summaryrefslogtreecommitdiff
path: root/qpid/cpp
diff options
context:
space:
mode:
Diffstat (limited to 'qpid/cpp')
-rw-r--r--qpid/cpp/src/qpid/client/windows/SslConnector.cpp4
-rw-r--r--qpid/cpp/src/qpid/messaging/amqp/windows/SslTransport.cpp3
-rw-r--r--qpid/cpp/src/qpid/sys/windows/SslCredential.cpp8
-rw-r--r--qpid/cpp/src/qpid/sys/windows/SslCredential.h3
4 files changed, 16 insertions, 2 deletions
diff --git a/qpid/cpp/src/qpid/client/windows/SslConnector.cpp b/qpid/cpp/src/qpid/client/windows/SslConnector.cpp
index d0be818df0..dc82ece9d1 100644
--- a/qpid/cpp/src/qpid/client/windows/SslConnector.cpp
+++ b/qpid/cpp/src/qpid/client/windows/SslConnector.cpp
@@ -115,7 +115,9 @@ SslConnector::SslConnector(boost::shared_ptr<qpid::sys::Poller> p,
ConnectionImpl* cimpl)
: TCPConnector(p, ver, settings, cimpl), shim(0), poller(p)
{
-
+ if (settings.sslIgnoreHostnameVerificationFailure) {
+ sslCredential.ignoreHostnameVerificationFailure();
+ }
const std::string& name = (settings.sslCertName != "") ?
settings.sslCertName : qpid::sys::ssl::SslOptions::global.certName;
certLoaded = sslCredential.load(name);
diff --git a/qpid/cpp/src/qpid/messaging/amqp/windows/SslTransport.cpp b/qpid/cpp/src/qpid/messaging/amqp/windows/SslTransport.cpp
index ad47fd98d9..5dbc13175f 100644
--- a/qpid/cpp/src/qpid/messaging/amqp/windows/SslTransport.cpp
+++ b/qpid/cpp/src/qpid/messaging/amqp/windows/SslTransport.cpp
@@ -94,6 +94,9 @@ void SslTransport::negotiationDone(SECURITY_STATUS status)
SslTransport::SslTransport(TransportContext& c, boost::shared_ptr<Poller> p) : TcpTransport(c, p)
{
const ConnectionOptions* options = context.getOptions();
+ if (options->sslIgnoreHostnameVerificationFailure) {
+ sslCredential.ignoreHostnameVerificationFailure();
+ }
const std::string& name = (options->sslCertName != "") ?
options->sslCertName : qpid::sys::ssl::SslOptions::global.certName;
certLoaded = sslCredential.load(name);
diff --git a/qpid/cpp/src/qpid/sys/windows/SslCredential.cpp b/qpid/cpp/src/qpid/sys/windows/SslCredential.cpp
index 667f0f1ef0..de8f10b0e9 100644
--- a/qpid/cpp/src/qpid/sys/windows/SslCredential.cpp
+++ b/qpid/cpp/src/qpid/sys/windows/SslCredential.cpp
@@ -34,7 +34,7 @@ namespace sys {
namespace windows {
-SslCredential::SslCredential() : certStore(0), cert(0)
+SslCredential::SslCredential() : certStore(0), cert(0), hostnameVerification(true)
{
SecInvalidateHandle(&credHandle);
memset(&cred, 0, sizeof(cred));
@@ -60,6 +60,8 @@ bool SslCredential::load(const std::string& certName)
cred.paCred = &cert;
cred.cCreds = 1;
}
+ if (!hostnameVerification)
+ cred.dwFlags |= SCH_CRED_NO_SERVERNAME_CHECK;
SECURITY_STATUS status = ::AcquireCredentialsHandle(NULL,
UNISP_NAME,
@@ -89,6 +91,10 @@ std::string SslCredential::error()
return loadError.error;
}
+void SslCredential::ignoreHostnameVerificationFailure(){
+ hostnameVerification = false;
+}
+
void SslCredential::loadPrivCertStore()
{
// Get a handle to the system store or pkcs#12 file
diff --git a/qpid/cpp/src/qpid/sys/windows/SslCredential.h b/qpid/cpp/src/qpid/sys/windows/SslCredential.h
index ba16dcdab5..25d174a2fa 100644
--- a/qpid/cpp/src/qpid/sys/windows/SslCredential.h
+++ b/qpid/cpp/src/qpid/sys/windows/SslCredential.h
@@ -53,6 +53,8 @@ public:
QPID_COMMON_EXTERN bool load(const std::string& certName);
QPID_COMMON_EXTERN CredHandle handle();
QPID_COMMON_EXTERN std::string error();
+ /** Proceed with connect inspite of hostname verifcation failures*/
+ QPID_COMMON_EXTERN void ignoreHostnameVerificationFailure();
private:
struct SavedError {
@@ -70,6 +72,7 @@ private:
CredHandle credHandle;
TimeStamp credExpiry;
SavedError loadError;
+ bool hostnameVerification;
PCCERT_CONTEXT findCertificate(const std::string& name);
void loadPrivCertStore();
View Lorry Controller Status