[omniORB] SSL verification and information

Duncan Grisby duncan at grisby.org
Mon Nov 28 13:59:27 GMT 2005


On Sunday 27 November, "Sander Steffann" wrote:

> I am using omniORB from python and I would like to do a few things
> with SSL, but I don't know how to do them. What I would like is:
> - Set he SSL verification depth to 1, so only client certificates
> signed directly by the SA are accepted;
> - In the servant I want to know the details of the client certificate
> used to call it, and the IP address the call was made from;
> - I would like to make client certificates optional in certain cases;
> - When a servant can be reached over SSL and non-SSL, I would like to
> know how it was accessed;
> 
> I don't even know if any of these things are currently possible in
> omniORB... If anyone can give me some pointers I would realy
> appreciate it.

You can do all those things from C++, by implementing your own
sslContext object, and using interceptors to get at the connection
state. Unfortunately, none of it is exposed to Python at present.

Cheers,

Duncan.

-- 
 -- Duncan Grisby         --
  -- duncan at grisby.org     --
   -- http://www.grisby.org --



More information about the omniORB-list mailing list