source/carddav/carddav-sslverify.cpp

   1 // carddav-sslverify.cpp - CardDAV Object - SSL verification subroutines.
   2 //
   3 // (c) 2012-2015 Xestia Software Development.
   4 //
   5 // This file is part of Xestia Address Book.
   6 //
   7 // Xestia Address Book is free software: you can redistribute it and/or modify
   8 // it under the terms of the GNU General Public License as published by the
   9 // Free Software Foundation, version 3 of the license.
  10 //
  11 // Xestia Address Book is distributed in the hope that it will be useful,
  12 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 // GNU General Public License for more details.
  15 //
  16 // You should have received a copy of the GNU General Public License along
  17 // with Xestia Address Book. If not, see <http://www.gnu.org/licenses/>
  18
  19 #include "carddav.h"
  20 #include "../version.h"
  21 #include <wx/wx.h>
  22 #include <wx/tokenzr.h>
  23 #include <wx/ffile.h>
  24 #include <libxml/parser.h>
  25 #include <libxml/tree.h>
  26 #include <map>
  27 #include <thread>
  28 #include "../vcard/vcard.h"
  29 #include "../common/dirs.h"
  30
  31 CURLcode CardDAV::SSLVerifyTest(){
  32
  33         PageData.Clear();
  34         PageHeader.Clear();
  35
  36         SSLStatus = TRUE;
  37         AuthPassed = TRUE;
  38         AbortConnection = FALSE;
  39
  40         CURL *conn;
  41         CURL *connssldata;
  42         CURLcode conncode;
  43         wxString ServerAddressURL;
  44         wxString ServerAuth;
  45         wxString ServerAddressSSL;
  46         wxString ServerAddressNormal;
  47
  48         conn = curl_easy_init();
  49
  50         /*struct CardDAVCURLPasser {
  51
  52                 CardDAV *Data;
  53                 bool HeaderMode = TRUE;
  54
  55         } CardDAVHeader, CardDAVFooter;
  56
  57         CardDAVHeader.Data = this;
  58         CardDAVHeader.HeaderMode = TRUE;
  59
  60         CardDAVFooter.Data = this;
  61         CardDAVFooter.HeaderMode = FALSE;*/
  62
  63         wxString Data1;
  64         wxString Data2;
  65
  66         ServerAddressURL = ServerAddress + wxT(":") + wxString::Format(wxT("%i"), ServerPort) + wxT("/");
  67         ServerAddressSSL = wxT("https://") + ServerAddressURL;
  68
  69         if (ServerSSL){
  70
  71                 union {
  72                         struct curl_slist       *certdata;
  73                         struct curl_certinfo    *certinfo;
  74                 } ptr;
  75
  76                 ptr.certdata = NULL;
  77
  78                 // Setup two initial connections and attempt to get the certificate data.
  79
  80                 curl_easy_setopt(conn, CURLOPT_URL, (const char*)ServerAddressSSL.mb_str(wxConvUTF8));
  81                 curl_easy_setopt(conn, CURLOPT_CERTINFO, 1);
  82                 curl_easy_setopt(conn, CURLOPT_VERBOSE, 1L);
  83                 //curl_easy_setopt(conn, CURLOPT_SSL_VERIFYPEER, FALSE);
  84                 //curl_easy_setopt(conn, CURLOPT_SSL_VERIFYHOST, FALSE);
  85                 curl_easy_setopt(conn, CURLOPT_ERRORBUFFER, curlerrbuffer);
  86                 curl_easy_setopt(conn, CURLOPT_WRITEFUNCTION, WritebackFunc);
  87                 curl_easy_setopt(conn, CURLOPT_WRITEDATA, &PageData);
  88                 curl_easy_setopt(conn, CURLOPT_WRITEHEADER, &PageHeader);
  89
  90                 conncode = (curl_easy_perform(conn));
  91
  92                 // Check if the SSL certificate is valid or self-signed or some other
  93                 // error occured.
  94
  95                 if (conncode == CURLE_OK){
  96
  97                         // Connection is OK. Do nothing.
  98
  99                         *ServerResult = TRUE;
 100
 101                 } else if (conncode == CURLE_SSL_CACERT || conncode == CURLE_SSL_CONNECT_ERROR){
 102
 103                         connssldata = curl_easy_init();
 104
 105                         // Retry but get the certificates without peer/host verification.
 106
 107                         curl_easy_setopt(connssldata, CURLOPT_URL, (const char*)ServerAddressSSL.mb_str(wxConvUTF8));
 108                         curl_easy_setopt(connssldata, CURLOPT_CERTINFO, 1);
 109                         curl_easy_setopt(connssldata, CURLOPT_VERBOSE, 1L);
 110                         curl_easy_setopt(connssldata, CURLOPT_ERRORBUFFER, curlerrbuffer);
 111                         curl_easy_setopt(connssldata, CURLOPT_WRITEFUNCTION, WritebackFunc);
 112                         curl_easy_setopt(connssldata, CURLOPT_WRITEDATA, &PageData);
 113                         curl_easy_setopt(connssldata, CURLOPT_WRITEHEADER, &PageHeader);
 114                         curl_easy_setopt(connssldata, CURLOPT_SSL_VERIFYPEER, 0L);
 115                         curl_easy_setopt(connssldata, CURLOPT_SSL_VERIFYHOST, 0L);
 116
 117                         CURLcode certfetchcode;
 118
 119                         certfetchcode = (curl_easy_perform(connssldata));
 120
 121                         VerifyCertCollection = BuildSSLCollection(connssldata);
 122
 123                         if (certfetchcode == CURLE_OK){
 124
 125                                 curl_easy_getinfo(connssldata, CURLINFO_CERTINFO, &ptr.certdata);
 126
 127                                 VerifyCertCollection = BuildSSLCollection(connssldata);
 128
 129                         } else {
 130
 131                                 conncode = certfetchcode;
 132
 133                         }
 134
 135                         *ServerResult = FALSE;
 136
 137                 } else {
 138
 139                         fprintf(stderr, "curl_easy_perform() failed: %s\n",
 140                                 curl_easy_strerror(conncode));
 141
 142                         ErrorMessage = wxString::Format(wxT("%s"), curl_easy_strerror(conncode));
 143
 144                         *ServerResult = FALSE;
 145
 146                 }
 147
 148         }
 149
 150         curl_easy_cleanup(conn);
 151
 152         return conncode;
 153
 154 }