Not Logged In | Login | Register
Home | News | Projects | Releases
Bugs | RFE | Repositories | Help
projects / xestiaab / .git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
CardDAV: Set CURLOPT_SSL_VERIFYSTATUS to 0 when using certificate file
[xestiaab/.git] / source / carddav2 / carddav2.cpp
diff --git a/source/carddav2/carddav2.cpp b/source/carddav2/carddav2.cpp
index 536afac..dd70bab 100644 (file)
--- a/source/carddav2/carddav2.cpp
+++ b/source/carddav2/carddav2.cpp
@@ -18,64 +18,100 @@
 
 #include "carddav2.h"
 
-#include <iostream>
-
 using namespace std;
 
+CardDAV2::CardDAV2(string ServerAddress, int ServerPort, string ServerUser, string ServerPass, bool ServerSSL){
+
+       this->ServerAddress = ServerAddress;
+       this->ServerPort = ServerPort;
+       this->ServerUser = ServerUser;
+       this->ServerPass = ServerPass;
+       this->ServerSSL = ServerSSL;
+
+       TestMode = true;
+       this->SetupConnectionObject();
+
+}
+
+CardDAV2::CardDAV2(string ServerAddress, int ServerPort, string ServerUser, string ServerPass, bool ServerSSL, string ServerPrefix, string ServerAccount){
+
+       this->ServerAddress = ServerAddress;
+       this->ServerPort = ServerPort;
+       this->ServerUser = ServerUser;
+       this->ServerPass = ServerPass;
+       this->ServerSSL = ServerSSL;
+       this->ServerPrefix = ServerPrefix;
+       this->ServerAccount = ServerAccount;
+
+
+       TestMode = false;
+       this->SetupConnectionObject();
+
+}
+
 size_t CardDAV2::WritebackFunc(char *ptr, size_t size, size_t nmemb, void *stream){
-       
-       return static_cast<CardDAV2*>(stream)->WritebackFuncImplementation(ptr, size, nmemb, stream);
+
+       return static_cast<CardDAV2PassObject*>(stream)->CardDAV2Object->WritebackFuncImplementation(ptr, size, nmemb, stream);
        
 }
-       
+
 size_t CardDAV2::WritebackFuncImplementation(char *ptr, size_t size, size_t nmemb, void *stream){
        
        // Writeback function for the CardDAV object.
                
-       string *data = static_cast<string*>(stream);
-       data->append(ptr);
+       CardDAV2PassObject *data = static_cast<CardDAV2PassObject*>(stream);
+       data->DataSetting->append(ptr);
        
        // Get the SSL engine pointer and trust if required on certain operating systems.
-       
-       if (ServerSSL){
-       
+
+       if (data->ServerUsingSSL == true) {
+
 #if defined(__APPLE__)
-       
+
                const struct curl_tlssessioninfo *TLSInfo;
                CURLcode TLSCode;
-               CURL *Connection = GetConnectionObject();
-               TLSCode = curl_easy_getinfo(Connection, CURLINFO_TLS_SSL_PTR, &TLSInfo);
-       
-               if (TLSInfo->internals != nullptr && TLSCode == CURLE_OK){
-                       SSLCopyPeerTrust((SSLContext*)TLSInfo->internals, &SecTrustObject);
+               TLSCode = curl_easy_getinfo(data->ConnectionSessionObject, CURLINFO_TLS_SSL_PTR, &TLSInfo);
+
+               SecTrustRef CertificateData;
+               
+               if (TLSInfo->internals != nullptr && TLSCode == CURLE_OK) {
+                       SSLCopyPeerTrust((SSLContext*)TLSInfo->internals, &CertificateData);
+                       data->SSLContext = CertificateData;
                }
-       
+
 #elif defined(__WIN32__)
 
                const struct curl_tlssessioninfo *TLSInfo;
                CURLcode TLSCode;
-               CURL *Connection = GetConnectionObject();
-               TLSCode = curl_easy_getinfo(Connection, CURLINFO_TLS_SSL_PTR, &TLSInfo);
+               TLSCode = curl_easy_getinfo(data->ConnectionSessionObject, CURLINFO_TLS_SSL_PTR, &TLSInfo);
 
-               if (TLSInfo->internals != nullptr && TLSCode == CURLE_OK){
+               if (TLSInfo->internals != nullptr && TLSCode == CURLE_OK) {
 
                        // Free the previous certificate data.
 
