define server_cert in strongswan.conf
authorAndreas Steffen <andreas.steffen@strongswan.org>
Wed, 10 Aug 2011 04:13:21 +0000 (06:13 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Wed, 10 Aug 2011 07:29:35 +0000 (09:29 +0200)
src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c

index 1801b43..dffccd7 100644 (file)
@@ -529,7 +529,8 @@ METHOD(tnc_ifmap_soap_t, destroy, void,
 
 static bool axis2c_init(private_tnc_ifmap_soap_t *this)
 {
-       axis2_char_t *server, *client_home, *username, *password, *auth_type;
+       axis2_char_t *server, *server_cert, *client_home;
+       axis2_char_t *username, *password, *auth_type;
        axis2_endpoint_ref_t* endpoint_ref = NULL;
        axis2_options_t *options = NULL;
        axis2_transport_in_desc_t *transport_in;
@@ -537,11 +538,14 @@ static bool axis2c_init(private_tnc_ifmap_soap_t *this)
        axis2_transport_sender_t *transport_sender;
        axutil_property_t* property;
 
+       /* Getting configuration parameters from strongswan.conf */
        client_home = lib->settings->get_str(lib->settings,
                                        "charon.plugins.tnc-ifmap.client_home",
                                        AXIS2_GETENV("AXIS2C_HOME"));
        server = lib->settings->get_str(lib->settings,
                                        "charon.plugins.tnc-ifmap.server", IFMAP_SERVER);
+       server_cert = lib->settings->get_str(lib->settings,
+                                       "charon.plugins.tnc-ifmap.server_cert", NULL);
        auth_type = lib->settings->get_str(lib->settings,
                                        "charon.plugins.tnc-ifmap.auth_type", "Basic");
        username = lib->settings->get_str(lib->settings,
@@ -549,6 +553,11 @@ static bool axis2c_init(private_tnc_ifmap_soap_t *this)
        password = lib->settings->get_str(lib->settings,
                                        "charon.plugins.tnc-ifmap.password", NULL);
 
+       if (!server_cert)
+       {
+               DBG1(DBG_TNC, "MAP server certificate not defined");
+               return FALSE;
+       }
        if (!username || !password)
        {
                DBG1(DBG_TNC, "MAP client %s%s%s not defined",
@@ -563,15 +572,18 @@ static bool axis2c_init(private_tnc_ifmap_soap_t *this)
        options = axis2_options_create(this->env);
 
        /* Path to the MAP server certificate */
-       property =axutil_property_create_with_args(this->env,
-                                        0, 0, 0, "/home/andi/axis2c/irond.pem");
+       property =axutil_property_create_with_args(this->env, 0, 0, 0, server_cert);
+       axis2_options_set_property(options, this->env, AXIS2_SSL_SERVER_CERT, property);
  
        /* Define the MAP server as the to endpoint reference */
        endpoint_ref = axis2_endpoint_ref_create(this->env, server);
+       axis2_options_set_to(options, this->env, endpoint_ref);
 
-       /* Set up https transport */
+       /* Set up HTTP Basic or Digest MAP client authentication */
        axis2_options_set_http_auth_info(options, this->env, username, password,
                                                                         auth_type);
+
+       /* Set up https transport */
        transport_in = axis2_transport_in_desc_create(this->env,
                                                                                                  AXIS2_TRANSPORT_ENUM_HTTPS); 
        transport_out = axis2_transport_out_desc_create(this->env,
@@ -581,8 +593,6 @@ static bool axis2c_init(private_tnc_ifmap_soap_t *this)
                                                                                transport_sender);
        axis2_options_set_transport_in(options, this->env, transport_in);
        axis2_options_set_transport_out(options, this->env, transport_out); 
-       axis2_options_set_to(options, this->env, endpoint_ref);
-       axis2_options_set_property(options, this->env, AXIS2_SSL_SERVER_CERT, property);
 
        /* Create the axis2 service client */
        this->svc_client = axis2_svc_client_create(this->env, client_home);