diff --git a/dcm4chee-arc-assembly/src/main/resources/ldap/sample-config.ldif b/dcm4chee-arc-assembly/src/main/resources/ldap/sample-config.ldif index 4f144f7846..4a340ef95f 100644 --- a/dcm4chee-arc-assembly/src/main/resources/ldap/sample-config.ldif +++ b/dcm4chee-arc-assembly/src/main/resources/ldap/sample-config.ldif @@ -993,6 +993,7 @@ dcmQueueName: Export3 dcmExporterID: XDS-I dicomAETitle: DCM4CHEE objectClass: dcmExporter +dcmProperty: TLS.disableCNCheck=true dcmProperty: XDSSubmissionSet.contentType=(DICOM KON TYPECODE, 1.3.6.1.4.1.21367.100.1, "DICOM Key Object Note Type Code") dcmProperty: DocumentEntry.languageCode=en-us dcmProperty: DocumentEntry.typeCode=(DICOM KON TYPECODE, 1.3.6.1.4.1.21367.100.1, "DICOM Key Object Note Type Code") diff --git a/dcm4chee-arc-conf-test/src/test/java/org/dcm4chee/arc/conf/ArchiveDeviceFactory.java b/dcm4chee-arc-conf-test/src/test/java/org/dcm4chee/arc/conf/ArchiveDeviceFactory.java index d092fcebb9..c1d7fa0555 100644 --- a/dcm4chee-arc-conf-test/src/test/java/org/dcm4chee/arc/conf/ArchiveDeviceFactory.java +++ b/dcm4chee-arc-conf-test/src/test/java/org/dcm4chee/arc/conf/ArchiveDeviceFactory.java @@ -1412,6 +1412,7 @@ private static void addArchiveDeviceExtension(Device device, Device unknown, Con xdsiExportDescriptor.setAETitle("DCM4CHEE"); xdsiExportDescriptor.setRetrieveAETitles("DCM4CHEE"); xdsiExportDescriptor.setRetrieveLocationUID(XDSI_SOURCE_ID); + xdsiExportDescriptor.setProperty("TLS.disableCNCheck", "true"); xdsiExportDescriptor.setProperty("Manifest.title", XDSI_MANIFEST_TITLE.toString()); xdsiExportDescriptor.setProperty("AssigningAuthority.patientId", XDSI_ASSIGNING_AUTHORITY); xdsiExportDescriptor.setProperty("AssigningAuthority.accessionNumber", XDSI_ASSIGNING_AUTHORITY); diff --git a/dcm4chee-arc-export-xdsi/src/main/java/org/dcm4chee/arc/export/xdsi/XDSiExporter.java b/dcm4chee-arc-export-xdsi/src/main/java/org/dcm4chee/arc/export/xdsi/XDSiExporter.java index 2738bdb4d8..a73bb76200 100644 --- a/dcm4chee-arc-export-xdsi/src/main/java/org/dcm4chee/arc/export/xdsi/XDSiExporter.java +++ b/dcm4chee-arc-export-xdsi/src/main/java/org/dcm4chee/arc/export/xdsi/XDSiExporter.java @@ -112,6 +112,7 @@ public class XDSiExporter extends AbstractExporter { private final Device device; private final Event exportEvent; + private boolean disableCNCheck; private final String sourceId; private final String assigningAuthorityOfPatientID; private final String assigningAuthorityOfAccessionNumber; @@ -147,6 +148,7 @@ public XDSiExporter(ExporterDescriptor descriptor, DocumentRepositoryService ser this.device = device; this.exportEvent = exportEvent; this.repositoryURL = descriptor.getExportURI().getSchemeSpecificPart(); + this.disableCNCheck = Boolean.parseBoolean(descriptor.getProperty("TLS.disableCNCheck", null)); this.manifestTitle = getCodeProperty("Manifest.title", DEFAULT_MANIFEST_TITLE); this.manifestSeriesNumber = Integer.parseInt(descriptor.getProperty("Manifest.seriesNumber", "0")); this.manifestInstanceNumber = Integer.parseInt(descriptor.getProperty("Manifest.instanceNumber", "0")); @@ -267,7 +269,9 @@ private DocumentRepositoryPortType port() throws Exception { new AddressingFeature(true, true), new MTOMFeature()); XDSUtils.ensureMustUnderstandHandler(port); - XDSUtils.setEndpointAddress(port, repositoryURL, device); + XDSUtils.setEndpointAddress(port, repositoryURL); + if (repositoryURL.startsWith("https")) + XDSUtils.setTlsClientParameters(port, device.sslContext().getSocketFactory(), disableCNCheck); return port; } diff --git a/dcm4chee-arc-xdsi/src/main/java/org/dcm4chee/arc/xdsi/SlotBuilder.java b/dcm4chee-arc-xdsi/src/main/java/org/dcm4chee/arc/xdsi/SlotBuilder.java index f48e8840ce..400728606d 100644 --- a/dcm4chee-arc-xdsi/src/main/java/org/dcm4chee/arc/xdsi/SlotBuilder.java +++ b/dcm4chee-arc-xdsi/src/main/java/org/dcm4chee/arc/xdsi/SlotBuilder.java @@ -38,10 +38,9 @@ package org.dcm4chee.arc.xdsi; -import org.dcm4che3.data.DatePrecision; -import org.dcm4che3.util.DateUtils; - -import java.util.