-                       CertFreeCertificateContext(CertificateData);
+                       //CertFreeCertificateContext(CertificateData);
+
+                       PCCERT_CONTEXT CertificateData;
 
                        PCtxtHandle SSLHandle = (PCtxtHandle)TLSInfo->internals;
                        SECURITY_STATUS GetData = QueryContextAttributes(SSLHandle, SECPKG_ATTR_REMOTE_CERT_CONTEXT, &CertificateData);
 
+                       data->SSLContext = CertificateData;
+
                }
 
 #endif
 
        }
-       
+
        return size * nmemb;
 
 }
 
+void CardDAV2::SetCertificateData() {
+
+}
+
 CardDAV2::~CardDAV2(){
        
        curl_easy_cleanup(ConnectionSession);
@@ -85,13 +121,35 @@ CardDAV2::~CardDAV2(){
                curl_slist_free_all(HeaderList);
                HeaderList = nullptr;
        }
+
+#if defined(__WIN32__)
+
+       if (CertificateData != nullptr) {
+
+               CertFreeCertificateContext(CertificateData);
+
+       }
+
+#endif
        
 }
 
 #if defined(__APPLE__)
 
+SecTrustRef CardDAV2::BuildSSLCollection(){
+       
+       return CertificateData;
+       
+}
+
 #elif defined(__WIN32__)
 
+PCCERT_CONTEXT CardDAV2::BuildSSLCollection(){
+
+       return CertificateData;
+
+}
+
 #else
 
 SSLCertCollectionString CardDAV2::BuildSSLCollection(){
@@ -109,13 +167,13 @@ SSLCertCollectionString CardDAV2::BuildSSLCollection(){
 
        certptr.certdata = NULL;
        
-       curl_easy_getinfo(ConnectionSession, CURLINFO_CERTINFO, &certptr.certinfo);
-
+       CURLcode result = curl_easy_getinfo(ConnectionSession, CURLINFO_CERTINFO, &certptr.certinfo);
+       
        std::string CertPropName;
        std::string CertPropValue;
-
+       
        for (int i = 0; i < certptr.certinfo->num_of_certs; i++){
-
+               
                struct curl_slist *slist;
                SSLCertDataString SSLCertDataInc;
                
@@ -151,13 +209,13 @@ SSLCertCollectionString CardDAV2::BuildSSLCollection(){
 
 }
 
-void CardDAV2::BypassSSLVerification(bool EnableBypass){
+#endif
+
+void CardDAV2::BypassSSLVerification(bool EnableBypass) {
        EnableSSLBypass = EnableBypass;
        SSLSelfSigned = EnableBypass;
 }
 
-#endif
-
 void CardDAV2::SetupConnectionObject(){
        ConnectionSession = curl_easy_init();
 }
@@ -173,7 +231,7 @@ COConnectResult CardDAV2::Connect(bool DoAuthentication){
        
        COConnectResult ConnectResult = COCONNECT_UNITTESTFAIL;
        string ServerAddressURL = BuildURL("/principals/");
-
+       
        curl_easy_setopt(ConnectionSession, CURLOPT_URL, ServerAddressURL.c_str());
        
        if (TestMode == true){
@@ -189,6 +247,7 @@ COConnectResult CardDAV2::Connect(bool DoAuthentication){
                        SSLVerified = COSSL_VERIFIED;
                        ConnectResult = COCONNECT_OK;
                        break;
+               case CURLE_SSL_INVALIDCERTSTATUS:
                case CURLE_SSL_CACERT:
                case CURLE_SSL_CONNECT_ERROR:
                        SSLStatus = true;
@@ -200,6 +259,26 @@ COConnectResult CardDAV2::Connect(bool DoAuthentication){
                        break;
        };
        
