Mercurial > hg > orthanc
comparison Core/HttpClient.cpp @ 2019:9c9332e486ca
HTTPS client certificates can be associated with Orthanc peers to enhance security over Internet
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Tue, 14 Jun 2016 17:53:23 +0200 |
parents | 0ae26237569a |
children | a0bd8cd55da7 |
comparison
equal
deleted
inserted
replaced
2018:300599489cab | 2019:9c9332e486ca |
---|---|
347 if (proxy_.size() != 0) | 347 if (proxy_.size() != 0) |
348 { | 348 { |
349 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_PROXY, proxy_.c_str())); | 349 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_PROXY, proxy_.c_str())); |
350 } | 350 } |
351 | 351 |
352 // Set the HTTPS client certificate | |
353 if (!clientCertificateFile_.empty()) | |
354 { | |
355 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERTTYPE, "PEM")); | |
356 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLCERT, clientCertificateFile_.c_str())); | |
357 | |
358 if (!clientCertificateKeyPassword_.empty()) | |
359 { | |
360 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_KEYPASSWD, clientCertificateKeyPassword_.c_str())); | |
361 } | |
362 | |
363 // NB: If no "clientKeyFile_" is provided, the key must be | |
364 // prepended to the certificate file | |
365 if (!clientCertificateKeyFile_.empty()) | |
366 { | |
367 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLKEYTYPE, "PEM")); | |
368 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSLKEY, clientCertificateKeyFile_.c_str())); | |
369 } | |
370 } | |
371 | |
352 switch (method_) | 372 switch (method_) |
353 { | 373 { |
354 case HttpMethod_Get: | 374 case HttpMethod_Get: |
355 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HTTPGET, 1L)); | 375 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HTTPGET, 1L)); |
356 break; | 376 break; |
528 if (!Apply(answer)) | 548 if (!Apply(answer)) |
529 { | 549 { |
530 ThrowException(GetLastStatus()); | 550 ThrowException(GetLastStatus()); |
531 } | 551 } |
532 } | 552 } |
553 | |
554 | |
555 void HttpClient::SetClientCertificate(const std::string& certificateFile, | |
556 const std::string& certificateKeyFile, | |
557 const std::string& certificateKeyPassword) | |
558 { | |
559 if (certificateFile.empty()) | |
560 { | |
561 throw OrthancException(ErrorCode_ParameterOutOfRange); | |
562 } | |
563 | |
564 if (!Toolbox::IsRegularFile(certificateFile)) | |
565 { | |
566 LOG(ERROR) << "Cannot open certificate file: " << certificateFile; | |
567 throw OrthancException(ErrorCode_InexistentFile); | |
568 } | |
569 | |
570 if (!certificateKeyFile.empty() && | |
571 !Toolbox::IsRegularFile(certificateKeyFile)) | |
572 { | |
573 LOG(ERROR) << "Cannot open key file: " << certificateKeyFile; | |
574 throw OrthancException(ErrorCode_InexistentFile); | |
575 } | |
576 | |
577 clientCertificateFile_ = certificateFile; | |
578 clientCertificateKeyFile_ = certificateKeyFile; | |
579 clientCertificateKeyPassword_ = certificateKeyPassword; | |
580 } | |
533 } | 581 } |