Skip to content

Commit

Permalink
https://telecominfraproject.atlassian.net/browse/WIFI-7831
Browse files Browse the repository at this point in the history 
Signed-off-by: stephb9959 <[email protected]>
  • Loading branch information
@stephb9959
stephb9959 committed Oct 6, 2023
1 parent 53aa2f0 commit 5207f1e
Showing 1 changed file with 12 additions and 6 deletions.
18 changes: 12 additions & 6 deletions src/RADSEC_server.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -211,9 +211,7 @@ namespace OpenWifi {
"-----END CERTIFICATE-----\n"
};

// std::ofstream ofs{OpenRoamingRootCertFile_.path().c_str(),std::ios_base::trunc|std::ios_base::out|std::ios_base::binary};
std::string rootCert = MicroServiceDataDirectory() + "/gr-root.pem";
std::ofstream ofs{rootCert.c_str(),std::ios_base::trunc|std::ios_base::out|std::ios_base::binary};
std::ofstream ofs{OpenRoamingRootCertFile_.path().c_str(),std::ios_base::trunc|std::ios_base::out|std::ios_base::binary};
ofs << OpenRoamingRootCert;
ofs.close();

Expand All @@ -229,13 +227,21 @@ namespace OpenWifi {
SecureContext->usePrivateKey(Poco::Crypto::RSAKey("",KeyFile_.path(),""));
Poco::Crypto::X509Certificate Cert(CertFile_.path());
if(!IsExpired(Cert)) {
SecureContext->useCertificate(Poco::Crypto::X509Certificate(CertFile_.path()));
Poco::TemporaryFile Combined(MicroServiceDataDirectory());
std::ofstream comb(Combined.path().c_str(),std::ios_base::trunc|std::ios_base::out|std::ios_base::binary);
std::ifstream cert_ifs(CertFile_.path().c_str(),std::ios_base::binary|std::ios_base::in);
Poco::StreamCopier::copyStream(cert_ifs,comb);
comb << std::endl;
std::ifstream root_ifs(OpenRoamingRootCertFile_.path().c_str(),std::ios_base::binary|std::ios_base::in);
Poco::StreamCopier::copyStream(root_ifs,comb);
comb << std::endl;
comb.close();
SecureContext->useCertificate(Poco::Crypto::X509Certificate(Combined.path()));
} else {
poco_error(Logger_, fmt::format("Certificate for {} has expired. We cannot connect to this server.", Server_.name));
return false;
}
SecureContext->addCertificateAuthority(Poco::Crypto::X509Certificate(rootCert));
// SecureContext->addCertificateAuthority(Poco::Crypto::X509Certificate(OpenRoamingRootCertFile_.path()));
SecureContext->addCertificateAuthority(Poco::Crypto::X509Certificate(OpenRoamingRootCertFile_.path()));
SecureContext->addChainCertificate(Poco::Crypto::X509Certificate(Intermediate0.path()));
SecureContext->addChainCertificate(Poco::Crypto::X509Certificate(Intermediate1.path()));
SecureContext->enableExtendedCertificateVerification(false);
Expand Down

0 comments on commit 5207f1e

Please sign in to comment.