+       // Set the certificate data (if required).
+
+#if defined(__APPLE__)
+       
+       if (ServerSSL) {
+               
+               CertificateData = PageHeaderObject.SSLContext;
+               
+       }
+       
+#elif defined(__WIN32__)
+
+       if (ServerSSL) {
+
+               CertificateData = PageHeaderObject.SSLContext;
+
+       }
+
+#endif
+
        // Check if an error occured before continuing.
        
        // Check if authentication was successful.
@@ -1190,8 +1269,6 @@ COContactList CardDAV2::GetContactList(std::string SyncToken){
        
        std::string SyncData;
        
-       // TODO: Copy old code from CardDAV class as needed.
-       
        if (SyncToken.size() > 0){
                
                SyncData = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n"
@@ -1221,8 +1298,6 @@ COContactList CardDAV2::GetContactList(std::string SyncToken){
        
        string ServerAddressURL = BuildURL(ServerPrefix);
        
-       std::cout << SyncData << std::endl;
-       
        curl_easy_setopt(ConnectionSession, CURLOPT_URL, ServerAddressURL.c_str());
        curl_easy_setopt(ConnectionSession, CURLOPT_POSTFIELDS, SyncData.c_str());
        curl_easy_setopt(ConnectionSession, CURLOPT_POSTFIELDSIZE, strlen(SyncData.c_str()));
@@ -1324,26 +1399,36 @@ void CardDAV2::SetupDefaultParametersNonSSL(bool DoAuthentication){
 
        string ServerAddressURL = "http://" + ServerAddress + ":" + to_string(ServerPort) + "/";
        string UsernamePassword = ServerUser + ":" + ServerPass;
+
+       PageDataObject.CardDAV2Object = this;
+       PageDataObject.ConnectionSessionObject = ConnectionSession;
+       PageDataObject.DataSetting = &PageData;
+       PageDataObject.ServerUsingSSL = false;
+
+       PageHeaderObject.CardDAV2Object = this;
+       PageHeaderObject.ConnectionSessionObject = ConnectionSession;
+       PageHeaderObject.DataSetting = &PageHeader;
+       PageHeaderObject.ServerUsingSSL = false;
        
        curl_easy_setopt(ConnectionSession, CURLOPT_URL, ServerAddress.c_str());
        curl_easy_setopt(ConnectionSession, CURLOPT_NOPROGRESS, 1L);
-       curl_easy_setopt(ConnectionSession, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
+       curl_easy_setopt(ConnectionSession, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST|CURLAUTH_BASIC);
        curl_easy_setopt(ConnectionSession, CURLOPT_TIMEOUT, 60);
        curl_easy_setopt(ConnectionSession, CURLOPT_FAILONERROR, true);
        curl_easy_setopt(ConnectionSession, CURLOPT_USERAGENT, XSDAB_USERAGENT);
        curl_easy_setopt(ConnectionSession, CURLOPT_WRITEFUNCTION, CardDAV2::WritebackFunc);
-       curl_easy_setopt(ConnectionSession, CURLOPT_WRITEDATA, &PageData);
-       curl_easy_setopt(ConnectionSession, CURLOPT_WRITEHEADER, &PageHeader);
-       curl_easy_setopt(ConnectionSession, CURLOPT_NOSIGNAL, 1);
+       curl_easy_setopt(ConnectionSession, CURLOPT_WRITEDATA, &PageDataObject);
+       curl_easy_setopt(ConnectionSession, CURLOPT_WRITEHEADER, &PageHeaderObject);
+       curl_easy_setopt(ConnectionSession, CURLOPT_NOSIGNAL, 1L);
        curl_easy_setopt(ConnectionSession, CURLOPT_CUSTOMREQUEST, "GET");
        curl_easy_setopt(ConnectionSession, CURLOPT_HTTPHEADER, nullptr);
        curl_easy_setopt(ConnectionSession, CURLOPT_POSTFIELDS, nullptr);
        curl_easy_setopt(ConnectionSession, CURLOPT_POSTFIELDSIZE, 0L);
-       
+
        if (DoAuthentication == true){
                curl_easy_setopt(ConnectionSession, CURLOPT_USERPWD, UsernamePassword.c_str());
        } else {
-               curl_easy_setopt(ConnectionSession, CURLOPT_USERPWD, ":");              
+               curl_easy_setopt(ConnectionSession, CURLOPT_USERPWD, NULL);             
        }
        
