©2011-2018 Open Source Electronic Health Record Alliance
This work is licensed under a Creative Commons Attribution 3.0 Unported License
This work is licensed under a Creative Commons Attribution 3.0 Unported License
XOBWSSL ;ALB/MJK - HWSC :: SSL Integration Tools ; 09/13/10 4:00pm
;;1.0;HwscWebServiceClient;;September 13, 2010;Build 31
;
QUIT
;
CHKNAME(XOBCFGN) ; -- match configuration name / used by input transform (18.12 : 3.02)
QUIT:$$CACH2008() 1 ; skip match checking if Cache 2008/higher, can't check oustide %SYS
NEW MATCH,STATUS,RS,MORE
SET MATCH=0
SET RS=##class(%ResultSet).%New("%Net.SSL.Configuration:ListNames")
IF $system.Status.IsError(RS.Execute()) GOTO CHKNAMEQ
; -- see if there is a match
FOR SET MORE=RS.Next(.STATUS) QUIT:'MORE!($system.Status.IsError(STATUS)) DO QUIT:MATCH
. IF XOBCFGN=$GET(RS.Data("Name")) SET MATCH=1 QUIT
CHKNAMEQ ; -- check name quit point
QUIT MATCH
;
DISPLAY ; -- display list of SSL configuration names / used by XECUTABLE HELP (18.12 :3.02)
QUIT:$$CACH2008() ; skip display if Cache 2008/higher, can't check oustide %SYS
NEW COUNT,RS,STATUS
SET COUNT=0
DO EN^DDIOL("Possible SSL configurations are the following:")
SET RS=##class(%ResultSet).%New("%Net.SSL.Configuration:ListNames")
IF $system.Status.IsError(RS.Execute()) GOTO DISPLAYQ
; -- display the names
FOR SET MORE=RS.Next(.STATUS) QUIT:'MORE!($system.Status.IsError(STATUS)) DO
. DO EN^DDIOL("- "_$GET(RS.Data("Name")),"","!?5")
. SET COUNT=COUNT+1
DISPLAYQ ; -- display list quit point
IF COUNT=0 DO EN^DDIOL("<No SSL configurations defined>","","!?5")
QUIT
;
GETCFG(XOBCFGN) ; -- get %Net.SSL.Configuration instance
NEW STATUS,RS,MORE,CFG
SET CFG=""
SET RS=##class(%ResultSet).%New("%Net.SSL.Configuration:Extent")
IF $system.Status.IsError(RS.Execute()) GOTO GETCFGQ
; -- see if there is a match
FOR SET MORE=RS.Next(.STATUS) QUIT:'MORE!($system.Status.IsError(STATUS)) DO QUIT:CFG]""
. SET CFG=##class(%Net.SSL.Configuration).%OpenId(RS.Data("ID"))
. IF XOBCFGN=CFG.Name QUIT
. SET CFG=""
GETCFGQ ; -- get SSL config instance exit point
QUIT CFG
;
SHOW(XOBCFGN) ; -- simple display of SSL Configuration
QUIT:$$CACH2008() ; skip if Cache 2008/higher, can't check oustide %SYS
NEW CFG
SET CFG=$$GETCFG(XOBCFGN)
IF CFG="" GOTO SHOWQ
WRITE !,"SSL Configuration Name: ",!?5," > ",CFG.Name
WRITE !,"File containing X.509 certificate(s) of trusted CAs: ",!?5," > ",$$GETSTR(CFG.CAFile)
WRITE !,"Directory containing file(s) with X.509 certificate(s) of trusted CA: ",!?5," > ",$$GETSTR(CFG.CAPath)
WRITE !,"File containing this configuration's X.509 certificate: ",!?5," > ",$$GETSTR(CFG.CertificateFile)
WRITE !,"Ciphersuites: ",!?5," > ",$$GETSTR(CFG.CipherList)
WRITE !,"File containing this configuration's private key: ",!?5," > ",$$GETSTR(CFG.PrivateKeyFile)
WRITE !,"Private key type: ",!?5," > ",$$GETSTR($SELECT(CFG.PrivateKeyType=1:"DSA",CFG.PrivateKeyType=2:"RSA",1:""))
WRITE !,"Intended role for this configuration: ",!?5," > ",$$GETSTR($SELECT(CFG.Role=0:"client",CFG.Role=1:"server",1:""))
WRITE !,"Peer certificate verification level: " DO
. ; -- client role
. IF CFG.Role=0 WRITE !?5," > ",$$GETSTR($SELECT(CFG.VerifyPeer=0:"none",CFG.VerifyPeer=1:"required",1:"")) QUIT
. ; -- server role
. IF CFG.Role=1 WRITE !?5," > ",$$GETSTR($SELECT(CFG.VerifyPeer=0:"none",CFG.VerifyPeer=1:"request",CFG.VerifyPeer=3:"required",1:"")) QUIT
WRITE !,"Maximum number of CA certificates allowed in peer certificate chain: ",!?5," > ",$$GETSTR(CFG.VerifyDepth)
SHOWQ ;
QUIT
;
GETSTR(STR) ;
QUIT $SELECT(STR]"":STR,1:"<null>")
;
CACH2008() ; quit 1 if OS is 2008 or higher
NEW XOBVER
SET XOBVER=$$VERSION^%ZOSV()
IF +$P(XOBVER,".")>2007 QUIT 1
QUIT 0