Author: gsim Date: Fri Oct 10 12:55:21 2014 New Revision: 1630840 URL: http://svn.apache.org/r1630840 Log: PROTON-676: patch from dominic for setter for SSL peer authentication mode
Modified: qpid/proton/branches/examples/proton-c/include/proton/messenger.h qpid/proton/branches/examples/proton-c/src/messenger/messenger.c Modified: qpid/proton/branches/examples/proton-c/include/proton/messenger.h URL: http://svn.apache.org/viewvc/qpid/proton/branches/examples/proton-c/include/proton/messenger.h?rev=1630840&r1=1630839&r2=1630840&view=diff ============================================================================== --- qpid/proton/branches/examples/proton-c/include/proton/messenger.h (original) +++ qpid/proton/branches/examples/proton-c/include/proton/messenger.h Fri Oct 10 12:55:21 2014 @@ -29,6 +29,7 @@ #include <proton/terminus.h> #include <proton/link.h> #include <proton/transport.h> +#include <proton/ssl.h> #ifdef __cplusplus extern "C" { @@ -988,6 +989,19 @@ PN_EXTERN pn_millis_t pn_messenger_get_remote_idle_timeout(pn_messenger_t *messenger, const char *address); +/** + * Sets the SSL peer authentiacation mode required when a trust + * certificate is used. + * + * @param[in] messenger a messenger object + * @param[in] mode the mode required (see pn_ssl_verify_mode_t + * enum for valid values) + * @return 0 if successful or -1 if an error occurs + */ +PN_EXTERN int +pn_messenger_set_ssl_peer_authentication_mode(pn_messenger_t *messenger, + const pn_ssl_verify_mode_t mode); + #ifdef __cplusplus } #endif Modified: qpid/proton/branches/examples/proton-c/src/messenger/messenger.c URL: http://svn.apache.org/viewvc/qpid/proton/branches/examples/proton-c/src/messenger/messenger.c?rev=1630840&r1=1630839&r2=1630840&view=diff ============================================================================== --- qpid/proton/branches/examples/proton-c/src/messenger/messenger.c (original) +++ qpid/proton/branches/examples/proton-c/src/messenger/messenger.c Fri Oct 10 12:55:21 2014 @@ -104,6 +104,7 @@ struct pn_messenger_t { pn_snd_settle_mode_t snd_settle_mode; pn_rcv_settle_mode_t rcv_settle_mode; pn_tracer_t tracer; + pn_ssl_verify_mode_t ssl_peer_authentication_mode; bool blocking; bool passive; bool interrupted; @@ -651,6 +652,7 @@ pn_messenger_t *pn_messenger(const char m->snd_settle_mode = PN_SND_SETTLED; m->rcv_settle_mode = PN_RCV_FIRST; m->tracer = NULL; + m->ssl_peer_authentication_mode = PN_SSL_VERIFY_PEER_NAME; } return m; @@ -927,7 +929,8 @@ static int pn_transport_config(pn_messen pn_error_report("CONNECTION", "invalid certificate db"); return err; } - err = pn_ssl_domain_set_peer_authentication(d, PN_SSL_VERIFY_PEER_NAME, NULL); + err = pn_ssl_domain_set_peer_authentication( + d, messenger->ssl_peer_authentication_mode, NULL); if (err) { pn_error_report("CONNECTION", "error configuring ssl to verify peer"); } @@ -2342,3 +2345,13 @@ pn_millis_t pn_messenger_get_remote_idle } return timeout; } + +int +pn_messenger_set_ssl_peer_authentication_mode(pn_messenger_t *messenger, + const pn_ssl_verify_mode_t mode) +{ + if (!messenger) + return PN_ARG_ERR; + messenger->ssl_peer_authentication_mode = mode; + return 0; +} --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org For additional commands, e-mail: commits-h...@qpid.apache.org