Mercurial > hg > orthanc

diff Core/WebServiceParameters.cpp @ 2669:eaf10085ffa1 jobs

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
no passwords in public content of jobs
author Sebastien Jodogne <s.jodogne@gmail.com>
date Sat, 09 Jun 2018 14:15:32 +0200
parents c27f7ecf9b54
children d67298eec14e
line wrap: on
line diff
--- a/Core/WebServiceParameters.cpp	Fri Jun 08 18:08:48 2018 +0200
+++ b/Core/WebServiceParameters.cpp	Sat Jun 09 14:15:32 2018 +0200
@@ -130,6 +130,11 @@
       SetUsername("");
       SetPassword("");
     }
+    else if (peer.size() == 2)
+    {
+      LOG(ERROR) << "The HTTP password is not provided";
+      throw OrthancException(ErrorCode_BadFileFormat);
+    }
     else if (peer.size() == 3)
     {
       SetUsername(peer.get(1u, "").asString());
@@ -178,12 +183,25 @@
     SetUsername(GetStringMember(peer, "Username", ""));
     SetPassword(GetStringMember(peer, "Password", ""));
 
+    if (!username_.empty() &&
+        !peer.isMember("Password"))
+    {
+      LOG(ERROR) << "The HTTP password is not provided";
+      throw OrthancException(ErrorCode_BadFileFormat);      
+    }
+
 #if ORTHANC_SANDBOXED == 0
     if (peer.isMember("CertificateFile"))
     {
       SetClientCertificate(GetStringMember(peer, "CertificateFile", ""),
                            GetStringMember(peer, "CertificateKeyFile", ""),
                            GetStringMember(peer, "CertificateKeyPassword", ""));
+
+      if (!peer.isMember("CertificateKeyPassword"))
+      {
+        LOG(ERROR) << "The password for the HTTPS certificate is not provided";
+        throw OrthancException(ErrorCode_BadFileFormat);      
+      }
     }
 #endif
 
@@ -229,7 +247,8 @@
   }
 
 
-  void WebServiceParameters::ToJson(Json::Value& value) const
+  void WebServiceParameters::ToJson(Json::Value& value,
+                                    bool includePasswords) const
   {
     if (advancedFormat_)
     {
@@ -240,7 +259,11 @@
           !password_.empty())
       {
         value["Username"] = username_;
-        value["Password"] = password_;
+
+        if (includePasswords)
+        {
+          value["Password"] = password_;
+        }
       }
 
       if (!certificateFile_.empty())
@@ -253,7 +276,8 @@
         value["CertificateKeyFile"] = certificateKeyFile_;
       }
 
-      if (!certificateKeyPassword_.empty())
+      if (!certificateKeyPassword_.empty() &&
+          includePasswords)
       {
         value["CertificateKeyPassword"] = certificateKeyPassword_;
       }
@@ -267,7 +291,11 @@
           !password_.empty())
       {
         value.append(username_);
-        value.append(password_);
+
+        if (includePasswords)
+        {
+          value.append(password_);
+        }
       }
     }
   }
@@ -283,6 +311,7 @@
     target["CertificateKeyFile"] = certificateKeyFile_;
     target["CertificateKeyPassword"] = certificateKeyPassword_;
     target["PKCS11"] = pkcs11Enabled_;
+    target["AdvancedFormat"] = advancedFormat_;
   }
 
   
@@ -304,5 +333,6 @@
     }
     
     pkcs11Enabled_ = SerializationToolbox::ReadBoolean(serialized, "PKCS11");
+    advancedFormat_ = SerializationToolbox::ReadBoolean(serialized, "AdvancedFormat");
   }
 }