tyler.durden/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2025-07-26 07:04:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

Don't require tickets for clients which already have a trusted certificate

Browse Source 
fixes #8465
This commit is contained in:
Gunnar Beutner 2015-02-11 09:56:22 +01:00
parent 377f66c403
commit 33e747ae2e
1 changed files with 14 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/remote/apiclient.cpp
View File

@ -220,11 +220,12 @@ Value RequestCertificateHandler(const MessageOrigin& origin, const Dictionary::P
if (!params) if (!params)
return Empty; return Empty;
Dictionary::Ptr result = new Dictionary();
if (!origin.FromClient->IsAuthenticated()) {
ApiListener::Ptr listener = ApiListener::GetInstance(); ApiListener::Ptr listener = ApiListener::GetInstance();
String salt = listener->GetTicketSalt(); String salt = listener->GetTicketSalt();
Dictionary::Ptr result = new Dictionary();
if (salt.IsEmpty()) { if (salt.IsEmpty()) {
result->Set("error", "Ticket salt is not configured."); result->Set("error", "Ticket salt is not configured.");
return result; return result;
@ -237,6 +238,7 @@ Value RequestCertificateHandler(const MessageOrigin& origin, const Dictionary::P
result->Set("error", "Invalid ticket."); result->Set("error", "Invalid ticket.");
return result; return result;
} }
}
boost::shared_ptr<X509> cert = origin.FromClient->GetStream()->GetPeerCertificate(); boost::shared_ptr<X509> cert = origin.FromClient->GetStream()->GetPeerCertificate();