diff options
author | Tor Brede Vekterli <vekterli@verizonmedia.com> | 2020-02-20 12:58:06 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-02-20 12:58:06 +0100 |
commit | acfb0463e55aa4878cc3087ffcee356696eabf2a (patch) | |
tree | 102c589c6c3d85983d01fff92545fe36b009b0a6 /fbench/src | |
parent | b7bc8f9e3f9e6656401c36c01279fbd1917e016d (diff) | |
parent | 79ef6b54da01e4819291ae10faa0fe5e832ac1a2 (diff) |
Merge pull request #12242 from vespa-engine/vekterli/client-sni-and-hostname-validation-in-cpp-tls-impl
Implement TLS client SNI and hostname validation in OpenSSL codec
Diffstat (limited to 'fbench/src')
-rw-r--r-- | fbench/src/fbench/fbench.cpp | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/fbench/src/fbench/fbench.cpp b/fbench/src/fbench/fbench.cpp index 91475ce2125..593ae30a0e5 100644 --- a/fbench/src/fbench/fbench.cpp +++ b/fbench/src/fbench/fbench.cpp @@ -86,10 +86,13 @@ FBench::init_crypto_engine(const std::string &ca_certs_file_name, return false; } bool load_failed = false; - vespalib::net::tls::TransportSecurityOptions - tls_opts(maybe_load(ca_certs_file_name, load_failed), - maybe_load(cert_chain_file_name, load_failed), - maybe_load(private_key_file_name, load_failed)); + auto ts_builder = vespalib::net::tls::TransportSecurityOptions::Params(). + ca_certs_pem(maybe_load(ca_certs_file_name, load_failed)). + cert_chain_pem(maybe_load(cert_chain_file_name, load_failed)). + private_key_pem(maybe_load(private_key_file_name, load_failed)). + authorized_peers(vespalib::net::tls::AuthorizedPeers::allow_all_authenticated()). + disable_hostname_validation(true); // TODO configurable or default false! + vespalib::net::tls::TransportSecurityOptions tls_opts(std::move(ts_builder)); if (load_failed) { fprintf(stderr, "failed to load transport security options\n"); return false; |