verify that torrent names matches the DNS name in its certificate (RFC 2818-style). Fix issues that was breaking SSL support and tidy up a bit

2012-01-15 23:34:43 +00:00
parent 4a40e68a82
commit ae90a8f85e
10 changed files with 230 additions and 41 deletions
--- a/src/bt_peer_connection.cpp
+++ b/src/bt_peer_connection.cpp
@@ -229,7 +229,7 @@ namespace libtorrent
 		if (key.size() == 32) out_enc_policy = pe_settings::disabled;

 		// never try an encrypted connection when already using SSL
-		if (get_socket()->get<ssl_stream<stream_socket> >() || get_socket()->get<ssl_stream<utp_stream> >())
+		if (is_ssl(*get_socket()))
 			out_enc_policy = pe_settings::disabled;
 #endif
 #ifdef TORRENT_VERBOSE_LOGGING
@@ -2946,8 +2946,7 @@ namespace libtorrent
 #endif

 #ifdef TORRENT_USE_OPENSSL
-				if (get_socket()->get<ssl_stream<stream_socket> >()
-					|| get_socket()->get<ssl_stream<utp_stream> >())
+				if (is_ssl(*get_socket()))
 				{
 #ifdef TORRENT_VERBOSE_LOGGING
 					peer_log("*** SSL peers are not allowed to use any other encryption");
@@ -3030,9 +3029,10 @@ namespace libtorrent
 #ifndef TORRENT_DISABLE_ENCRYPTION
 				TORRENT_ASSERT(m_state != read_pe_dhkey);

-				if (!is_local() && 
-					(m_ses.get_pe_settings().in_enc_policy == pe_settings::forced) &&
-					!m_encrypted) 
+				if (!is_local()
+					&& m_ses.get_pe_settings().in_enc_policy == pe_settings::forced
+					&& !m_encrypted
+					&& !is_ssl(*get_socket()))
 				{
 					disconnect(errors::no_incoming_regular);
 					return;