void MainConnectionHandler::setPeer( const net::RemoteEndpointR& remote)
{
LOG_TRACE << "Peer set to " << remote->toString();
m_remoteEndPoint = remote;
if (m_protocolHandler.get())
{
m_protocolHandler->setPeer( m_remoteEndPoint);
}
}
void echoConnection::setPeer( const net::RemoteEndpointR& remote )
{
net::ConnectionEndpoint::ConnectionType type = remote->type();
switch ( type ) {
case net::ConnectionEndpoint::UDP:
LOG_FATAL << "UDP local connection type not implemented";
abort();
case net::ConnectionEndpoint::TCP: {
const net::RemoteTCPendpoint* rmt = static_cast<const net::RemoteTCPendpoint*>( remote.get() );
LOG_TRACE << "Peer set to " << rmt->toString() << ", connected at " << rmt->connectionTime();
break;
}
#ifdef WITH_SSL
case net::ConnectionEndpoint::SSL: {
const net::RemoteSSLendpoint* rmt = static_cast<const net::RemoteSSLendpoint*>( remote.get() );
LOG_TRACE << "Peer set to " << rmt->toString() << ", connected at " << boost::posix_time::from_time_t( rmt->connectionTime());
if ( rmt->SSLcertInfo() ) {
LOG_TRACE << "Peer SSL certificate serial number " << rmt->SSLcertInfo()->serialNumber()
<< ", issued by: " << rmt->SSLcertInfo()->issuer();
LOG_TRACE << "Peer SSL certificate valid from " << boost::posix_time::from_time_t( rmt->SSLcertInfo()->notBefore())
<< " to " << boost::posix_time::from_time_t( rmt->SSLcertInfo()->notAfter());
LOG_TRACE << "Peer SSL certificate subject: " << rmt->SSLcertInfo()->subject();
LOG_TRACE << "Peer SSL certificate Common Name: " << rmt->SSLcertInfo()->commonName();
}
break;
}
#else
case net::ConnectionEndpoint::SSL:
#endif // WITH_SSL
default:
LOG_FATAL << "Impossible remote connection type !";
abort();
}
}
void Connection::setPeer( const net::RemoteEndpointR& remote)
{
LOG_TRACE << "Peer set to " << remote->toString();
}
void wolframeConnection::setPeer( const net::RemoteEndpointR& remote )
{
net::ConnectionEndpoint::ConnectionType type = remote->type();
switch ( type ) {
case net::ConnectionEndpoint::UDP:
LOG_FATAL << "UDP local connection type not implemented";
abort();
case net::ConnectionEndpoint::TCP: {
m_remoteEP = remote;
LOG_TRACE << "Peer set to " << m_remoteEP->toString() << ", connected at "
<< boost::posix_time::from_time_t( m_remoteEP->connectionTime());
break;
}
case net::ConnectionEndpoint::SSL:
#ifdef WITH_SSL
{
m_remoteEP = remote;
const net::RemoteSSLendpoint* rmt = dynamic_cast<const net::RemoteSSLendpoint*>( remote.get() );
LOG_TRACE << "Peer set to " << m_remoteEP->toString() << ", connected at " << boost::posix_time::from_time_t( m_remoteEP->connectionTime());
if ( rmt->SSLcertInfo() ) {
LOG_TRACE << "Peer SSL certificate serial number " << rmt->SSLcertInfo()->serialNumber()
<< ", issued by: " << rmt->SSLcertInfo()->issuer();
LOG_TRACE << "Peer SSL certificate valid from " << boost::posix_time::from_time_t( rmt->SSLcertInfo()->notBefore())
<< " to " << boost::posix_time::from_time_t( rmt->SSLcertInfo()->notAfter());
LOG_TRACE << "Peer SSL certificate subject: " << rmt->SSLcertInfo()->subject();
LOG_TRACE << "Peer SSL certificate Common Name: " << rmt->SSLcertInfo()->commonName();
}
break;
}
#endif // WITH_SSL
default:
LOG_FATAL << "Impossible remote connection type !";
abort();
}
// Propagate setPeer to the command handler
m_protocolHandler->setPeer( m_remoteEP);
// Check if the connection is allowed
if (( m_authorization = m_globalCtx.aaaa().authorizer())) {
if ( m_authorization->allowed( AAAA::ConnectInfo( *m_localEP, *m_remoteEP ))) {
LOG_DEBUG << "Connection from " << m_remoteEP->toString()
<< " to " << m_localEP->toString() << " authorized";
m_execContext.setAuthorizer( m_authorization);
if (!m_execContext.checkAuthorization( proc::ExecContext::CONNECT))
{
LOG_DEBUG << "Connection from " << m_remoteEP->toString()
<< " to " << m_localEP->toString() << " not authorized (CONNECT)";
// close the connection
m_state = FORBIDDEN;
}
}
else {
LOG_DEBUG << "Connection from " << m_remoteEP->toString()
<< " to " << m_localEP->toString() << " not authorized";
// close the connection
m_state = FORBIDDEN;
}
}
else {
LOG_WARNING << "Authorization not available";
// abort();
}
}