From 7b3e0e0cf3eddd3537455a3605b04a48ee663f47 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?louiz=E2=80=99?= <louiz@louiz.org>
Date: Sun, 30 Apr 2017 15:04:40 +0200
Subject: =?UTF-8?q?Make=20botan=E2=80=99s=20policy=20configurable=20from?=
 =?UTF-8?q?=20a=20file?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

fix #3244
---
 src/network/tls_policy.cpp | 48 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)
 create mode 100644 src/network/tls_policy.cpp

(limited to 'src/network/tls_policy.cpp')

diff --git a/src/network/tls_policy.cpp b/src/network/tls_policy.cpp
new file mode 100644
index 0000000..5439397
--- /dev/null
+++ b/src/network/tls_policy.cpp
@@ -0,0 +1,48 @@
+#include "biboumi.h"
+
+#ifdef BOTAN_FOUND
+
+#include <fstream>
+
+#include <utils/tolower.hpp>
+
+#include <network/tls_policy.hpp>
+#include <logger/logger.hpp>
+
+bool BiboumiTLSPolicy::load(const std::string& filename)
+{
+  std::ifstream is(filename.data());
+  if (is)
+    {
+      try {
+          this->load(is);
+          log_info("Successfully loaded policy file: ", filename);
+          return true;
+        } catch (const Botan::Exception& e) {
+          log_error("Failed to parse policy_file ", filename, ": ", e.what());
+          return false;
+        }
+    }
+  log_info("Could not open policy file: ", filename);
+  return false;
+}
+
+void BiboumiTLSPolicy::load(std::istream& is)
+{
+  const auto dict = Botan::read_cfg(is);
+  for (const auto& pair: dict)
+    {
+      // Workaround for options that are not overridden in Botan::TLS::Text_Policy
+      if (pair.first == "require_cert_revocation_info")
+        this->req_cert_revocation_info = !(pair.second == "0" || utils::tolower(pair.second) == "false");
+      else
+        this->set(pair.first, pair.second);
+    }
+}
+
+bool BiboumiTLSPolicy::require_cert_revocation_info() const
+{
+  return this->req_cert_revocation_info;
+}
+
+#endif
-- 
cgit v1.2.3