annotate ui/sslconnection_curl.cpp @ 1318:45082ec23e76

(issue166) Only acticate removal if all selected certificates can be remvoed
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 13 Oct 2014 17:41:55 +0200
parents 0eb723242536
children
rev   line source
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
2 * Software engineering by Intevation GmbH
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
3 *
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
6 * See LICENSE.txt for details.
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
7 */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
8
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
9 #include "sslconnection_curl.h"
1058
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
10 #include "logging.h"
999
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
11
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
12 #include <polarssl/ssl.h>
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
13 #include <QSaveFile>
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
14
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
15 SSLConnectionCurl::SSLConnectionCurl(const QString& url,
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
16 const QByteArray& certificate):
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
17 SSLConnection (url, certificate),
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
18 mCurl (NULL)
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
19 {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
20 curl_global_init(CURL_GLOBAL_DEFAULT);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
21 mCurl = curl_easy_init();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
22
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
23 if (!mCurl) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
24 qDebug() << "Failed to initialize curl";
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
25 return;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
26 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
27
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
28 if (curl_easy_setopt(mCurl, CURLOPT_SSL_VERIFYPEER, 1L) != CURLE_OK) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
29 /* Should be default anyway */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
30 qDebug() << "Setting verifypeer failed";
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
31 return;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
32 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
33
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
34 if (curl_easy_setopt(mCurl, CURLOPT_ERRORBUFFER, mErrBuf) != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
35 qDebug() << "Setting errorbuf failed";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
36 return;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
37 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
38
999
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
39 if (curl_easy_setopt(mCurl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2) != CURLE_OK) {
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
40 qDebug() << "Setting ssl version failed.";
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
41 return;
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
42 }
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
43
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
44 mCertFile.open();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
45 if (mCertFile.write(mPinnedCert) != mPinnedCert.size()) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
46 qDebug() << "Failed to write temporary certificate";
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
47 return;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
48 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
49 mCertFile.close();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
50
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
51 if (curl_easy_setopt(mCurl, CURLOPT_CAINFO,
1156
e986d3d4705f (issue36) Use local8bit for pinned certificate file names.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1088
diff changeset
52 mCertFile.fileName().toLocal8Bit().constData()) != CURLE_OK) {
999
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
53 qDebug() << "Failed to set ca certificate";
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
54 return;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
55 }
991
6a3d284b9c16 Delegate certificate loading to base class. Minor cleanups.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 956
diff changeset
56
999
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
57 /* If the build fails here maybe you probably forgot to apply the
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
58 * trustbridge patches to curl */
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
59 if (curl_easy_setopt(mCurl, CURLOPT_PEERCERT,
1156
e986d3d4705f (issue36) Use local8bit for pinned certificate file names.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1088
diff changeset
60 mCertFile.fileName().toLocal8Bit().constData()) != CURLE_OK) {
999
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
61 qDebug() << "Failed set peer certificate.";
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
62 return;
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
63 }
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
64 mInitialized = true;
1058
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
65 if (g_debug) {
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
66 curl_easy_setopt(mCurl, CURLOPT_VERBOSE, 1L);
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
67 }
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
68 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
69
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
70 SSLConnectionCurl::~SSLConnectionCurl() {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
71 if (mCurl) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
72 curl_easy_cleanup (mCurl);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
73 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
74 if (mInitialized) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
75 mCertFile.close();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
76 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
77 curl_global_cleanup();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
78 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
79
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
80 int SSLConnectionCurl::connect() {
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
81 CURLcode retval;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
82
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
83 if (curl_easy_setopt(mCurl, CURLOPT_URL, mUrl.toEncoded().constData()) != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
84 qDebug() << "Failed to set URL";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
85 return -1;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
86 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
87
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
88 if (curl_easy_setopt(mCurl, CURLOPT_CONNECT_ONLY, 1L) != CURLE_OK) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
89 qDebug() << "Failed to set connect only option";
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
90 return -1;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
91 }
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
92 retval = curl_easy_perform(mCurl);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
93 if (retval != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
94 qDebug() << "Failed to connect: " << mErrBuf << " retval: " << retval;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
95 if (retval == CURLE_PEER_FAILED_VERIFICATION) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
96 mErrorState = InvalidCertificate;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
97 return -1;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
98 }
999
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
99 if (retval == CURLE_SSL_CONNECT_ERROR) {
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
100 mErrorState = SSLHandshakeFailed;
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
101 return -1;
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
102 }
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
103
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
104 mErrorState = NoConnection;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
105 return -1;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
106 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
107 mConnected = true;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
108 return 0;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
109 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
110
991
6a3d284b9c16 Delegate certificate loading to base class. Minor cleanups.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 956
diff changeset
111 /* Globally do this as we can't pass "this" (the ptr) to the c function */
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
112 size_t ssl_curl_max_write, ssl_curl_written;
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
113
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
114 size_t write_data(void *ptr, size_t size, size_t nmemb,
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
115 QSaveFile *fp)
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
116 {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
117 if (ssl_curl_max_write < ssl_curl_written) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
118 qDebug() << "Aborting write. Too much data.";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
119 return 0;
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
120 }
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
121 size_t written = fp->write((const char *)ptr, size * nmemb);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
122 if (written != size * nmemb) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
123 qDebug() << "Failed to write data. Written: " << written
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
124 << " requested: " << size * nmemb;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
125 return 0;
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
126 }
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
127 ssl_curl_written += written;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
128 return written;
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
129 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
130
1058
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
131 size_t debug_write(void *ptr, size_t size, size_t nmemb,
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
132 void *unused)
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
133 {
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
134 Q_UNUSED(unused);
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
135
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
136 qDebug() << QString::fromUtf8((const char *)ptr, size * nmemb);
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
137 return size *nmemb;
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
138 }
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
139
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
140 bool SSLConnectionCurl::downloadFile(const QString &resource,
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
141 const QString &fileName,
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
142 size_t maxSize)
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
143 {
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
144 ssl_curl_written = 0;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
145 ssl_curl_max_write = maxSize;
991
6a3d284b9c16 Delegate certificate loading to base class. Minor cleanups.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 956
diff changeset
146 QSaveFile outputFile(fileName);
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
147 // Open / Create the file to write to.
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
148 if (!outputFile.open(QIODevice::WriteOnly)) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
149 qDebug() << "Failed to open file";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
150 return false;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
151 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
152 QUrl urlCopy = mUrl;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
153 urlCopy.setPath(resource);
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
154
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
155 if (curl_easy_setopt(mCurl, CURLOPT_URL, urlCopy.toEncoded().constData()) != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
156 qDebug() << "Failed to set URL";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
157 return false;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
158 }
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
159
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
160 if (curl_easy_setopt(mCurl, CURLOPT_CONNECT_ONLY, 0L) != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
161 qDebug() << "Failed to set connect";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
162 return false;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
163 }
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
164
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
165 if (curl_easy_setopt(mCurl, CURLOPT_HEADER, 0L) != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
166 qDebug() << "Failed to set header";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
167 return false;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
168 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
169
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
170 if (curl_easy_setopt(mCurl, CURLOPT_NOBODY, 0L) != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
171 qDebug() << "Failed to set no body";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
172 return false;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
173 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
174
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
175 if (curl_easy_setopt(mCurl, CURLOPT_WRITEFUNCTION, write_data) != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
176 qDebug() << "Failed to set write function";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
177 return false;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
178 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
179
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
180 if (curl_easy_setopt(mCurl, CURLOPT_WRITEDATA, &outputFile) != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
181 qDebug() << "Failed to set write function";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
182 return false;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
183 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
