TheCloud/panda3d
1
0
Fork 0
mirror of https://github.com/panda3d/panda3d.git synced 2025-10-03 10:22:45 -04:00
Code Issues Packages Projects Releases Wiki Activity

add set_verify_ssl

Browse Source
This commit is contained in:
David Rose 2002-09-27 16:08:47 +00:00
parent 27107f5244
commit 4b13992ed8
3 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
panda/src/downloader/httpClient.I
View File

@ -79,3 +79,19 @@ get_proxy() const {
return _proxy; return _proxy;
} }
////////////////////////////////////////////////////////////////////
// Function: HTTPClient::set_verify_ssl
// Access: Published
// Description: Specifies whether the client will insist on verifying
// the identity of the servers it connects to via SSL
// (that is, https). If this is true (the default),
// connections will only be allowed to trusted servers.
////////////////////////////////////////////////////////////////////
INLINE void HTTPClient::
set_verify_ssl(bool verify_ssl) {
if (verify_ssl) {
SSL_CTX_set_verify(_ssl_ctx, SSL_VERIFY_PEER, NULL);
} else {
SSL_CTX_set_verify(_ssl_ctx, SSL_VERIFY_NONE, NULL);
}
}

6
panda/src/downloader/httpClient.cxx
View File

@ -21,6 +21,7 @@
#include "filename.h" #include "filename.h"
#include "config_express.h" #include "config_express.h"
#include "virtualFileSystem.h" #include "virtualFileSystem.h"
#include "executionEnvironment.h"
#ifdef HAVE_SSL #ifdef HAVE_SSL
@ -107,6 +108,9 @@ make_ctx() {
} }
_ssl_ctx = SSL_CTX_new(SSLv23_client_method()); _ssl_ctx = SSL_CTX_new(SSLv23_client_method());
// By default, insist on verifying servers.
SSL_CTX_set_verify(_ssl_ctx, SSL_VERIFY_PEER, NULL);
// Load in any default certificates listed in the Configrc file. // Load in any default certificates listed in the Configrc file.
Config::ConfigTable::Symbol cert_files; Config::ConfigTable::Symbol cert_files;
config_express.GetAll("ssl-certificates", cert_files); config_express.GetAll("ssl-certificates", cert_files);
@ -119,7 +123,7 @@ make_ctx() {
for (si = cert_files.begin(); si != cert_files.end(); ++si) { for (si = cert_files.begin(); si != cert_files.end(); ++si) {
string cert_file = (*si).Val(); string cert_file = (*si).Val();
if (already_read.insert(cert_file).second) { if (already_read.insert(cert_file).second) {
Filename filename = Filename::from_os_specific(cert_file); Filename filename = Filename::from_os_specific(ExecutionEnvironment::expand_string(cert_file));
if (load_certificates(filename)) { if (load_certificates(filename)) {
downloader_cat.info() downloader_cat.info()
<< "Appending SSL certificates from " << cert_file << "\n"; << "Appending SSL certificates from " << cert_file << "\n";

2
panda/src/downloader/httpClient.h
View File

@ -53,6 +53,8 @@ PUBLISHED:
bool load_certificates(const Filename &filename); bool load_certificates(const Filename &filename);
INLINE void set_verify_ssl(bool verify_ssl);
PT(HTTPDocument) get_document(const URLSpec &url, const string &body = string()); PT(HTTPDocument) get_document(const URLSpec &url, const string &body = string());
private: private: