Author: rfm
Date: Fri May 19 17:28:06 2017
New Revision: 40509
URL: http://svn.gna.org/viewcvs/gnustep?rev=40509&view=rev
Log:
Use newer SSL API from base to permit more options in 'secure' dictionary
Modified:
libs/webserver/trunk/WebServer.m
libs/webserver/trunk/WebServerConnection.m
Modified: libs/webserver/trunk/WebServer.m
URL:
http://svn.gna.org/viewcvs/gnustep/libs/webserver/trunk/WebServer.m?rev=40509&r1=40508&r2=40509&view=diff
==============================================================================
--- libs/webserver/trunk/WebServer.m (original)
+++ libs/webserver/trunk/WebServer.m Fri May 19 17:28:06 2017
@@ -2047,30 +2047,106 @@
}
else
{
- NSString *address = [hdl socketLocalAddress];
- NSDictionary *primary = [_sslConfig objectForKey: address];
- NSString *certificateFile;
- NSString *keyFile;
- NSString *password;
-
- certificateFile = [primary objectForKey: @"CertificateFile"];
- if (certificateFile == nil)
- {
- certificateFile = [_sslConfig objectForKey: @"CertificateFile"];
- }
- keyFile = [primary objectForKey: @"KeyFile"];
- if (keyFile == nil)
- {
- keyFile = [_sslConfig objectForKey: @"KeyFile"];
- }
- password = [primary objectForKey: @"Password"];
- if (password == nil)
- {
- password = [_sslConfig objectForKey: @"Password"];
- }
- [hdl sslSetCertificate: certificateFile
- privateKey: keyFile
- PEMpasswd: password];
+ NSMutableDictionary *options = [NSMutableDictionary dictionary];
+ NSString *address = [hdl socketLocalAddress];
+ NSDictionary *primary = [_sslConfig objectForKey: address];
+ NSString *s;
+
+ if (nil == (s = [primary objectForKey: @"CAFile"]))
+ {
+ s = [_sslConfig objectForKey: @"CAFile"];
+ }
+ if (nil != s)
+ {
+ [options setObject: s forKey: GSTLSCAFile];
+ }
+
+ if (nil == (s = [primary objectForKey: @"CertificateFile"]))
+ {
+ s = [_sslConfig objectForKey: @"CertificateFile"];
+ }
+ if (nil != s)
+ {
+ [options setObject: s forKey: GSTLSCertificateFile];
+ }
+
+ if (nil == (s = [primary objectForKey: @"CertificateKeyFile"]))
+ {
+ if (nil == (s = [_sslConfig objectForKey:
@"CertificateKeyFile"]))
+ {
+ if (nil == (s = [primary objectForKey: @"KeyFile"]))
+ {
+ s = [_sslConfig objectForKey: @"KeyFile"];
+ }
+ }
+ }
+ if (nil != s)
+ {
+ [options setObject: s forKey: GSTLSCertificateKeyFile];
+ }
+
+ if (nil == (s = [primary objectForKey: @"CertificateKeyPassword"]))
+ {
+ if (nil
+ == (s = [_sslConfig objectForKey: @"CertificateKeyPassword"]))
+ {
+ if (nil == (s = [primary objectForKey: @"KeyPassword"]))
+ {
+ s = [_sslConfig objectForKey: @"KeyPassword"];
+ }
+ }
+ }
+ if (nil != s)
+ {
+ [options setObject: s forKey: GSTLSCertificateKeyPassword];
+ }
+
+ if (nil == (s = [primary objectForKey: @"Debug"]))
+ {
+ s = [_sslConfig objectForKey: @"Debug"];
+ }
+ if (nil != s)
+ {
+ [options setObject: s forKey: GSTLSDebug];
+ }
+
+ if (nil == (s = [primary objectForKey: @"Priority"]))
+ {
+ s = [_sslConfig objectForKey: @"Priority"];
+ }
+ if (nil != s)
+ {
+ [options setObject: s forKey: GSTLSPriority];
+ }
+
+ if (nil == (s = [primary objectForKey: @"RemoteHosts"]))
+ {
+ s = [_sslConfig objectForKey: @"RemoteHosts"];
+ }
+ if (nil != s)
+ {
+ [options setObject: s forKey: GSTLSRemoteHosts];
+ }
+
+ if (nil == (s = [primary objectForKey: @"RevokeFile"]))
+ {
+ s = [_sslConfig objectForKey: @"RevokeFile"];
+ }
+ if (nil != s)
+ {
+ [options setObject: s forKey: GSTLSRevokeFile];
+ }
+
+ if (nil == (s = [primary objectForKey: @"Verify"]))
+ {
+ s = [_sslConfig objectForKey: @"Verify"];
+ }
+ if (nil != s)
+ {
+ [options setObject: s forKey: GSTLSVerify];
+ }
+
+ [hdl sslSetOptions: options];
ssl = YES;
}
Modified: libs/webserver/trunk/WebServerConnection.m
URL:
http://svn.gna.org/viewcvs/gnustep/libs/webserver/trunk/WebServerConnection.m?rev=40509&r1=40508&r2=40509&view=diff
==============================================================================
--- libs/webserver/trunk/WebServerConnection.m (original)
+++ libs/webserver/trunk/WebServerConnection.m Fri May 19 17:28:06 2017
@@ -1689,6 +1689,24 @@
value: version
parameters: nil];
+ if (YES == ssl && [handle respondsToSelector: @selector(issuer)])
+ {
+ NSString *s;
+
+ if (nil != (s = [handle performSelector: @selector(issuer)]))
+ {
+ [doc setHeader: @"x-cert-issuer"
+ value: s
+ parameters: nil];
+ }
+ if (nil != (s = [handle performSelector: @selector(owner)]))
+ {
+ [doc setHeader: @"x-cert-owner"
+ value: s
+ parameters: nil];
+ }
+ }
+
if (pos >= length)
{
// Needs more data.
_______________________________________________
Gnustep-cvs mailing list
[email protected]
https://mail.gna.org/listinfo/gnustep-cvs
