diff options
author | Zbigniew Kurzynski <zbigniew.kurzynski@intel.com> | 2019-11-07 12:55:04 +0100 |
---|---|---|
committer | Zbigniew Kurzynski <zbigniew.kurzynski@intel.com> | 2019-12-19 07:52:01 +0000 |
commit | cac94c55c59a397524a04786f4d699e2bd7f21bf (patch) | |
tree | 8ca4f7b790c643c18ed93a80309cec91ff98119e | |
parent | b28eb8ed4a1d5f05aa9911e94e53f261add4bb65 (diff) | |
download | bmcweb-cac94c55c59a397524a04786f4d699e2bd7f21bf.tar.gz bmcweb-cac94c55c59a397524a04786f4d699e2bd7f21bf.zip |
Turning ON the mutual TLS
This commit sets the mutual TLS option to ON by default.
Core mTLS implementation was accepted under this commit:
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/23588
where by default the mTLS was disabled.
Tested:
Manual tests were made to verify if this option turns the
mTLS ON.
Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com>
Change-Id: I3bc5f5453d4c4df1cd7ecb0b8868423285b6ab83
-rw-r--r-- | CMakeLists.txt | 2 | ||||
-rw-r--r-- | http/http_connection.h | 2 | ||||
-rw-r--r-- | include/sessions.hpp | 2 |
3 files changed, 3 insertions, 3 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 9303e4d..22bc6ad 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -86,7 +86,7 @@ option ( BMCWEB_ENABLE_MUTUAL_TLS_AUTHENTICATION "Enables authenticating users through TLS client certificates. The BMCWEB_INSECURE_DISABLE_SSL must be OFF for this option to take effect." - OFF + ON ) # Insecure options. Every option that starts with a BMCWEB_INSECURE flag should diff --git a/http/http_connection.h b/http/http_connection.h index cce4a54..7e92ea7 100644 --- a/http/http_connection.h +++ b/http/http_connection.h @@ -275,7 +275,7 @@ class Connection SSL_set_session_id_context( adaptor.native_handle(), reinterpret_cast<const unsigned char*>(serverName.c_str()), - serverName.length()); + static_cast<unsigned int>(serverName.length())); BMCWEB_LOG_DEBUG << this << " TLS is enabled on this connection."; } diff --git a/include/sessions.hpp b/include/sessions.hpp index f197bff..4144705 100644 --- a/include/sessions.hpp +++ b/include/sessions.hpp @@ -108,7 +108,7 @@ struct AuthConfigMethods bool cookie = true; bool sessionToken = true; bool basic = true; - bool tls = true; + bool tls = false; void fromJson(const nlohmann::json& j) { |