From 85288fd0b31027e7948180e0e057242e13f15da4 Mon Sep 17 00:00:00 2001 From: Romain DEP Date: Sat, 21 Jul 2018 20:27:49 +0200 Subject: add 'verify_certificate' as possible configuration token for policy files This lets the user configure a per-domain certificate validation policy --- src/network/tcp_socket_handler.cpp | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'src/network/tcp_socket_handler.cpp') diff --git a/src/network/tcp_socket_handler.cpp b/src/network/tcp_socket_handler.cpp index 642cf03..c6e173d 100644 --- a/src/network/tcp_socket_handler.cpp +++ b/src/network/tcp_socket_handler.cpp @@ -332,6 +332,11 @@ void TCPSocketHandler::tls_verify_cert_chain(const std::vectorpolicy.verify_certificate_info()) + { + log_debug("Not verifying certificate due to domain policy "); + return; + } log_debug("Checking remote certificate for hostname ", hostname); try { -- cgit v1.2.3 From 709fa0e5e984789113d8e4d795e52839d0cf5f87 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Sun, 22 Jul 2018 14:40:59 +0200 Subject: Remove a useless getter --- src/network/tcp_socket_handler.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/network/tcp_socket_handler.cpp') diff --git a/src/network/tcp_socket_handler.cpp b/src/network/tcp_socket_handler.cpp index c6e173d..29c5d6a 100644 --- a/src/network/tcp_socket_handler.cpp +++ b/src/network/tcp_socket_handler.cpp @@ -332,7 +332,7 @@ void TCPSocketHandler::tls_verify_cert_chain(const std::vectorpolicy.verify_certificate_info()) + if (!this->policy.verify_certificate) { log_debug("Not verifying certificate due to domain policy "); return; -- cgit v1.2.3 From b1564e4ddc3e54ad78788a6f5643056d03a41678 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Thu, 23 Aug 2018 20:31:31 +0200 Subject: Fix a bunch of int to unsigned int conversion warnings --- src/network/tcp_socket_handler.cpp | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'src/network/tcp_socket_handler.cpp') diff --git a/src/network/tcp_socket_handler.cpp b/src/network/tcp_socket_handler.cpp index 29c5d6a..e05caad 100644 --- a/src/network/tcp_socket_handler.cpp +++ b/src/network/tcp_socket_handler.cpp @@ -50,7 +50,7 @@ TCPSocketHandler::TCPSocketHandler(std::shared_ptr& poller): SocketHandler(poller, -1), use_tls(false) #ifdef BOTAN_FOUND - ,credential_manager(this) + ,credential_manager() #endif {} @@ -84,10 +84,11 @@ void TCPSocketHandler::plain_recv() if (recv_buf == nullptr) recv_buf = buf; - const ssize_t size = this->do_recv(recv_buf, buf_size); + const ssize_t ssize = this->do_recv(recv_buf, buf_size); - if (size > 0) + if (ssize > 0) { + auto size = static_cast(ssize); if (buf == recv_buf) { // data needs to be placed in the in_buf string, because no buffer @@ -149,21 +150,22 @@ void TCPSocketHandler::on_send() } else { + auto size = static_cast(res); // remove all the strings that were successfully sent. auto it = this->out_buf.begin(); while (it != this->out_buf.end()) { - if (static_cast(res) >= it->size()) + if (size >= it->size()) { - res -= it->size(); + size -= it->size(); ++it; } else { // If one string has partially been sent, we use substr to // crop it - if (res > 0) - *it = it->substr(res, std::string::npos); + if (size > 0) + *it = it->substr(size, std::string::npos); break; } } -- cgit v1.2.3