1 // carddav-sslverify.cpp - CardDAV Object - SSL verification subroutines.
3 // (c) 2012-2015 Xestia Software Development.
5 // This file is part of Xestia Address Book.
7 // Xestia Address Book is free software: you can redistribute it and/or modify
8 // it under the terms of the GNU General Public License as published by the
9 // Free Software Foundation, version 3 of the license.
11 // Xestia Address Book is distributed in the hope that it will be useful,
12 // but WITHOUT ANY WARRANTY; without even the implied warranty of
13 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 // GNU General Public License for more details.
16 // You should have received a copy of the GNU General Public License along
17 // with Xestia Address Book. If not, see <http://www.gnu.org/licenses/>
20 #include "../version.h"
22 #include <wx/tokenzr.h>
24 #include <libxml/parser.h>
25 #include <libxml/tree.h>
28 #include "../vcard/vcard.h"
29 #include "../common/dirs.h"
31 CURLcode CardDAV::SSLVerifyTest(){
38 AbortConnection = FALSE;
43 wxString ServerAddressURL;
45 wxString ServerAddressSSL;
46 wxString ServerAddressNormal;
48 conn = curl_easy_init();
50 /*struct CardDAVCURLPasser {
53 bool HeaderMode = TRUE;
55 } CardDAVHeader, CardDAVFooter;
57 CardDAVHeader.Data = this;
58 CardDAVHeader.HeaderMode = TRUE;
60 CardDAVFooter.Data = this;
61 CardDAVFooter.HeaderMode = FALSE;*/
66 ServerAddressURL = ServerAddress + wxT(":") + wxString::Format(wxT("%i"), ServerPort) + wxT("/");
67 ServerAddressSSL = wxT("https://") + ServerAddressURL;
72 struct curl_slist *certdata;
73 struct curl_certinfo *certinfo;
78 // Setup two initial connections and attempt to get the certificate data.
80 curl_easy_setopt(conn, CURLOPT_URL, (const char*)ServerAddressSSL.mb_str(wxConvUTF8));
81 curl_easy_setopt(conn, CURLOPT_CERTINFO, 1);
82 curl_easy_setopt(conn, CURLOPT_VERBOSE, 1L);
83 //curl_easy_setopt(conn, CURLOPT_SSL_VERIFYPEER, FALSE);
84 //curl_easy_setopt(conn, CURLOPT_SSL_VERIFYHOST, FALSE);
85 curl_easy_setopt(conn, CURLOPT_ERRORBUFFER, curlerrbuffer);
86 curl_easy_setopt(conn, CURLOPT_WRITEFUNCTION, WritebackFunc);
87 curl_easy_setopt(conn, CURLOPT_WRITEDATA, &PageData);
88 curl_easy_setopt(conn, CURLOPT_WRITEHEADER, &PageHeader);
90 conncode = (curl_easy_perform(conn));
92 // Check if the SSL certificate is valid or self-signed or some other
95 if (conncode == CURLE_OK){
97 // Connection is OK. Do nothing.
101 } else if (conncode == CURLE_SSL_CACERT || conncode == CURLE_SSL_CONNECT_ERROR){
103 connssldata = curl_easy_init();
105 // Retry but get the certificates without peer/host verification.
107 curl_easy_setopt(connssldata, CURLOPT_URL, (const char*)ServerAddressSSL.mb_str(wxConvUTF8));
108 curl_easy_setopt(connssldata, CURLOPT_CERTINFO, 1);
109 curl_easy_setopt(connssldata, CURLOPT_VERBOSE, 1L);
110 curl_easy_setopt(connssldata, CURLOPT_ERRORBUFFER, curlerrbuffer);
111 curl_easy_setopt(connssldata, CURLOPT_WRITEFUNCTION, WritebackFunc);
112 curl_easy_setopt(connssldata, CURLOPT_WRITEDATA, &PageData);
113 curl_easy_setopt(connssldata, CURLOPT_WRITEHEADER, &PageHeader);
114 curl_easy_setopt(connssldata, CURLOPT_SSL_VERIFYPEER, 0L);
115 curl_easy_setopt(connssldata, CURLOPT_SSL_VERIFYHOST, 0L);
117 CURLcode certfetchcode;
119 certfetchcode = (curl_easy_perform(connssldata));
121 VerifyCertCollection = BuildSSLCollection(connssldata);
123 if (certfetchcode == CURLE_OK){
125 curl_easy_getinfo(connssldata, CURLINFO_CERTINFO, &ptr.certdata);
127 VerifyCertCollection = BuildSSLCollection(connssldata);
131 conncode = certfetchcode;
135 *ServerResult = FALSE;
139 fprintf(stderr, "curl_easy_perform() failed: %s\n",
140 curl_easy_strerror(conncode));
142 ErrorMessage = wxString::Format(wxT("%s"), curl_easy_strerror(conncode));
144 *ServerResult = FALSE;
150 curl_easy_cleanup(conn);