mirror of
https://github.com/pocoproject/poco.git
synced 2025-01-18 00:15:27 +01:00
* Allows SecureStreamSocket::attach to be used in server connections
* Move order of condition for isLocalHost in peer certificate verification, to skip DNS lookup if not needed
This commit is contained in:
parent
67b206f663
commit
21f2e115eb
@ -358,7 +358,7 @@ long SecureSocketImpl::verifyPeerCertificateImpl(const std::string& hostName)
|
||||
{
|
||||
Context::VerificationMode mode = _pContext->verificationMode();
|
||||
if (mode == Context::VERIFY_NONE || !_pContext->extendedCertificateVerificationEnabled() ||
|
||||
(isLocalHost(hostName) && mode != Context::VERIFY_STRICT))
|
||||
(mode != Context::VERIFY_STRICT && isLocalHost(hostName)))
|
||||
{
|
||||
return X509_V_OK;
|
||||
}
|
||||
|
@ -153,7 +153,10 @@ SecureStreamSocket SecureStreamSocket::attach(const StreamSocket& streamSocket)
|
||||
{
|
||||
SecureStreamSocketImpl* pImpl = new SecureStreamSocketImpl(static_cast<StreamSocketImpl*>(streamSocket.impl()), SSLManager::instance().defaultClientContext());
|
||||
SecureStreamSocket result(pImpl);
|
||||
pImpl->connectSSL();
|
||||
if (pImpl->context()->isForServerUse())
|
||||
pImpl->acceptSSL();
|
||||
else
|
||||
pImpl->connectSSL();
|
||||
return result;
|
||||
}
|
||||
|
||||
@ -162,7 +165,10 @@ SecureStreamSocket SecureStreamSocket::attach(const StreamSocket& streamSocket,
|
||||
{
|
||||
SecureStreamSocketImpl* pImpl = new SecureStreamSocketImpl(static_cast<StreamSocketImpl*>(streamSocket.impl()), pContext);
|
||||
SecureStreamSocket result(pImpl);
|
||||
pImpl->connectSSL();
|
||||
if (pImpl->context()->isForServerUse())
|
||||
pImpl->acceptSSL();
|
||||
else
|
||||
pImpl->connectSSL();
|
||||
return result;
|
||||
}
|
||||
|
||||
@ -172,7 +178,10 @@ SecureStreamSocket SecureStreamSocket::attach(const StreamSocket& streamSocket,
|
||||
SecureStreamSocketImpl* pImpl = new SecureStreamSocketImpl(static_cast<StreamSocketImpl*>(streamSocket.impl()), pContext);
|
||||
SecureStreamSocket result(pImpl);
|
||||
result.useSession(pSession);
|
||||
pImpl->connectSSL();
|
||||
if (pImpl->context()->isForServerUse())
|
||||
pImpl->acceptSSL();
|
||||
else
|
||||
pImpl->connectSSL();
|
||||
return result;
|
||||
}
|
||||
|
||||
@ -182,7 +191,10 @@ SecureStreamSocket SecureStreamSocket::attach(const StreamSocket& streamSocket,
|
||||
SecureStreamSocketImpl* pImpl = new SecureStreamSocketImpl(static_cast<StreamSocketImpl*>(streamSocket.impl()), SSLManager::instance().defaultClientContext());
|
||||
SecureStreamSocket result(pImpl);
|
||||
result.setPeerHostName(peerHostName);
|
||||
pImpl->connectSSL();
|
||||
if (pImpl->context()->isForServerUse())
|
||||
pImpl->acceptSSL();
|
||||
else
|
||||
pImpl->connectSSL();
|
||||
return result;
|
||||
}
|
||||
|
||||
@ -192,7 +204,10 @@ SecureStreamSocket SecureStreamSocket::attach(const StreamSocket& streamSocket,
|
||||
SecureStreamSocketImpl* pImpl = new SecureStreamSocketImpl(static_cast<StreamSocketImpl*>(streamSocket.impl()), pContext);
|
||||
SecureStreamSocket result(pImpl);
|
||||
result.setPeerHostName(peerHostName);
|
||||
pImpl->connectSSL();
|
||||
if (pImpl->context()->isForServerUse())
|
||||
pImpl->acceptSSL();
|
||||
else
|
||||
pImpl->connectSSL();
|
||||
return result;
|
||||
}
|
||||
|
||||
@ -203,7 +218,10 @@ SecureStreamSocket SecureStreamSocket::attach(const StreamSocket& streamSocket,
|
||||
SecureStreamSocket result(pImpl);
|
||||
result.setPeerHostName(peerHostName);
|
||||
result.useSession(pSession);
|
||||
pImpl->connectSSL();
|
||||
if (pImpl->context()->isForServerUse())
|
||||
pImpl->acceptSSL();
|
||||
else
|
||||
pImpl->connectSSL();
|
||||
return result;
|
||||
}
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user