From 0f9e1a1d73f241ff03d629d0c8b6e97c6d75e8f1 Mon Sep 17 00:00:00 2001 From: Steve Brokenshire Date: Sun, 27 Sep 2015 08:30:05 +0100 Subject: [PATCH 1/1] Add support for self-signed certificates while creating an account (Connect() and GetDefaultAddressBookURL() only) --- source/carddav/carddav.cpp | 123 ++++++++++++++++++++++++------------- source/carddav/carddav.h | 5 +- 2 files changed, 85 insertions(+), 43 deletions(-) diff --git a/source/carddav/carddav.cpp b/source/carddav/carddav.cpp index 851b55c..7f0c6a7 100644 --- a/source/carddav/carddav.cpp +++ b/source/carddav/carddav.cpp @@ -75,6 +75,7 @@ CURLcode CardDAV::claconncode; int CardDAV::HTTPErrorCode; wxString CardDAV::ErrorMessage; SSLCertCollection CardDAV::VerifyCertCollection; +bool CardDAV::AllowSelfSign; CardDAV::CardDAV(){ ServerPort = 8080; @@ -84,6 +85,7 @@ CardDAV::CardDAV(){ ValidResponse = FALSE; HasCalDAVSupport = FALSE; SSLCertCol.SuccessCode = 0; + AllowSelfSign = FALSE; AbortConnection = FALSE; UploadMode = FALSE; @@ -188,6 +190,12 @@ bool CardDAV::AbleToLogin(){ } +bool CardDAV::IsSelfSigned(){ + + return AllowSelfSign; + +} + /* size_t CardDAV::WritebackFunc(char *ptr, size_t size, size_t nmemb, FILE *stream){ @@ -304,14 +312,12 @@ CURLcode CardDAV::SSLVerifyTest(){ curl_easy_setopt(connssldata, CURLOPT_URL, (const char*)ServerAddressSSL.mb_str(wxConvUTF8)); curl_easy_setopt(connssldata, CURLOPT_CERTINFO, 1); curl_easy_setopt(connssldata, CURLOPT_VERBOSE, 1L); - //curl_easy_setopt(conn, CURLOPT_SSL_VERIFYPEER, FALSE); - //curl_easy_setopt(conn, CURLOPT_SSL_VERIFYHOST, FALSE); curl_easy_setopt(connssldata, CURLOPT_ERRORBUFFER, curlerrbuffer); curl_easy_setopt(connssldata, CURLOPT_WRITEFUNCTION, WritebackFunc); curl_easy_setopt(connssldata, CURLOPT_WRITEDATA, &PageData); curl_easy_setopt(connssldata, CURLOPT_WRITEHEADER, &PageHeader); - //curl_easy_setopt(connssldata, CURLOPT_SSL_VERIFYPEER, FALSE); - //curl_easy_setopt(connssldata, CURLOPT_SSL_VERIFYHOST, FALSE); + curl_easy_setopt(connssldata, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(connssldata, CURLOPT_SSL_VERIFYHOST, 0L); CURLcode certfetchcode; @@ -356,6 +362,10 @@ SSLCertCollection CardDAV::GetSSLVerifyResults(){ return VerifyCertCollection; } +void CardDAV::AllowSelfSignTest(bool AllowSelfSignIn){ + AllowSelfSign = AllowSelfSignIn; +} + bool CardDAV::Connect(){ PageData.Clear(); @@ -365,8 +375,8 @@ bool CardDAV::Connect(){ AuthPassed = TRUE; AbortConnection = FALSE; - CURL *conn; - CURLcode conncode; + CURL *conn; + CURLcode conncode; wxString ServerAddressURL; wxString ServerAuth; wxString ServerAddressSSL; @@ -439,8 +449,7 @@ bool CardDAV::Connect(){ } else if (conncode == CURLE_SSL_CACERT){ - // Post message saying SSL certificate is invalid and - + // Post message saying SSL certificate is invalid. curl_easy_getinfo(conn, CURLINFO_CERTINFO, &ptr.certdata); @@ -468,6 +477,11 @@ bool CardDAV::Connect(){ curl_easy_setopt(conn, CURLOPT_WRITEHEADER, &PageHeader); curl_easy_setopt(conn, CURLOPT_NOSIGNAL, 1); curl_easy_setopt(conn, CURLOPT_CERTINFO, 1); + + if (AllowSelfSign == TRUE){ + curl_easy_setopt(conn, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(conn, CURLOPT_SSL_VERIFYHOST, 0L); + } conncode = (curl_easy_perform(conn)); @@ -503,6 +517,7 @@ bool CardDAV::Connect(){ } *ServerResult = TRUE; + ValidResponse = TRUE; AuthPassed = TRUE; SSLStatus = TRUE; return TRUE; @@ -3157,8 +3172,8 @@ wxString CardDAV::GetDefaultAddressBookURL(){ AuthPassed = TRUE; AbortConnection = FALSE; - CURL *conn; - CURLcode conncode; + CURL *conn; + CURLcode conncode; wxString ServerAddressURL; wxString ServerAuth; wxString ServerAddressSSL; @@ -3208,9 +3223,24 @@ wxString CardDAV::GetDefaultAddressBookURL(){ ServerAuth = ServerUser + wxT(":") + ServerPass; - wxString SAURLPrincipals = ServerAddressURL + wxT("principals/"); - wxString SAURLPrincipalURL = ServerAddress + wxT(":") + wxString::Format(wxT("%i"), ServerPort); - wxString SAURLAddressURL = ServerAddress + wxT(":") + wxString::Format(wxT("%i"), ServerPort); + wxString SAURLPrincipals; + wxString SAURLPrincipalURL; + wxString SAURLAddressURL; + + if (ServerSSL){ + + SAURLPrincipals = ServerAddressSSL + wxT("principals/"); + SAURLPrincipalURL = ServerAddressSSL; + SAURLAddressURL = ServerAddressSSL; + + } else { + + SAURLPrincipals = ServerAddressNormal + wxT("principals/"); + SAURLPrincipalURL = ServerAddressNormal; + SAURLAddressURL = ServerAddressNormal; + + } + wxString FinalPrefix; struct UploadDataStruc UploadData; @@ -3257,15 +3287,14 @@ wxString CardDAV::GetDefaultAddressBookURL(){ curl_easy_setopt(conn, CURLOPT_WRITEDATA, &PageData); curl_easy_setopt(conn, CURLOPT_WRITEHEADER, &PageHeader); curl_easy_setopt(conn, CURLOPT_NOSIGNAL, 1); - - if (UploadMode == TRUE){ - - UploadData.readptr = &ServerUploadData; - UploadData.sizeleft = ServerUploadData.Len(); - curl_easy_setopt(conn, CURLOPT_UPLOAD, 1); - curl_easy_setopt(conn, CURLOPT_READDATA, &UploadData); - curl_easy_setopt(conn, CURLOPT_READFUNCTION, UploadReadFunc); + curl_easy_setopt(conn, CURLOPT_CUSTOMREQUEST, "PROPFIND"); + curl_easy_setopt(conn, CURLOPT_POSTFIELDS, query); + curl_easy_setopt(conn, CURLOPT_POSTFIELDSIZE, strlen(query)); + curl_easy_setopt(conn, CURLOPT_HTTPHEADER, connhd); + if (AllowSelfSign == TRUE){ + curl_easy_setopt(conn, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(conn, CURLOPT_SSL_VERIFYHOST, 0L); } conncode = (curl_easy_perform(conn)); @@ -3274,8 +3303,8 @@ wxString CardDAV::GetDefaultAddressBookURL(){ *ServerResult = TRUE; AuthPassed = TRUE; + ValidResponse = TRUE; SSLStatus = TRUE; - return wxT(""); } else { @@ -3434,7 +3463,7 @@ wxString CardDAV::GetDefaultAddressBookURL(){ if (ServerSSL){ - curl_easy_setopt(conn, CURLOPT_URL, (const char*)ServerAddressSSL.mb_str(wxConvUTF8)); + curl_easy_setopt(conn, CURLOPT_URL, (const char*)SAURLPrincipalURL.mb_str(wxConvUTF8)); curl_easy_setopt(conn, CURLOPT_NOPROGRESS, 1L); curl_easy_setopt(conn, CURLOPT_HTTPAUTH, CURLAUTH_ANYSAFE); curl_easy_setopt(conn, CURLOPT_TIMEOUT, 60); @@ -3445,15 +3474,14 @@ wxString CardDAV::GetDefaultAddressBookURL(){ curl_easy_setopt(conn, CURLOPT_WRITEDATA, &PageData); curl_easy_setopt(conn, CURLOPT_WRITEHEADER, &PageHeader); curl_easy_setopt(conn, CURLOPT_NOSIGNAL, 1); + curl_easy_setopt(conn, CURLOPT_CUSTOMREQUEST, "PROPFIND"); + curl_easy_setopt(conn, CURLOPT_POSTFIELDS, query2); + curl_easy_setopt(conn, CURLOPT_POSTFIELDSIZE, strlen(query2)); + curl_easy_setopt(conn, CURLOPT_HTTPHEADER, connhd2); - if (UploadMode == TRUE){ - - UploadData.readptr = &ServerUploadData; - UploadData.sizeleft = ServerUploadData.Len(); - curl_easy_setopt(conn, CURLOPT_UPLOAD, 1); - curl_easy_setopt(conn, CURLOPT_READDATA, &UploadData); - curl_easy_setopt(conn, CURLOPT_READFUNCTION, UploadReadFunc); - + if (AllowSelfSign == TRUE){ + curl_easy_setopt(conn, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(conn, CURLOPT_SSL_VERIFYHOST, 0L); } conncode = (curl_easy_perform(conn)); @@ -3463,7 +3491,6 @@ wxString CardDAV::GetDefaultAddressBookURL(){ *ServerResult = TRUE; AuthPassed = TRUE; SSLStatus = TRUE; - return wxT(""); } else { @@ -3471,6 +3498,7 @@ wxString CardDAV::GetDefaultAddressBookURL(){ curl_easy_strerror(conncode)); *ServerResult = FALSE; + ValidResponse = FALSE; curl_easy_getinfo(conn, CURLINFO_RESPONSE_CODE, &HTTPErrorCode); @@ -3520,12 +3548,18 @@ wxString CardDAV::GetDefaultAddressBookURL(){ fprintf(stderr, "curl_easy_perform() HTTP code was: %i\n", GetHTTPCode()); + + ValidResponse = FALSE; + return wxT(""); } else { fprintf(stderr, "curl_easy_perform() failed: %s\n", curl_easy_strerror(conncode)); + + ValidResponse = FALSE; + return wxT(""); } @@ -3605,7 +3639,7 @@ wxString CardDAV::GetDefaultAddressBookURL(){ if (ServerSSL){ - curl_easy_setopt(conn, CURLOPT_URL, (const char*)ServerAddressSSL.mb_str(wxConvUTF8)); + curl_easy_setopt(conn, CURLOPT_URL, (const char*)SAURLAddressURL.mb_str(wxConvUTF8)); curl_easy_setopt(conn, CURLOPT_NOPROGRESS, 1L); curl_easy_setopt(conn, CURLOPT_HTTPAUTH, CURLAUTH_ANYSAFE); curl_easy_setopt(conn, CURLOPT_TIMEOUT, 60); @@ -3616,15 +3650,14 @@ wxString CardDAV::GetDefaultAddressBookURL(){ curl_easy_setopt(conn, CURLOPT_WRITEDATA, &PageData); curl_easy_setopt(conn, CURLOPT_WRITEHEADER, &PageHeader); curl_easy_setopt(conn, CURLOPT_NOSIGNAL, 1); + curl_easy_setopt(conn, CURLOPT_CUSTOMREQUEST, "PROPFIND"); + curl_easy_setopt(conn, CURLOPT_POSTFIELDS, query3); + curl_easy_setopt(conn, CURLOPT_POSTFIELDSIZE, strlen(query3)); + curl_easy_setopt(conn, CURLOPT_HTTPHEADER, connhd3); - if (UploadMode == TRUE){ - - UploadData.readptr = &ServerUploadData; - UploadData.sizeleft = ServerUploadData.Len(); - curl_easy_setopt(conn, CURLOPT_UPLOAD, 1); - curl_easy_setopt(conn, CURLOPT_READDATA, &UploadData); - curl_easy_setopt(conn, CURLOPT_READFUNCTION, UploadReadFunc); - + if (AllowSelfSign == TRUE){ + curl_easy_setopt(conn, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(conn, CURLOPT_SSL_VERIFYHOST, 0L); } conncode = (curl_easy_perform(conn)); @@ -3634,7 +3667,6 @@ wxString CardDAV::GetDefaultAddressBookURL(){ *ServerResult = TRUE; AuthPassed = TRUE; SSLStatus = TRUE; - return wxT(""); } else { @@ -3642,6 +3674,7 @@ wxString CardDAV::GetDefaultAddressBookURL(){ curl_easy_strerror(conncode)); *ServerResult = FALSE; + ValidResponse = FALSE; curl_easy_getinfo(conn, CURLINFO_RESPONSE_CODE, &HTTPErrorCode); @@ -3691,12 +3724,18 @@ wxString CardDAV::GetDefaultAddressBookURL(){ fprintf(stderr, "curl_easy_perform() HTTP code was: %i\n", GetHTTPCode()); + + ValidResponse = FALSE; + return wxT(""); } else { fprintf(stderr, "curl_easy_perform() failed: %s\n", curl_easy_strerror(conncode)); + + ValidResponse = FALSE; + return wxT(""); } diff --git a/source/carddav/carddav.h b/source/carddav/carddav.h index aff2138..e38c614 100644 --- a/source/carddav/carddav.h +++ b/source/carddav/carddav.h @@ -51,7 +51,9 @@ class CardDAV bool SSLVerify(); bool AbleToLogin(); bool HasValidResponse(); - wxString GetResponseData(); + bool IsSelfSigned(); + wxString GetResponseData(); + void AllowSelfSignTest(bool AllowSelfSignIn); bool Connect(); bool ConnectThread(); void ProcessData(); @@ -117,6 +119,7 @@ class CardDAV static SSLCertCollection SSLCertCol; static wxString ErrorMessage; static wxString ErrorBufferMessage; + static bool AllowSelfSign; protected: static int SSLErrorCode; static int ConnectionErrorCode; -- 2.39.5