diff options
author | Deepak Lukose <deepaklukose@google.com> | 2016-03-25 12:54:25 -0700 |
---|---|---|
committer | Deepak Lukose <deepaklukose@google.com> | 2016-04-19 15:02:06 -0700 |
commit | dba4c5fd0144b68916b4dc2bbbd02d12c2e12041 (patch) | |
tree | f7284c54983f7bd9859453dc4e2111a80442441f /src/cpp | |
parent | 17735908ed4eb1c54bd1b3652062b49f58a985e3 (diff) |
Add various options to verify ssl/tls client cert including letting the
application handle the authentication.
Diffstat (limited to 'src/cpp')
-rw-r--r-- | src/cpp/server/secure_server_credentials.cc | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/cpp/server/secure_server_credentials.cc b/src/cpp/server/secure_server_credentials.cc index d472667a7e..33bdc2a1f4 100644 --- a/src/cpp/server/secure_server_credentials.cc +++ b/src/cpp/server/secure_server_credentials.cc @@ -130,10 +130,14 @@ std::shared_ptr<ServerCredentials> SslServerCredentials( key_cert_pair->cert_chain.c_str()}; pem_key_cert_pairs.push_back(p); } - grpc_server_credentials* c_creds = grpc_ssl_server_credentials_create( + grpc_server_credentials* c_creds = grpc_ssl_server_credentials_create_ex( options.pem_root_certs.empty() ? nullptr : options.pem_root_certs.c_str(), pem_key_cert_pairs.empty() ? nullptr : &pem_key_cert_pairs[0], - pem_key_cert_pairs.size(), options.force_client_auth, nullptr); + pem_key_cert_pairs.size(), + options.force_client_auth + ? GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY + : options.client_certificate_request, + nullptr); return std::shared_ptr<ServerCredentials>( new SecureServerCredentials(c_creds)); } |