SSL verify callback.
This commit is contained in:
parent
263197ff55
commit
19f11825fd
|
@ -22,6 +22,8 @@
|
||||||
#include <map>
|
#include <map>
|
||||||
#include <set>
|
#include <set>
|
||||||
#include <regex>
|
#include <regex>
|
||||||
|
#include <mutex>
|
||||||
|
#include <condition_variable>
|
||||||
|
|
||||||
#include "event_loop_dispatcher.hpp"
|
#include "event_loop_dispatcher.hpp"
|
||||||
#include "platform.hpp"
|
#include "platform.hpp"
|
||||||
|
@ -225,6 +227,88 @@ private:
|
||||||
const Protected<typename T::Function> m_func;
|
const Protected<typename T::Function> m_func;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
template <typename T>
|
||||||
|
class SSLVerifyCallbackSyncThreadFunctor {
|
||||||
|
public:
|
||||||
|
SSLVerifyCallbackSyncThreadFunctor(typename T::Context ctx, typename T::Function ssl_verify_func)
|
||||||
|
: m_ctx(Context<T>::get_global_context(ctx))
|
||||||
|
, m_func(ctx, ssl_verify_func)
|
||||||
|
, m_event_loop_dispatcher {SSLVerifyCallbackSyncThreadFunctor<T>::main_loop_handler}
|
||||||
|
, m_mutex{new std::mutex}
|
||||||
|
, m_cond_var{new std::condition_variable}
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
bool operator ()(const std::string& server_address, sync::Session::port_type server_port, const char* pem_data, size_t pem_size, int preverify_ok, int depth)
|
||||||
|
{
|
||||||
|
const std::string pem_certificate {pem_data, pem_size};
|
||||||
|
|
||||||
|
{
|
||||||
|
std::lock_guard<std::mutex> lock {*m_mutex};
|
||||||
|
m_ssl_certificate_callback_done = false;
|
||||||
|
}
|
||||||
|
|
||||||
|
m_event_loop_dispatcher(this, server_address, server_port, pem_certificate, preverify_ok, depth);
|
||||||
|
|
||||||
|
bool ssl_certificate_accepted = false;
|
||||||
|
{
|
||||||
|
std::unique_lock<std::mutex> lock(*m_mutex);
|
||||||
|
m_cond_var->wait(lock, [this] { return this->m_ssl_certificate_callback_done; });
|
||||||
|
ssl_certificate_accepted = m_ssl_certificate_accepted;
|
||||||
|
}
|
||||||
|
|
||||||
|
return ssl_certificate_accepted;
|
||||||
|
}
|
||||||
|
|
||||||
|
static void main_loop_handler(SSLVerifyCallbackSyncThreadFunctor<T>* this_object,
|
||||||
|
const std::string& server_address,
|
||||||
|
sync::Session::port_type server_port,
|
||||||
|
const std::string& pem_certificate,
|
||||||
|
int preverify_ok,
|
||||||
|
int depth)
|
||||||
|
{
|
||||||
|
HANDLESCOPE
|
||||||
|
|
||||||
|
const Protected<typename T::GlobalContext>& ctx = this_object->m_ctx;
|
||||||
|
|
||||||
|
typename T::Object ssl_certificate_object = Object<T>::create_empty(ctx);
|
||||||
|
Object<T>::set_property(ctx, ssl_certificate_object, "serverAddress", Value<T>::from_string(ctx, server_address));
|
||||||
|
Object<T>::set_property(ctx, ssl_certificate_object, "serverPort", Value<T>::from_number(ctx, double(server_port)));
|
||||||
|
Object<T>::set_property(ctx, ssl_certificate_object, "pemCertificate", Value<T>::from_string(ctx, pem_certificate));
|
||||||
|
Object<T>::set_property(ctx, ssl_certificate_object, "preverifyOk", Value<T>::from_number(ctx, double(preverify_ok)));
|
||||||
|
Object<T>::set_property(ctx, ssl_certificate_object, "depth", Value<T>::from_number(ctx, double(depth)));
|
||||||
|
|
||||||
|
const int argc = 1;
|
||||||
|
typename T::Value arguments[argc] = { ssl_certificate_object };
|
||||||
|
typename T::Value ret_val = Function<T>::callback(ctx, this_object->m_func, typename T::Object(), 1, arguments);
