Config value when testing csms name wildcards

resolves #494

Signed-off-by: AssemblyJohn <[email protected]>

config/v16/profile_schemas/Internal.json

@@ -196,6 +196,12 @@
             "readOnly": true,
             "default": true
         },
+        "VerifyCsmsAllowWildcards": {
+            "$comment": "Allow wildcards when verifying the CSMS commonName",
+            "type": "boolean",
+            "readOnly": true,
+            "default": false
+        },        
         "OcspRequestInterval": {
             "$comment": "Interval in seconds used to request OCSP revocation status information on the CSO Sub-CA certificates",
             "type": "integer",

include/ocpp/common/websocket/websocket_base.hpp

@@ -36,6 +36,7 @@ struct WebsocketConnectionOptions {
     std::optional<std::string> hostName;
     bool verify_csms_common_name;
     bool use_tpm_tls;
+    bool verify_csms_allow_wildcards;
 };
 
 enum class ConnectionFailedReason {

include/ocpp/v16/charge_point_configuration.hpp

@@ -84,6 +84,7 @@ class ChargePointConfiguration {
     KeyValue getUseSslDefaultVerifyPathsKeyValue();
     bool getVerifyCsmsCommonName();
     KeyValue getVerifyCsmsCommonNameKeyValue();
+    bool getVerifyCsmsAllowWildcards();
     bool getUseTPM();
     std::string getSupportedMeasurands();
     KeyValue getSupportedMeasurandsKeyValue();

lib/ocpp/common/websocket/websocket_tls.cpp

@@ -310,7 +310,11 @@ tls_context WebsocketTLS::on_tls_init(std::string hostname, websocketpp::connect
             // Verify hostname
             X509_VERIFY_PARAM *param = X509_VERIFY_PARAM_new();
 
-            X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+            if(this->connection_options.verify_csms_allow_wildcards) {
+                X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+            } else {
+                X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_WILDCARDS);
+            }
 
             // Set the host and parameter check
             X509_VERIFY_PARAM_set1_host(param, hostname.c_str(), hostname.length());

lib/ocpp/v16/charge_point_configuration.cpp

@@ -352,6 +352,11 @@ bool ChargePointConfiguration::getUseTPM() {
     return this->config["Internal"]["UseTPM"];
 }
 
+bool ChargePointConfiguration::getVerifyCsmsAllowWildcards() {
+    return this->config["Internal"]["VerifyCsmsAllowWildcards"];
+}
+
+
 std::string ChargePointConfiguration::getSupportedMeasurands() {
     return this->config["Internal"]["SupportedMeasurands"];
 }

lib/ocpp/v16/charge_point_impl.cpp

@@ -241,7 +241,9 @@ WebsocketConnectionOptions ChargePointImpl::get_ws_connection_options() {
                                                   this->configuration->getAdditionalRootCertificateCheck(),
                                                   this->configuration->getHostName(),
                                                   this->configuration->getVerifyCsmsCommonName(),
-                                                  this->configuration->getUseTPM()};
+                                                  this->configuration->getUseTPM(),
+                                                  this->configuration->getVerifyCsmsAllowWildcards()
+                                                  };
     return connection_options;
 }
 

lib/ocpp/v201/charge_point.cpp

@@ -860,7 +860,9 @@ WebsocketConnectionOptions ChargePoint::get_ws_connection_options(const int32_t
         this->device_model->get_optional_value<bool>(ControllerComponentVariables::AdditionalRootCertificateCheck)
             .value_or(false),
         std::nullopt, // hostName
-        true          // verify_csms_common_name
+        true,          // verify_csms_common_name
+        false,          // use tpm
+        false           // verify_csms_allow_wildcards
     };
 
     return connection_options;