comparison Core/HttpClient.cpp @ 2019:9c9332e486ca

HTTPS client certificates can be associated with Orthanc peers to enhance security over Internet
author Sebastien Jodogne <s.jodogne@gmail.com>
date Tue, 14 Jun 2016 17:53:23 +0200
parents 0ae26237569a
children a0bd8cd55da7
comparison
equal deleted inserted replaced
2018:300599489cab 2019:9c9332e486ca
347 if (proxy_.size() != 0) 347 if (proxy_.size() != 0)
348 { 348 {
349 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_PROXY, proxy_.c_str())); 349 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_PROXY, proxy_.c_str()));
350 } 350 }
351 351
352 // Set the HTTPS client certificate
353 if (!clientCertificateFile_.empty())
354 {
355 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERTTYPE, "PEM"));
356 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERT, clientCertificateFile_.c_str()));
357
358 if (!clientCertificateKeyPassword_.empty())
359 {
360 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_KEYPASSWD, clientCertificateKeyPassword_.c_str()));
361 }
362
363 // NB: If no "clientKeyFile_" is provided, the key must be
364 // prepended to the certificate file
365 if (!clientCertificateKeyFile_.empty())
366 {
367 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLKEYTYPE, "PEM"));
368 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLKEY, clientCertificateKeyFile_.c_str()));
369 }
370 }
371
352 switch (method_) 372 switch (method_)
353 { 373 {
354 case HttpMethod_Get: 374 case HttpMethod_Get:
355 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HTTPGET, 1L)); 375 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HTTPGET, 1L));
356 break; 376 break;
528 if (!Apply(answer)) 548 if (!Apply(answer))
529 { 549 {
530 ThrowException(GetLastStatus()); 550 ThrowException(GetLastStatus());
531 } 551 }
532 } 552 }
553
554
555 void HttpClient::SetClientCertificate(const std::string& certificateFile,
556 const std::string& certificateKeyFile,
557 const std::string& certificateKeyPassword)
558 {
559 if (certificateFile.empty())
560 {
561 throw OrthancException(ErrorCode_ParameterOutOfRange);
562 }
563
564 if (!Toolbox::IsRegularFile(certificateFile))
565 {
566 LOG(ERROR) << "Cannot open certificate file: " << certificateFile;
567 throw OrthancException(ErrorCode_InexistentFile);
568 }
569
570 if (!certificateKeyFile.empty() &&
571 !Toolbox::IsRegularFile(certificateKeyFile))
572 {
573 LOG(ERROR) << "Cannot open key file: " << certificateKeyFile;
574 throw OrthancException(ErrorCode_InexistentFile);
575 }
576
577 clientCertificateFile_ = certificateFile;
578 clientCertificateKeyFile_ = certificateKeyFile;
579 clientCertificateKeyPassword_ = certificateKeyPassword;
580 }
533 } 581 }