|
||||||
|
bool ret_val_bool = Value<T>::to_boolean(ctx, ret_val);
|
||||||
|
|
||||||
|
{
|
||||||
|
std::lock_guard<std::mutex> lock {*this_object->m_mutex};
|
||||||
|
this_object->m_ssl_certificate_callback_done = true;
|
||||||
|
this_object->m_ssl_certificate_accepted = ret_val_bool;
|
||||||
|
}
|
||||||
|
|
||||||
|
this_object->m_cond_var->notify_one();
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
private:
|
||||||
|
const Protected<typename T::GlobalContext> m_ctx;
|
||||||
|
const Protected<typename T::Function> m_func;
|
||||||
|
EventLoopDispatcher<void(SSLVerifyCallbackSyncThreadFunctor<T>* this_object,
|
||||||
|
const std::string& server_address,
|
||||||
|
sync::Session::port_type server_port,
|
||||||
|
const std::string& pem_certificate,
|
||||||
|
int preverify_ok,
|
||||||
|
int depth)> m_event_loop_dispatcher;
|
||||||
|
bool m_ssl_certificate_callback_done = false;
|
||||||
|
bool m_ssl_certificate_accepted = false;
|
||||||
|
std::shared_ptr<std::mutex> m_mutex;
|
||||||
|
std::shared_ptr<std::condition_variable> m_cond_var;
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
template<typename T>
|
template<typename T>
|
||||||
void UserClass<T>::session_for_on_disk_path(ContextType ctx, FunctionType, ObjectType this_object, size_t argc, const ValueType arguments[], ReturnValue &return_value) {
|
void UserClass<T>::session_for_on_disk_path(ContextType ctx, FunctionType, ObjectType this_object, size_t argc, const ValueType arguments[], ReturnValue &return_value) {
|
||||||
auto user = *get_internal<T, UserClass<T>>(this_object);
|
auto user = *get_internal<T, UserClass<T>>(this_object);
|
||||||
|
@ -512,12 +596,20 @@ void SyncClass<T>::populate_sync_config(ContextType ctx, ObjectType realm_constr
|
||||||
ssl_trust_certificate_path = util::none;
|
ssl_trust_certificate_path = util::none;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
std::function<sync::Session::SSLVerifyCallback> ssl_verify_callback;
|
||||||
|
ValueType ssl_verify_func = Object::get_property(ctx, sync_config_object, "ssl_verify_callback");
|
||||||
|
if (!Value::is_undefined(ctx, ssl_verify_func)) {
|
||||||
|
SSLVerifyCallbackSyncThreadFunctor<T> ssl_verify_functor {ctx, Value::validated_to_function(ctx, ssl_verify_func)};
|
||||||
|
ssl_verify_callback = std::move(ssl_verify_functor);
|
||||||
|
}
|
||||||
|
|
||||||
// FIXME - use make_shared
|
// FIXME - use make_shared
|
||||||
config.sync_config = std::shared_ptr<SyncConfig>(new SyncConfig{shared_user, raw_realm_url,
|
config.sync_config = std::shared_ptr<SyncConfig>(new SyncConfig{shared_user, raw_realm_url,
|
||||||
SyncSessionStopPolicy::AfterChangesUploaded,
|
SyncSessionStopPolicy::AfterChangesUploaded,
|
||||||
std::move(bind), std::move(error_handler),
|
std::move(bind), std::move(error_handler),
|
||||||
nullptr, util::none,
|
nullptr, util::none,
|
||||||
client_validate_ssl, ssl_trust_certificate_path});
|
client_validate_ssl, ssl_trust_certificate_path,
|
||||||
|
std::move(ssl_verify_callback)});
|
||||||
config.schema_mode = SchemaMode::Additive;
|
config.schema_mode = SchemaMode::Additive;
|
||||||
config.path = realm::SyncManager::shared().path_for_realm(shared_user->identity(), raw_realm_url);
|
config.path = realm::SyncManager::shared().path_for_realm(shared_user->identity(), raw_realm_url);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue