[Libreoffice-commits] online.git: loolwsd/LOOLWSD.cpp loolwsd/loolwsd.xml

[Pranav Kant]

 loolwsd/LOOLWSD.cpp |    9 +++++++++
 loolwsd/loolwsd.xml |    1 +
 2 files changed, 10 insertions(+)

New commits:
commit 31200eec6f753f6606d1510f1ba6c064639341a1
Author: Pranav Kant <pranavk at collabora.com>
Date:   Fri Mar 25 08:12:37 2016 +0530

    loolwsd: Add CA path during SSL initialize
    
    Change-Id: I09071b5fc0c32360524506c92f444ed8c6d8e0df

diff --git a/loolwsd/LOOLWSD.cpp b/loolwsd/LOOLWSD.cpp
index d299c38..caeb378 100644
--- a/loolwsd/LOOLWSD.cpp
+++ b/loolwsd/LOOLWSD.cpp
@@ -1067,12 +1067,21 @@ void LOOLWSD::initializeSSL()
 
     Log::info("SSL Key file: " + ssl_key_file_path);
 
+    auto ssl_ca_file_path = conf.getString("ssl.ca_file_path");
+    if (conf.getBool("ssl.ca_file_path[@relative]"))
+    {
+        ssl_ca_file_path = Poco::Path(Application::instance().commandPath()).parent().append(ssl_ca_file_path).toString();
+    }
+
+    Log::info("SSL CA file: " + ssl_ca_file_path);
+
     Poco::Crypto::initializeCrypto();
 
     Poco::Net::initializeSSL();
     Poco::Net::Context::Params sslParams;
     sslParams.certificateFile = ssl_cert_file_path;
     sslParams.privateKeyFile = ssl_key_file_path;
+    sslParams.caLocation = ssl_ca_file_path;
     // Don't ask clients for certificate
     sslParams.verificationMode = Poco::Net::Context::VERIFY_NONE;
 
diff --git a/loolwsd/loolwsd.xml b/loolwsd/loolwsd.xml
index 5945ba2..d058910 100644
--- a/loolwsd/loolwsd.xml
+++ b/loolwsd/loolwsd.xml
@@ -2,6 +2,7 @@
     <ssl desc="SSL settings">
         <cert_file_path desc="Path to the cert file" relative="false">/etc/loolwsd/cert.pem</cert_file_path>
         <key_file_path desc="Path to the key file" relative="false">/etc/loolwsd/key.pem</key_file_path>
+        <ca_file_path desc="Path to the ca file" relative="false">/etc/loolwsd/CollaboraCloudSuiteCA_ca-chain.cert.pem</ca_file_path>
     </ssl>
     <storage desc="Backend storage">
         <filesystem allow="true">