CardDAV: Set CURLOPT_SSL_VERIFYSTATUS to 0 when using certificate file

[xestiaab/.git] / source / carddav2 / carddav2.cpp

diff --git a/source/carddav2/carddav2.cpp b/source/carddav2/carddav2.cpp
index 1fba140..dd70bab 100644 (file)
--- a/source/carddav2/carddav2.cpp
+++ b/source/carddav2/carddav2.cpp
@@ -167,13 +167,13 @@ SSLCertCollectionString CardDAV2::BuildSSLCollection(){
 
        certptr.certdata = NULL;
        
-       curl_easy_getinfo(ConnectionSession, CURLINFO_CERTINFO, &certptr.certinfo);
-
+       CURLcode result = curl_easy_getinfo(ConnectionSession, CURLINFO_CERTINFO, &certptr.certinfo);
+       
        std::string CertPropName;
        std::string CertPropValue;
-
+       
        for (int i = 0; i < certptr.certinfo->num_of_certs; i++){
-
+               
                struct curl_slist *slist;
                SSLCertDataString SSLCertDataInc;
                
@@ -231,7 +231,7 @@ COConnectResult CardDAV2::Connect(bool DoAuthentication){
        
        COConnectResult ConnectResult = COCONNECT_UNITTESTFAIL;
        string ServerAddressURL = BuildURL("/principals/");
-
+       
        curl_easy_setopt(ConnectionSession, CURLOPT_URL, ServerAddressURL.c_str());
        
        if (TestMode == true){
@@ -247,6 +247,7 @@ COConnectResult CardDAV2::Connect(bool DoAuthentication){
                        SSLVerified = COSSL_VERIFIED;
                        ConnectResult = COCONNECT_OK;
                        break;
+               case CURLE_SSL_INVALIDCERTSTATUS:
                case CURLE_SSL_CACERT:
                case CURLE_SSL_CONNECT_ERROR:
                        SSLStatus = true;
@@ -1268,8 +1269,6 @@ COContactList CardDAV2::GetContactList(std::string SyncToken){
        
        std::string SyncData;
        
-       // TODO: Copy old code from CardDAV class as needed.
-       
        if (SyncToken.size() > 0){
                
                SyncData = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n"
@@ -1453,6 +1452,7 @@ void CardDAV2::SetupDefaultParametersSSL(bool DoAuthentication){
        
        curl_easy_setopt(ConnectionSession, CURLOPT_URL, ServerAddressURL.c_str());
        curl_easy_setopt(ConnectionSession, CURLOPT_NOPROGRESS, 1L);
+       curl_easy_setopt(ConnectionSession, CURLOPT_CERTINFO, 1L);
        curl_easy_setopt(ConnectionSession, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST|CURLAUTH_BASIC);
        curl_easy_setopt(ConnectionSession, CURLOPT_TIMEOUT, 60);
        curl_easy_setopt(ConnectionSession, CURLOPT_FAILONERROR, 0L);
@@ -1461,9 +1461,6 @@ void CardDAV2::SetupDefaultParametersSSL(bool DoAuthentication){
        curl_easy_setopt(ConnectionSession, CURLOPT_WRITEDATA, &PageDataObject);
        curl_easy_setopt(ConnectionSession, CURLOPT_WRITEHEADER, &PageHeaderObject);
        curl_easy_setopt(ConnectionSession, CURLOPT_ERRORBUFFER, SessionErrorBuffer);
-       //curl_easy_setopt(ConnectionSession, CURLOPT_NOSIGNAL, 1L);
-       curl_easy_setopt(ConnectionSession, CURLOPT_CERTINFO, 1L);
-       //curl_easy_setopt(ConnectionSession, CURLOPT_VERBOSE, 2L);
        curl_easy_setopt(ConnectionSession, CURLOPT_CUSTOMREQUEST, "GET");
        curl_easy_setopt(ConnectionSession, CURLOPT_HTTPHEADER, nullptr);
        curl_easy_setopt(ConnectionSession, CURLOPT_POSTFIELDS, nullptr);
@@ -1494,9 +1491,12 @@ void CardDAV2::SetupDefaultParametersSSL(bool DoAuthentication){
                string CertificateFilename = GetAccountDir(ServerAccount, true);
                
                if (wxFile::Exists(CertificateFilename)){
-                       
+               
                        curl_easy_setopt(ConnectionSession, CURLOPT_CAINFO, CertificateFilename.c_str());
                        
+                       // Force CURLOPT_SSL_VERIFYSTATUS to 0.
+                       curl_easy_setopt(ConnectionSession, CURLOPT_SSL_VERIFYSTATUS, 0L);
+                       
                }
                
        }
@@ -1509,7 +1509,7 @@ string CardDAV2::BuildURL(string URI){
        
        string ServerAddressURL;
        
-       if (SSLStatus == true){
+       if (ServerSSL == true){
                ServerAddressURL = "https://" + ServerAddress + ":" + to_string(ServerPort) + URI;      
        } else {
                ServerAddressURL = "http://" + ServerAddress + ":" + to_string(ServerPort) + URI;