13 Commits

Author SHA1 Message Date
Pascal Obry
8e86a47cf4 Fix build of demos in Ada 2022 mode.
Motivated by eng/toolchain/aws#74
2025-01-21 07:56:55 +01:00
Pascal Obry
7563f62271 Remove Check_Host parameter.
Certificate check is controlled only using Check_Certificate.

TN: eng/toolchain/aws#31
2024-06-27 15:15:08 +00:00
Pascal Obry
b88f380dc1 Improve documentation about the certificates validity.
The demos' certificates are now valid until 2034. Also install
the certificates into share/examples/aws/certificates.

Motivated by eng/toolchain/aws#31
2024-06-27 15:15:08 +00:00
Pascal Obry
40c93aac18 Rework SSL API to allow for certificate & host verification.
First the parameter Certificate_Required has been renamed Check_Certificate
to better describe the actual semantic.

The default is now to verify the certificate and the host. Both
default values in AWS.Default (Check_Certificate & Check_Host) have
been set to true. This means that the call in AWS.Client (Get, Post,
Head, Put, Delete, Upload and SOAP_Post) are safe and will always
check for certificate and host. To disable those checks one need
to create a connection and setup the SSL configuration with options
disabled:

    WS  : Server.HTTP;
    SSL : Net.SSL.Config;

    Net.SSL.Initialize
      (SSL,
       Security_Mode      => Net.SSL.TLS_Server,
       Server_Certificate => "aws-server.crt",
       Server_Key         => "aws-server.key",
       Check_Certificate  => False);

    Server.Set_SSL_Config (WS, SSL);

For the client side it is also possible to disable the host check,
and so not detecting man-in-the-middle kind of attacks, so hightly
discouraged:

    Net.SSL.Initialize
      (SSL,
       Security_Mode      => Net.SSL.TLS_Client,
       Client_Certificate => "cert.pem",
       Check_Certificate  => False,
       Check_Host         => False);

The configuration API has been updated to support those two new parameters.

TN: eng/toolchain/aws#31
2024-06-27 15:15:08 +00:00
Pascal Obry
990287f4df Revert all Ada 2022 changes. 2024-03-14 23:17:52 +01:00
Pascal Obry
1e2a62a024 Fix build of demos in Ada 2022 mode. 2024-03-14 20:00:39 +01:00
Pascal Obry
177f1054e4 Fix build of demos after work for the out-of-tree support. 2024-01-19 08:03:17 +00:00
Bob Plested
2aee07f59c Changed gpr files to call gnat12 2018-09-24 19:49:30 +02:00
Pascal Obry
4e4159335f Rename makefile to Makefile (GNU standard)
This is also what GPS expects by default.

For O604-017.
2015-06-16 17:20:29 +02:00
Pascal Obry
b7ab5d65fa Add support for signed server's key file.
It is now possible to use a signed key file with AWS. In this case
a pass-phrase is requested to be able to start the HTTPS
session. This pass-phrase can be handed over to the server using
the Set_Password_Callback in AWS.Net.SSL.Certificate.

The HTTPS demo has been enhanced to demonstrate this.

Add corresponding regression test.

For 0202-018.
2015-03-24 18:59:22 +01:00
Pascal Obry
edbe641e9b Minor code clean-up. 2015-02-11 22:23:18 +01:00
Pascal Obry
fdfbeaded9 Add auto-configuration of the priority string on GNUTLS.
When the priority string is empty it is set depending on the
protocol version set in Security_Mode. This allows better
compatibility with the OpenSSL mode.

Motivated by O202-018.
2015-02-11 20:56:53 +01:00
Pascal Obry
4401144e90 Add HTTPS demo.
This demo ways to select a specific protocol like TLS 1.2 and enforce
it as the only allowed protocol.

Motivated by O202-018.
2015-02-11 20:56:53 +01:00