*; +import java.util.Collection; +import java.util.Collections; +import java.util.Date; /** * @author Gunter Zeilinger @@ -73,7 +72,7 @@ public SlotBuilder valueList(Collection values) { } public SlotBuilder valueDTM(Date date) { - return valueList(DateUtils.formatDT(TimeZone.getTimeZone("UTC"), date, new DatePrecision(Calendar.SECOND))); + return valueList(XDSUtils.formatDTM(date)); } public SlotBuilder slotType(String value) { diff --git a/dcm4chee-arc-xdsi/src/main/java/org/dcm4chee/arc/xdsi/XDSUtils.java b/dcm4chee-arc-xdsi/src/main/java/org/dcm4chee/arc/xdsi/XDSUtils.java index f84751f677..4ee3f51b13 100644 --- a/dcm4chee-arc-xdsi/src/main/java/org/dcm4chee/arc/xdsi/XDSUtils.java +++ b/dcm4chee-arc-xdsi/src/main/java/org/dcm4chee/arc/xdsi/XDSUtils.java @@ -42,13 +42,15 @@ import org.apache.cxf.endpoint.Client; import org.apache.cxf.frontend.ClientProxy; import org.apache.cxf.transport.http.HTTPConduit; +import org.dcm4che3.data.DatePrecision; import org.dcm4che3.net.Device; +import org.dcm4che3.util.DateUtils; +import javax.net.ssl.SSLSocketFactory; import javax.xml.ws.BindingProvider; import java.io.IOException; import java.security.GeneralSecurityException; -import java.util.Collections; -import java.util.Map; +import java.util.*; /** * @author Gunter Zeilinger @@ -61,28 +63,31 @@ public static void ensureMustUnderstandHandler(Object port) { bindingProvider.getBinding().setHandlerChain(Collections.singletonList(new EnsureMustUnderstandHandler())); } - public static void setEndpointAddress(Object port, String url, Device device) + public static void setEndpointAddress(Object port, String url) throws GeneralSecurityException, IOException { BindingProvider bindingProvider = (BindingProvider) port; bindingProvider.getBinding().setHandlerChain(Collections.singletonList(new EnsureMustUnderstandHandler())); Map reqCtx = bindingProvider.getRequestContext(); reqCtx.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, url); - if (url.startsWith("https")) - setTlsClientParameters(port, device); } - public static void setTlsClientParameters(Object port, Device device) + public static void setTlsClientParameters(Object port, SSLSocketFactory factory, boolean disableCNCheck) throws GeneralSecurityException, IOException { Client client = ClientProxy.getClient(port); HTTPConduit conduit = (HTTPConduit) client.getConduit(); - conduit.setTlsClientParameters(tlsClientParametersOf(device)); + conduit.setTlsClientParameters(tlsClientParametersOf(factory, disableCNCheck)); } - private static TLSClientParameters tlsClientParametersOf(Device device) + private static TLSClientParameters tlsClientParametersOf(SSLSocketFactory factory, boolean disableCNCheck) throws GeneralSecurityException, IOException { TLSClientParameters params = new TLSClientParameters(); - params.setSSLSocketFactory(device.sslContext().getSocketFactory()); + params.setSSLSocketFactory(factory); + params.setDisableCNCheck(disableCNCheck); return params; } + public static String formatDTM(Date date) { + return DateUtils.formatDT(TimeZone.getTimeZone("UTC"), date, new DatePrecision(Calendar.SECOND)); + } + }