 }
@@ -1354,39 +1439,51 @@ void CardDAV2::SetupDefaultParametersSSL(bool DoAuthentication){
        
        string ServerAddressURL = "https://" + ServerAddress + ":" + to_string(ServerPort) + "/";
        string UsernamePassword = ServerUser + ":" + ServerPass;
+
+       PageDataObject.CardDAV2Object = this;
+       PageDataObject.ConnectionSessionObject = ConnectionSession;
+       PageDataObject.DataSetting = &PageData;
+       PageDataObject.ServerUsingSSL = true;
+
+       PageHeaderObject.CardDAV2Object = this;
+       PageHeaderObject.ConnectionSessionObject = ConnectionSession;
+       PageHeaderObject.DataSetting = &PageHeader;
+       PageHeaderObject.ServerUsingSSL = true;
        
        curl_easy_setopt(ConnectionSession, CURLOPT_URL, ServerAddressURL.c_str());
        curl_easy_setopt(ConnectionSession, CURLOPT_NOPROGRESS, 1L);
-       curl_easy_setopt(ConnectionSession, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
+       curl_easy_setopt(ConnectionSession, CURLOPT_CERTINFO, 1L);
+       curl_easy_setopt(ConnectionSession, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST|CURLAUTH_BASIC);
        curl_easy_setopt(ConnectionSession, CURLOPT_TIMEOUT, 60);
-       curl_easy_setopt(ConnectionSession, CURLOPT_FAILONERROR, true);
+       curl_easy_setopt(ConnectionSession, CURLOPT_FAILONERROR, 0L);
        curl_easy_setopt(ConnectionSession, CURLOPT_USERAGENT, XSDAB_USERAGENT);
        curl_easy_setopt(ConnectionSession, CURLOPT_WRITEFUNCTION, CardDAV2::WritebackFunc);
-       curl_easy_setopt(ConnectionSession, CURLOPT_WRITEDATA, &PageData);
-       curl_easy_setopt(ConnectionSession, CURLOPT_WRITEHEADER, &PageHeader);
+       curl_easy_setopt(ConnectionSession, CURLOPT_WRITEDATA, &PageDataObject);
+       curl_easy_setopt(ConnectionSession, CURLOPT_WRITEHEADER, &PageHeaderObject);
        curl_easy_setopt(ConnectionSession, CURLOPT_ERRORBUFFER, SessionErrorBuffer);
-       curl_easy_setopt(ConnectionSession, CURLOPT_NOSIGNAL, 1);
-       curl_easy_setopt(ConnectionSession, CURLOPT_CERTINFO, 1);
-       curl_easy_setopt(ConnectionSession, CURLOPT_VERBOSE, 1);
        curl_easy_setopt(ConnectionSession, CURLOPT_CUSTOMREQUEST, "GET");
        curl_easy_setopt(ConnectionSession, CURLOPT_HTTPHEADER, nullptr);
        curl_easy_setopt(ConnectionSession, CURLOPT_POSTFIELDS, nullptr);
        curl_easy_setopt(ConnectionSession, CURLOPT_POSTFIELDSIZE, 0L);
-       
+
        if (DoAuthentication == true){
                curl_easy_setopt(ConnectionSession, CURLOPT_USERPWD, UsernamePassword.c_str());
        } else {
-               curl_easy_setopt(ConnectionSession, CURLOPT_USERPWD, ":");              
+               curl_easy_setopt(ConnectionSession, CURLOPT_USERPWD, NULL);             
        }
        
