Made callback function global #4522
This commit is contained in:
parent
5dfe4aa0b5
commit
b8ba37b4f4
|
@ -23,6 +23,7 @@
|
||||||
#include "arch/XArch.h"
|
#include "arch/XArch.h"
|
||||||
#include "base/Log.h"
|
#include "base/Log.h"
|
||||||
|
|
||||||
|
#include <openssl/ssl.h>
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
#include <cstring>
|
#include <cstring>
|
||||||
#include <cstdlib>
|
#include <cstdlib>
|
||||||
|
@ -30,6 +31,9 @@
|
||||||
#include <sstream>
|
#include <sstream>
|
||||||
#include <iomanip>
|
#include <iomanip>
|
||||||
#include <fstream>
|
#include <fstream>
|
||||||
|
#include <algorithm>
|
||||||
|
|
||||||
|
int verifyCertFingerprint(X509_STORE_CTX* ctx, void* arg);
|
||||||
|
|
||||||
//
|
//
|
||||||
// SecureSocket
|
// SecureSocket
|
||||||
|
@ -207,7 +211,7 @@ SecureSocket::initContext(bool server)
|
||||||
|
|
||||||
if (!server) {
|
if (!server) {
|
||||||
//void* p = reinterpret_cast<void*>(const_cast<char*>(m_certFingerprint.c_str()));
|
//void* p = reinterpret_cast<void*>(const_cast<char*>(m_certFingerprint.c_str()));
|
||||||
SSL_CTX_set_cert_verify_callback(m_ssl->m_context, CSecureSocket::verifyCertFingerprint, (void*)test);
|
SSL_CTX_set_cert_verify_callback(m_ssl->m_context, verifyCertFingerprint, (void*)test);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -437,7 +441,7 @@ SecureSocket::serviceAccept(ISocketMultiplexerJob* job,
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
CSecureSocket::verifyCertFingerprint(X509_STORE_CTX* ctx, void* arg)
|
verifyCertFingerprint(X509_STORE_CTX* ctx, void* arg)
|
||||||
{
|
{
|
||||||
X509 *cert = ctx->cert;
|
X509 *cert = ctx->cert;
|
||||||
|
|
||||||
|
@ -446,13 +450,13 @@ CSecureSocket::verifyCertFingerprint(X509_STORE_CTX* ctx, void* arg)
|
||||||
unsigned int tempFingerprintLen;
|
unsigned int tempFingerprintLen;
|
||||||
tempDigest = (EVP_MD*)EVP_sha1();
|
tempDigest = (EVP_MD*)EVP_sha1();
|
||||||
if (X509_digest(cert, tempDigest, tempFingerprint, &tempFingerprintLen) <= 0) {
|
if (X509_digest(cert, tempDigest, tempFingerprint, &tempFingerprintLen) <= 0) {
|
||||||
s_verifyFingerprintFailed = true;
|
CSecureSocket::s_verifyFingerprintFailed = true;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
std::stringstream ss;
|
std::stringstream ss;
|
||||||
ss << std::hex;
|
ss << std::hex;
|
||||||
for (int i = 0; i < tempFingerprintLen; i++) {
|
for (unsigned int i = 0; i < tempFingerprintLen; i++) {
|
||||||
ss << std::setw(2) << std::setfill('0') << (int)tempFingerprint[i];
|
ss << std::setw(2) << std::setfill('0') << (int)tempFingerprint[i];
|
||||||
}
|
}
|
||||||
CString fingerprint = ss.str();
|
CString fingerprint = ss.str();
|
||||||
|
@ -483,6 +487,6 @@ CSecureSocket::verifyCertFingerprint(X509_STORE_CTX* ctx, void* arg)
|
||||||
|
|
||||||
file.close();
|
file.close();
|
||||||
|
|
||||||
s_verifyFingerprintFailed = true;
|
CSecureSocket::s_verifyFingerprintFailed = true;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,8 +20,6 @@
|
||||||
#include "net/TCPSocket.h"
|
#include "net/TCPSocket.h"
|
||||||
#include "net/XSocket.h"
|
#include "net/XSocket.h"
|
||||||
|
|
||||||
#include <openssl/ssl.h>
|
|
||||||
|
|
||||||
class IEventQueue;
|
class IEventQueue;
|
||||||
class SocketMultiplexer;
|
class SocketMultiplexer;
|
||||||
class ISocketMultiplexerJob;
|
class ISocketMultiplexerJob;
|
||||||
|
@ -73,15 +71,11 @@ private:
|
||||||
serviceAccept(ISocketMultiplexerJob*,
|
serviceAccept(ISocketMultiplexerJob*,
|
||||||
bool, bool, bool);
|
bool, bool, bool);
|
||||||
|
|
||||||
private:
|
|
||||||
static int verifyCertFingerprint(X509_STORE_CTX* ctx, void* arg);
|
|
||||||
|
|
||||||
|
|
||||||
private:
|
private:
|
||||||
Ssl* m_ssl;
|
Ssl* m_ssl;
|
||||||
bool m_secureReady;
|
bool m_secureReady;
|
||||||
CString m_certFingerprint;
|
CString m_certFingerprint;
|
||||||
|
|
||||||
private:
|
public:
|
||||||
static bool s_verifyFingerprintFailed;
|
static bool s_verifyFingerprintFailed;
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in New Issue