ARCHIVE/rippled
1
0
Fork 0
mirror of https://github.com/XRPLF/rippled.git synced 2025-11-27 06:25:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Switch to turn of SSL peer verification.

Browse Source
This commit is contained in:
JoelKatz
2013-02-28 11:44:30 -08:00
parent a337061084
commit ca5f3833dd
3 changed files with 14 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/cpp/ripple/Config.cpp
View File

@@ -46,6 +46,7 @@
#define SECTION_RPC_PASSWORD "rpc_password" #define SECTION_RPC_PASSWORD "rpc_password"
#define SECTION_RPC_STARTUP "rpc_startup" #define SECTION_RPC_STARTUP "rpc_startup"
#define SECTION_SNTP "sntp_servers" #define SECTION_SNTP "sntp_servers"
#define SECTION_SSL_VERIFY "ssl_verify"
#define SECTION_SSL_VERIFY_FILE "ssl_verify_file" #define SECTION_SSL_VERIFY_FILE "ssl_verify_file"
#define SECTION_SSL_VERIFY_DIR "ssl_verify_dir" #define SECTION_SSL_VERIFY_DIR "ssl_verify_dir"
#define SECTION_VALIDATORS_FILE "validators_file" #define SECTION_VALIDATORS_FILE "validators_file"
@@ -239,6 +240,8 @@ Config::Config()
VALIDATORS_SITE = DEFAULT_VALIDATORS_SITE; VALIDATORS_SITE = DEFAULT_VALIDATORS_SITE;
SSL_VERIFY = true;
RUN_STANDALONE = false; RUN_STANDALONE = false;
START_UP = NORMAL; START_UP = NORMAL;
} }
@@ -397,6 +400,8 @@ void Config::load()
sectionSingleB(secConfig, SECTION_SSL_VERIFY_FILE, SSL_VERIFY_FILE); sectionSingleB(secConfig, SECTION_SSL_VERIFY_FILE, SSL_VERIFY_FILE);
sectionSingleB(secConfig, SECTION_SSL_VERIFY_DIR, SSL_VERIFY_DIR); sectionSingleB(secConfig, SECTION_SSL_VERIFY_DIR, SSL_VERIFY_DIR);
if (sectionSingleB(secConfig, SECTION_SSL_VERIFY, strTemp))
SSL_VERIFY = boost::lexical_cast<bool>(strTemp);
if (sectionSingleB(secConfig, SECTION_VALIDATION_SEED, strTemp)) if (sectionSingleB(secConfig, SECTION_VALIDATION_SEED, strTemp))
{ {

1
src/cpp/ripple/Config.h
View File

@@ -178,6 +178,7 @@ public:
uint32 SIGN_PROPOSAL; uint32 SIGN_PROPOSAL;
boost::asio::ssl::context SSL_CONTEXT; // Generic SSL context. boost::asio::ssl::context SSL_CONTEXT; // Generic SSL context.
bool SSL_VERIFY;
std::string SSL_VERIFY_FILE; std::string SSL_VERIFY_FILE;
std::string SSL_VERIFY_DIR; std::string SSL_VERIFY_DIR;

12
src/cpp/ripple/HttpsClient.cpp
View File

@@ -34,6 +34,8 @@ HttpsClient::HttpsClient(
mResponseMax(responseMax), mResponseMax(responseMax),
mDeadline(io_service) mDeadline(io_service)
{ {
if (!theConfig.SSL_VERIFY)
mSocket.SSLSocket().set_verify_mode(boost::asio::ssl::verify_none);
} }
void HttpsClient::makeGet(const std::string& strPath, boost::asio::streambuf& sb, const std::string& strHost) void HttpsClient::makeGet(const std::string& strPath, boost::asio::streambuf& sb, const std::string& strHost)
@@ -206,11 +208,13 @@ void HttpsClient::handleConnect(const boost::system::error_code& ecResult)
{ {
cLog(lsTRACE) << "Connected."; cLog(lsTRACE) << "Connected.";
mShutdown = mSocket.verify(mDeqSites[0]); if (theConfig.SSL_VERIFY)
if (mShutdown)
{ {
cLog(lsTRACE) << "set_verify_callback: " << mDeqSites[0] << ": " << mShutdown.message(); mShutdown = mSocket.verify(mDeqSites[0]);
if (mShutdown)
{
cLog(lsTRACE) << "set_verify_callback: " << mDeqSites[0] << ": " << mShutdown.message();
}
} }
} }