        if (EnableSSLBypass == true){
-               curl_easy_setopt(ConnectionSession, CURLOPT_SSL_VERIFYHOST, 0);
-               curl_easy_setopt(ConnectionSession, CURLOPT_SSL_VERIFYPEER, 0);
+               curl_easy_setopt(ConnectionSession, CURLOPT_SSL_VERIFYHOST, 0L);
+               curl_easy_setopt(ConnectionSession, CURLOPT_SSL_VERIFYPEER, 0L);
+               curl_easy_setopt(ConnectionSession, CURLOPT_SSL_VERIFYSTATUS, 0L);
        } else {
-               curl_easy_setopt(ConnectionSession, CURLOPT_SSL_VERIFYHOST, 2);
-               curl_easy_setopt(ConnectionSession, CURLOPT_SSL_VERIFYPEER, 1);         
+               curl_easy_setopt(ConnectionSession, CURLOPT_SSL_VERIFYHOST, 2L);
+               curl_easy_setopt(ConnectionSession, CURLOPT_SSL_VERIFYPEER, 1L);
+               curl_easy_setopt(ConnectionSession, CURLOPT_SSL_VERIFYSTATUS, 1L);
        }
        
+#if !defined(__APPLE__) || defined(__WIN32__)
+       
        if (TestMode == false && ServerAccount.size() > 0){
                
                // Check if the server certificate file exists.
@@ -1394,12 +1491,17 @@ void CardDAV2::SetupDefaultParametersSSL(bool DoAuthentication){
                string CertificateFilename = GetAccountDir(ServerAccount, true);
                
                if (wxFile::Exists(CertificateFilename)){
-                       
+               
                        curl_easy_setopt(ConnectionSession, CURLOPT_CAINFO, CertificateFilename.c_str());
                        
+                       // Force CURLOPT_SSL_VERIFYSTATUS to 0.
+                       curl_easy_setopt(ConnectionSession, CURLOPT_SSL_VERIFYSTATUS, 0L);
+                       
                }
                
        }
+
+#endif
        
 }
 
@@ -1407,10 +1509,10 @@ string CardDAV2::BuildURL(string URI){
        
        string ServerAddressURL;
        
-       if (SSLStatus == true){
+       if (ServerSSL == true){
                ServerAddressURL = "https://" + ServerAddress + ":" + to_string(ServerPort) + URI;      
        } else {
-               ServerAddressURL = "https://" + ServerAddress + ":" + to_string(ServerPort) + URI;
+               ServerAddressURL = "http://" + ServerAddress + ":" + to_string(ServerPort) + URI;
        }
        
        return ServerAddressURL;
@@ -1435,6 +1537,7 @@ void CardDAV2::ResetResults(){
        TaskCompleted = false;
        ErrorMessage = "";
        SessionErrorBuffer[0] = '\0';
+       SessionResult = CURLE_OK;
        PageData = "";
        PageHeader = "";
        if (HeaderList != nullptr){
@@ -1909,4 +2012,4 @@ void CardDAV2::ProcessContactData(COContactList *ContactList){
 
        return;
        
-}
\ No newline at end of file
+}
Xestia Address Book
Xestia Software Development
Yn Maystri
© 2006 - 2019 Xestia Software Development
Software

Xestia Address Book
Xestia Calendar
Development

Xestia Gelforn
Everything else

About
News
Privacy Policy