source/carddav/carddav-sslverify.cpp

   1 #include "carddav.h"
   2 #include "../version.h"
   3 #include <wx/wx.h>
   4 #include <wx/tokenzr.h>
   5 #include <wx/ffile.h>
   6 #include <libxml/parser.h>
   7 #include <libxml/tree.h>
   8 #include <map>
   9 #include <thread>
  10 #include "../vcard/vcard.h"
  11 #include "../common/dirs.h"
  12
  13 CURLcode CardDAV::SSLVerifyTest(){
  14
  15         PageData.Clear();
  16         PageHeader.Clear();
  17
  18         SSLStatus = TRUE;
  19         AuthPassed = TRUE;
  20         AbortConnection = FALSE;
  21
  22         CURL *conn;
  23         CURL *connssldata;
  24         CURLcode conncode;
  25         wxString ServerAddressURL;
  26         wxString ServerAuth;
  27         wxString ServerAddressSSL;
  28         wxString ServerAddressNormal;
  29
  30         conn = curl_easy_init();
  31
  32         /*struct CardDAVCURLPasser {
  33
  34                 CardDAV *Data;
  35                 bool HeaderMode = TRUE;
  36
  37         } CardDAVHeader, CardDAVFooter;
  38
  39         CardDAVHeader.Data = this;
  40         CardDAVHeader.HeaderMode = TRUE;
  41
  42         CardDAVFooter.Data = this;
  43         CardDAVFooter.HeaderMode = FALSE;*/
  44
  45         wxString Data1;
  46         wxString Data2;
  47
  48         ServerAddressURL = ServerAddress + wxT(":") + wxString::Format(wxT("%i"), ServerPort) + wxT("/");
  49         ServerAddressSSL = wxT("https://") + ServerAddressURL;
  50
  51         if (ServerSSL){
  52
  53                 union {
  54                         struct curl_slist       *certdata;
  55                         struct curl_certinfo    *certinfo;
  56                 } ptr;
  57
  58                 ptr.certdata = NULL;
  59
  60                 // Setup two initial connections and attempt to get the certificate data.
  61
  62                 curl_easy_setopt(conn, CURLOPT_URL, (const char*)ServerAddressSSL.mb_str(wxConvUTF8));
  63                 curl_easy_setopt(conn, CURLOPT_CERTINFO, 1);
  64                 curl_easy_setopt(conn, CURLOPT_VERBOSE, 1L);
  65                 //curl_easy_setopt(conn, CURLOPT_SSL_VERIFYPEER, FALSE);
  66                 //curl_easy_setopt(conn, CURLOPT_SSL_VERIFYHOST, FALSE);
  67                 curl_easy_setopt(conn, CURLOPT_ERRORBUFFER, curlerrbuffer);
  68                 curl_easy_setopt(conn, CURLOPT_WRITEFUNCTION, WritebackFunc);
  69                 curl_easy_setopt(conn, CURLOPT_WRITEDATA, &PageData);
  70                 curl_easy_setopt(conn, CURLOPT_WRITEHEADER, &PageHeader);
  71
  72                 conncode = (curl_easy_perform(conn));
  73
  74                 // Check if the SSL certificate is valid or self-signed or some other
  75                 // error occured.
  76
  77                 if (conncode == CURLE_OK){
  78
  79                         // Connection is OK. Do nothing.
  80
  81                         *ServerResult = TRUE;
  82
  83                 } else if (conncode == CURLE_SSL_CACERT || conncode == CURLE_SSL_CONNECT_ERROR){
  84
  85                         connssldata = curl_easy_init();
  86
  87                         // Retry but get the certificates without peer/host verification.
  88
  89                         curl_easy_setopt(connssldata, CURLOPT_URL, (const char*)ServerAddressSSL.mb_str(wxConvUTF8));
  90                         curl_easy_setopt(connssldata, CURLOPT_CERTINFO, 1);
  91                         curl_easy_setopt(connssldata, CURLOPT_VERBOSE, 1L);
  92                         curl_easy_setopt(connssldata, CURLOPT_ERRORBUFFER, curlerrbuffer);
  93                         curl_easy_setopt(connssldata, CURLOPT_WRITEFUNCTION, WritebackFunc);
  94                         curl_easy_setopt(connssldata, CURLOPT_WRITEDATA, &PageData);
  95                         curl_easy_setopt(connssldata, CURLOPT_WRITEHEADER, &PageHeader);
  96                         curl_easy_setopt(connssldata, CURLOPT_SSL_VERIFYPEER, 0L);
  97                         curl_easy_setopt(connssldata, CURLOPT_SSL_VERIFYHOST, 0L);
  98
  99                         CURLcode certfetchcode;
 100
 101                         certfetchcode = (curl_easy_perform(connssldata));
 102
 103                         VerifyCertCollection = BuildSSLCollection(connssldata);
 104
 105                         if (certfetchcode == CURLE_OK){
 106
 107                                 curl_easy_getinfo(connssldata, CURLINFO_CERTINFO, &ptr.certdata);
 108
 109                                 VerifyCertCollection = BuildSSLCollection(connssldata);
 110
 111                         } else {
 112
 113                                 conncode = certfetchcode;
 114
 115                         }
 116
 117                         *ServerResult = FALSE;
 118
 119                 } else {
 120
 121                         fprintf(stderr, "curl_easy_perform() failed: %s\n",
 122                                 curl_easy_strerror(conncode));
 123
 124                         ErrorMessage = wxString::Format(wxT("%s"), curl_easy_strerror(conncode));
 125
 126                         *ServerResult = FALSE;
 127
 128                 }
 129
 130         }
 131
 132         curl_easy_cleanup(conn);
 133
 134         return conncode;
 135
 136 }