本文整理汇总了C++中SSLSocket::getPeerCertificate方法的典型用法代码示例。如果您正苦于以下问题:C++ SSLSocket::getPeerCertificate方法的具体用法?C++ SSLSocket::getPeerCertificate怎么用?C++ SSLSocket::getPeerCertificate使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类SSLSocket的用法示例。
在下文中一共展示了SSLSocket::getPeerCertificate方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: run
void* SSLServerThread::run()
{
int port = pcfg->getIntParam(SSL_PORT_PARAM,9001);
std::string cert = pcfg->getParam(SSL_CERT_PARAM);
std::string key = pcfg->getParam(SSL_KEY_PARAM);
std::string caFile = pcfg->getParam(SSL_CA_PARAM);
std::string caDir = pcfg->getParam(SSL_CA_DIR_PARAM);
bool require_cert = stricmp(pcfg->getParam(SSL_REQUIRE_CLIENT_CERT, "no").c_str(), "yes") == 0;
std::string address_list = pcfg->getParam(SSL_BIND_ADDRESS, "");
AddressParser ap(address_list);
SSLSocket client;
X509Certificate* pcert;
X509Certificate serverCert;
PrivateKey serverPkey;
CertificateAuthority ca(caFile, caDir);
SSLContext ctx;
bool trusted = false;
std::string user;
if (serverCert.loadPEMFile(cert) != X509Certificate::noError) {
Log::getLog()->Info("Unable to load the SSL server certificate, disabling SSL");
return NULL;
}
if (serverPkey.loadPEMFile(key) != PrivateKey::noError) {
Log::getLog()->Info("Unable to load the SSL server private key, disabling SSL");
return NULL;
}
Log::getLog()->Info("Reporting SSL Identity as: %s", serverCert.getSubjectName().c_str());
ctx.setPrivateKey(&serverPkey);
ctx.setX509Certificate(&serverCert);
ctx.setCertificateAuthority(&ca);
ctx.enableVerification(require_cert); // TODO: Get a parameter to determine if client certificates are required
ctx.setSessionID(SAFMQ_SESSION_ID, sizeof(SAFMQ_SESSION_ID)-1);
if (port < 1)
port = 9001;
if (ap.addresses.size() == 0) {
try {
SSLServerSocket* svr = new SSLServerSocket(port,&ctx);
servers.push_back(svr);
Log::getLog()->Info("Starting SAFMQ Server at address safmqs://*:%ld", port);
} catch (tcpsocket::SocketException e) {
Log::getLog()->Info("Error:Binding Address: safmqs://*:%ld -- %s", port, e.what());
}
} else {
for(AddressParser::AddressList::size_type x=0;x<ap.addresses.size();x++) {
unsigned short tmpport;
try {
tmpport = (ap.addresses[x].port == 0xFFFF ) ? port : ap.addresses[x].port;
SSLServerSocket* svr = new SSLServerSocket(tmpport, &ctx, ap.addresses[x].address);
servers.push_back(svr);
Log::getLog()->Info("Starting SAFMQ Server at address safmqs://%s:%ld", ap.addresses[x].name.c_str(),tmpport);
} catch (tcpsocket::SocketException e) {
Log::getLog()->Info("Error:Binding Address: safmqs://%s:%ld -- %s", ap.addresses[x].name.c_str(),tmpport, e.what());
}
}
}
try {
std::list<SSLServerSocket*> avail;
tcpsocket::Selector<tcpsocket::SSLServerSocket> selector;
std::list<tcpsocket::SSLServerSocket*>::iterator i;
while (!m_bStop) {
trusted = false;
user = "";
avail.clear();
avail.assign(servers.begin(), servers.end());
selector.selectReaders(avail);
for(i = avail.begin(); !m_bStop && i != avail.end(); ++i) {
client = (*i)->acceptConnection();
Log::getLog()->Info("New conneciton accepted");
// Force the connection negotiation, this will call verify()
pcert = client.getPeerCertificate();
Log::getLog()->Info("Peer certificate obtained 0x%lx", pcert);
int res = client.getVerifyResult();
Log::getLog()->Info("Peer Verify Result: %ld", res);
if (pcert) {
Log::getLog()->Info("Client Cert Issuer: %s", pcert->getIssuerName().c_str());
Log::getLog()->Info("Client Cert Subject: %s", pcert->getSubjectName().c_str());
} else {
Log::getLog()->Info("SSLServerThread::run()-pcert: %p", pcert);
}
// determine if a trusted user certificate has been presented
if (res == X509_V_OK && pcert) {
trusted = (SecurityControl::getSecurityControl()->identifyUser(pcert->getSubjectName(), pcert->getIssuerName(), user) == SecurityControl::GRANTED);
}
//.........这里部分代码省略.........