Verified Commit b51d5070 authored by Michal 'vorner' Vaner's avatar Michal 'vorner' Vaner
Browse files

Allow a different CA than cert

parent 24085ad0
......@@ -20,6 +20,7 @@ log_file_count: 5
; The SSL certificate
cert = server.cert
key = server.key
ca = server.cert
; Where the authenticator lives
authenticator_host: localhost
authenticator_port: 8888
......
......@@ -82,7 +82,7 @@ class Socat(protocol.ProcessProtocol):
#args = ['./soxy/soxy', master_config.get('cert'), master_config.get('key'), str(master_config.getint('port')), os.getcwd() + '/collect-master.sock']
#logging.debug('Starting proxy with: %s', args)
#reactor.spawnProcess(Socat(), './soxy/soxy', args=args, env=os.environ)
args = ['./soxy/soxy', master_config.get('cert'), master_config.get('key'), str(master_config.getint('port_compression')), os.getcwd() + '/collect-master.sock', 'compress']
args = ['./soxy/soxy', master_config.get('cert'), master_config.get('key'), master_config.get('ca'), str(master_config.getint('port_compression')), os.getcwd() + '/collect-master.sock', 'compress']
logging.debug('Starting proxy with: %s', args)
reactor.spawnProcess(Socat(), './soxy/soxy', args=args, env=os.environ)
......
......@@ -46,8 +46,12 @@ Receiver::Receiver() {
keyFile.open(QIODevice::ReadOnly);
QSslKey key(&keyFile, QSsl::Rsa);
assert(!key.isNull());
QFile caFile(QCoreApplication::arguments()[3]);
caFile.open(QIODevice::ReadOnly);
QSslCertificate ca(&caFile);
assert(!ca.isNull());
config.setProtocol(QSsl::SecureProtocols);
config.setCaCertificates(QList<QSslCertificate>() << cert);
config.setCaCertificates(QList<QSslCertificate>() << cert << ca);
config.setLocalCertificate(cert);
config.setPrivateKey(key);
}
......@@ -110,7 +114,7 @@ Connection::Connection(int sock, QSslConfiguration &config) :
connect(&local, SIGNAL(error(QLocalSocket::LocalSocketError)), SLOT(error(QLocalSocket::LocalSocketError)));
connect(&local, SIGNAL(connected()), SLOT(connectedLocal()));
connect(&local, SIGNAL(bytesWritten(qint64)), SLOT(tryWriteLocal()));
local.connectToServer(QCoreApplication::arguments()[4]);
local.connectToServer(QCoreApplication::arguments()[5]);
touch();
}
......@@ -324,10 +328,10 @@ int main(int argc, char *argv[]) {
struct sockaddr_in6 addr;
memset(&addr, 0, sizeof addr);
addr.sin6_family = AF_INET6;
addr.sin6_port = htons(QCoreApplication::arguments()[3].toInt());
addr.sin6_port = htons(QCoreApplication::arguments()[4].toInt());
c(bind(sock, static_cast<sockaddr *>(static_cast<void *>(&addr)), sizeof addr), "bind");
c(listen(sock, 50), "listen");
if (QCoreApplication::arguments().count() == 6 && QCoreApplication::arguments().at(5) == "compress") {
if (QCoreApplication::arguments().count() == 7 && QCoreApplication::arguments().at(6) == "compress") {
Connection::enableCompression = true;
}
for (int *sig = sigs; *sig; sig ++) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment