From c2e0aabf7318858ae29dcf20fada8cf63e303818 Mon Sep 17 00:00:00 2001 From: Steve Brokenshire Date: Sun, 6 Mar 2016 19:49:23 +0000 Subject: [PATCH 1/1] Added code to verify the SSL connection when detecting the address book URL. --- source/frmEditAccount.cpp | 63 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/source/frmEditAccount.cpp b/source/frmEditAccount.cpp index d2e6b7b..5313dcd 100644 --- a/source/frmEditAccount.cpp +++ b/source/frmEditAccount.cpp @@ -17,6 +17,7 @@ // with Xestia Address Book. If not, see #include "frmEditAccount.h" +#include "frmInvalidSSLCertificate.h" #include "carddav/carddav.h" frmEditAccount::frmEditAccount( wxWindow* parent ) @@ -83,6 +84,68 @@ void frmEditAccount::DetectAddressBook( wxCommandEvent& event ) CDavObj.SetupConnection(txtAddress->GetValue(), (int)PortNum, txtUsername->GetValue(), txtPassword->GetValue(), UseSSL); + // Verify SSL trust first before doing anything. + + if (UseSSL == TRUE){ + + CURLcode sslcode = CDavObj.SSLVerifyTest(); + + if (sslcode == CURLE_OK){ + + + + } else if (sslcode == CURLE_SSL_CACERT || sslcode == CURLE_SSL_CONNECT_ERROR){ + + // Certificate is more than likely a self-signed or + // expired certificate so display the invalid + // SSL certificate message. + + // Setup the data to be sent in the wxPostEvent command. + + int SSLResult; + + frmInvalidSSLCertificate *frmICPtr = new frmInvalidSSLCertificate(this); + + frmICPtr->LoadDataNew(CDavObj.GetSSLVerifyResults(), txtAddress->GetValue()); + frmICPtr->ShowModal(); + + SSLResult = frmICPtr->GetResult(); + + // Clean up before processing response. + + delete frmICPtr; + frmICPtr = NULL; + + // Process the response from the user. + + if (SSLResult == 1){ + + // Accept the Certificate. + + CDavObj.AllowSelfSignTest(TRUE); + + } else if (SSLResult == 2){ + + // Reject the certificate, abort the task and mark as failed. + + wxMessageBox(_("An error occured whilst connnecting: ") + CDavObj.GetErrorMessage() + wxString::Format(wxT(" (%i)\n%s"), sslcode, CDavObj.GetErrorBuffer().mb_str()), _("Failed"), wxOK+wxICON_ERROR); + return; + + } + + + } else { + + // Something else happened. Stop the process and + // display an error message instead. + + wxMessageBox(_("An error occured whilst connnecting: ") + CDavObj.GetErrorMessage() + wxString::Format(wxT(" (%i)\n%s"), sslcode, CDavObj.GetErrorBuffer().mb_str()), _("Failed"), wxOK+wxICON_ERROR); + return; + + } + + } + // Attempt to extract the CardDAV address. wxString ABURL = CDavObj.GetDefaultAddressBookURL(); -- 2.39.2