From 9b80dbb0d836e3d7efb65bbf2502261c3dd9fae8 Mon Sep 17 00:00:00 2001
From: Steve Brokenshire <sbrokenshire@xestia.co.uk>
Date: Sat, 28 May 2016 00:20:15 +0100
Subject: [PATCH] Check for certificate, build certificate and added
 verification check on Linux

---
 source/carddav/carddav-sslverify.cpp | 27 ++++++++++++++++++++++++---
 1 file changed, 24 insertions(+), 3 deletions(-)

diff --git a/source/carddav/carddav-sslverify.cpp b/source/carddav/carddav-sslverify.cpp
index 5d81bb3..c082a90 100644
--- a/source/carddav/carddav-sslverify.cpp
+++ b/source/carddav/carddav-sslverify.cpp
@@ -77,9 +77,25 @@ CURLcode CardDAV::SSLVerifyTest(){
 #if defined(__APPLE__) || defined(__WIN32__)
 		
 		SetConnectionObject(conn);
+	
+#else
+		
+		if (ServerAccount != ""){
+		
+			wxString ServerCertFilename = GetAccountDir(ServerAccount, TRUE);
+
+			if (wxFile::Exists(ServerCertFilename) == TRUE){
+		
+				curl_easy_setopt(conn, CURLOPT_SSL_VERIFYPEER, 1);
+				curl_easy_setopt(conn, CURLOPT_SSL_VERIFYHOST, 2);
+				curl_easy_setopt(conn, CURLOPT_CAINFO, (const char*)ServerCertFilename.mb_str(wxConvUTF8));
+		
+			}
+		
+		}
 
 #endif
-                
+		
 		conncode = (curl_easy_perform(conn));
 
 		// Check if the SSL certificate is valid or self-signed or some other
@@ -93,8 +109,13 @@ CURLcode CardDAV::SSLVerifyTest(){
 			
 #if !defined(__APPLE__) && !defined(__WIN32__)
 			
+			VerifyCertCollection = BuildSSLCollection(conn);
 
-		} else if (conncode == CURLE_SSL_CACERT || conncode == CURLE_SSL_CONNECT_ERROR){
+#endif
+			
+		} else if (conncode == CURLE_SSL_CACERT || 
+				conncode == CURLE_SSL_CONNECT_ERROR ||
+				conncode == CURLE_PEER_FAILED_VERIFICATION){
 
 			connssldata = curl_easy_init();
 
@@ -113,7 +134,7 @@ CURLcode CardDAV::SSLVerifyTest(){
 #if defined(__APPLE__) || defined(__WIN32__)
 			
                         SetConnectionObject(connssldata);
-
+			
 #endif
 			
 			CURLcode certfetchcode;
-- 
2.39.2