loolwsd/LOOLWSD.cpp | 9 +++++++++
loolwsd/loolwsd.xml | 1 +
2 files changed, 10 insertions(+)
New commits:
commit 31200eec6f753f6606d1510f1ba6c064639341a1
Author: Pranav Kant <pran...@collabora.com>
Date: Fri Mar 25 08:12:37 2016 +0530
loolwsd: Add CA path during SSL initialize
Change-Id: I09071b5fc0c32360524506c92f444ed8c6d8e0df
diff --git a/loolwsd/LOOLWSD.cpp b/loolwsd/LOOLWSD.cpp
index d299c38..caeb378 100644
--- a/loolwsd/LOOLWSD.cpp
+++ b/loolwsd/LOOLWSD.cpp
@@ -1067,12 +1067,21 @@ void LOOLWSD::initializeSSL()
Log::info("SSL Key file: " + ssl_key_file_path);
+ auto ssl_ca_file_path = conf.getString("ssl.ca_file_path");
+ if (conf.getBool("ssl.ca_file_path[@relative]"))
+ {
+ ssl_ca_file_path =
Poco::Path(Application::instance().commandPath()).parent().append(ssl_ca_file_path).toString();
+ }
+
+ Log::info("SSL CA file: " + ssl_ca_file_path);
+
Poco::Crypto::initializeCrypto();
Poco::Net::initializeSSL();
Poco::Net::Context::Params sslParams;
sslParams.certificateFile = ssl_cert_file_path;
sslParams.privateKeyFile = ssl_key_file_path;
+ sslParams.caLocation = ssl_ca_file_path;
// Don't ask clients for certificate
sslParams.verificationMode = Poco::Net::Context::VERIFY_NONE;
diff --git a/loolwsd/loolwsd.xml b/loolwsd/loolwsd.xml
index 5945ba2..d058910 100644
--- a/loolwsd/loolwsd.xml
+++ b/loolwsd/loolwsd.xml
@@ -2,6 +2,7 @@
<ssl desc="SSL settings">
<cert_file_path desc="Path to the cert file"
relative="false">/etc/loolwsd/cert.pem</cert_file_path>
<key_file_path desc="Path to the key file"
relative="false">/etc/loolwsd/key.pem</key_file_path>
+ <ca_file_path desc="Path to the ca file"
relative="false">/etc/loolwsd/CollaboraCloudSuiteCA_ca-chain.cert.pem</ca_file_path>
</ssl>
<storage desc="Backend storage">
<filesystem allow="true">
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
