile.empty()) | |
| 560 { | |
| 561 throw OrthancException(ErrorCode_ParameterOutOfRange); | |
| 562 } | |
| 563 | |
| 564 if (!Toolbox::IsRegularFile(certificateFile)) | |
| 565 { | |
| 566 LOG(ERROR) << "Cannot open certificate file: " << certificateFile; | |
| 567 throw OrthancException(ErrorCode_InexistentFile); | |
| 568 } | |
| 569 | |
| 570 if (!certificateKeyFile.empty() && | |
| 571 !Toolbox::IsRegularFile(certificateKeyFile)) | |
| 572 { | |
| 573 LOG(ERROR) << "Cannot open key file: " << certificateKeyFile; | |
| 574 throw OrthancException(ErrorCode_InexistentFile); | |
| 575 } | |
| 576 | |
| 577 clientCertificateFile_ = certificateFile; | |
| 578 clientCertificateKeyFile_ = certificateKeyFile; | |
| 579 clientCertificateKeyPassword_ = certificateKeyPassword; | |
| 580 } | |
| 533 } | 581 } |