Pegasus::Boolean CIMClient::verifyCertificate(Pegasus::SSLCertificateInfo &ci, void *data)
{
if (!ci.getResponseCode()) {
// Pre-verify of the certificate failed, immediate return
return false;
}
CIMClient *fake_this = reinterpret_cast<CIMClient*>(data);
Pegasus::String hostname(fake_this->m_url_info.hostname());
// Verify against DNS names
Pegasus::Array<Pegasus::String> dnsNames = ci.getSubjectAltNames().getDnsNames();
for (Pegasus::Uint32 i = 0; i < dnsNames.size(); ++i) {
if (matchPattern(dnsNames[i], hostname))
return true;
}
// Verify against IP addresses
Pegasus::Array<Pegasus::String> ipAddresses = ci.getSubjectAltNames().getIpAddresses();
for (Pegasus::Uint32 i = 0; i < ipAddresses.size(); ++i) {
if (matchPattern(ipAddresses[i], hostname))
return true;
}
// Verify against Common Name
return matchPattern(ci.getSubjectCommonName(), hostname);
}
Pegasus::Boolean CIMClient::verifyCertificate(Pegasus::SSLCertificateInfo &ci)
{
Logger::getInstance()->debug("CIMClient::verifyCertificate(Pegasus::SSLCertificateInfo &ci)");
return static_cast<Pegasus::Boolean>(ci.getResponseCode());
}
Pegasus::Boolean CIMClient::verifyCertificate(Pegasus::SSLCertificateInfo &ci)
{
return ci.getResponseCode();
}
