QgsPkiBundle::QgsPkiBundle( const QSslCertificate &clientCert,
const QSslKey &clientKey,
const QList<QSslCertificate> &caChain )
: mCert( QSslCertificate() )
, mCertKey( QSslKey() )
, mCaChain( caChain )
{
setClientCert( clientCert );
setClientKey( clientKey );
}
bool OpenSSLBase::init( const std::string& clientKey,
const std::string& clientCerts,
const StringList& cacerts )
{
#if defined OPENSSL_VERSION_NUMBER && ( OPENSSL_VERSION_NUMBER < 0x10100000 )
if( m_initLib )
SSL_library_init();
#endif // OPENSSL_VERSION_NUMBER < 0x10100000
SSL_COMP_add_compression_method( 193, COMP_zlib() );
OpenSSL_add_all_algorithms();
if( !setType() ) //inits m_ctx
return false;
setClientCert( clientKey, clientCerts );
setCACerts( cacerts );
if( !SSL_CTX_set_cipher_list( m_ctx, "HIGH:MEDIUM:AES:@STRENGTH" ) )
return false;
m_ssl = SSL_new( m_ctx );
if( !m_ssl )
return false;
if( !BIO_new_bio_pair( &m_ibio, 0, &m_nbio, 0 ) )
return false;
SSL_set_bio( m_ssl, m_ibio, m_ibio );
SSL_set_mode( m_ssl, SSL_MODE_AUTO_RETRY | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_ENABLE_PARTIAL_WRITE );
ERR_load_crypto_strings();
SSL_load_error_strings();
if( !privateInit() )
return false;
m_valid = true;
return true;
}