184
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
185 if (curl_easy_perform (mCurl) != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
186 qDebug() << "Failed to perform download.";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
187 return false;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
188 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
189
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
190 if (!outputFile.commit()) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
191 qDebug() << "Failed to commit data to filesystem.";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
192 return false;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
193 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
194
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
195 return true;
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
196 }
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
197
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
198 QDateTime SSLConnectionCurl::getLastModifiedHeader(const QString &resource) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
199 QUrl urlCopy = mUrl;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
200 urlCopy.setPath(resource);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
201
1058
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
202 if (curl_easy_setopt(mCurl, CURLOPT_WRITEFUNCTION, debug_write) != CURLE_OK) {
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
203 qDebug() << "Failed to set write function";
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
204 return QDateTime();
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
205 }
fe2c6666b462 (issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1004
diff changeset
206
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
207 if (curl_easy_setopt(mCurl, CURLOPT_URL, urlCopy.toEncoded().constData()) != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
208 qDebug() << "Failed to set URL";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
209 return QDateTime();
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
210 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
211
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
212 if (curl_easy_setopt(mCurl, CURLOPT_CONNECT_ONLY, 0L) != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
213 qDebug() << "Failed to set connect";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
214 return QDateTime();
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
215 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
216
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
217 if (curl_easy_setopt(mCurl, CURLOPT_HEADER, 1L) != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
218 qDebug() << "Failed to set header";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
219 return QDateTime();
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
220 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
221
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
222 if (curl_easy_setopt(mCurl, CURLOPT_NOBODY, 1L) != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
223 qDebug() << "Failed to set no body";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
224 return QDateTime();
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
225 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
226
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
227 if (curl_easy_setopt(mCurl, CURLOPT_FILETIME, 1L) != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
228 qDebug() << "Failed to set filetime";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
229 return QDateTime();
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
230 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
231
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
232 if (curl_easy_perform (mCurl) != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
233 qDebug() << "Failed to perform last modified check.";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
234 return QDateTime();
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
235 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
236 long filetime = 0;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
237
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
238 if (curl_easy_getinfo (mCurl, CURLINFO_FILETIME, &filetime) != CURLE_OK) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
239 qDebug() << "Failed to get filetime";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
240 return QDateTime();
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
241 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
242
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
243 if (filetime == -1) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
244 qDebug() << "Invalid Time";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
245 return QDateTime();
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
246 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
247 return QDateTime::fromTime_t(filetime);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
248 }
956
879a634d0a40 (issue41) Add proxy support
Andre Heinecke <andre.heinecke@intevation.de>
parents: 942
diff changeset
249
879a634d0a40 (issue41) Add proxy support
Andre Heinecke <andre.heinecke@intevation.de>
parents: 942
diff changeset
250 void SSLConnectionCurl::setProxy(const QUrl& proxyUrl) {
879a634d0a40 (issue41) Add proxy support
Andre Heinecke <andre.heinecke@intevation.de>
parents: 942
diff changeset
251 if (curl_easy_setopt(mCurl, CURLOPT_PROXY, proxyUrl.toEncoded().constData()) != CURLE_OK) {
879a634d0a40 (issue41) Add proxy support
Andre Heinecke <andre.heinecke@intevation.de>
parents: 942
diff changeset
252 qDebug() << "Failed to set proxy";
879a634d0a40 (issue41) Add proxy support
Andre Heinecke <andre.heinecke@intevation.de>
parents: 942
diff changeset
253 return;
879a634d0a40 (issue41) Add proxy support
Andre Heinecke <andre.heinecke@intevation.de>
parents: 942
diff changeset
254 }
879a634d0a40 (issue41) Add proxy support
Andre Heinecke <andre.heinecke@intevation.de>
parents: 942
diff changeset
255 }
991
6a3d284b9c16 Delegate certificate loading to base class. Minor cleanups.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 956
diff changeset
256
6a3d284b9c16 Delegate certificate loading to base class. Minor cleanups.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 956
diff changeset
257 void SSLConnectionCurl::setCiphersuites(int ciphers[]) {
999
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
258 QStringList cipher_list;
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
259 for (int i = 0; ciphers[i] != 0; i++) {
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
260 cipher_list << ssl_get_ciphersuite_name(ciphers[i]);
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
261 }
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
262
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
263 if (curl_easy_setopt(mCurl, CURLOPT_SSL_CIPHER_LIST,
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
264 cipher_list.join(":").toLatin1().constData()) != CURLE_OK) {
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
265 qDebug() << "Failed to set cipher list";
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
266 return;
daa9448b64f5 (issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents: 991
diff changeset
267 }
991
6a3d284b9c16 Delegate certificate loading to base class. Minor cleanups.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 956
diff changeset
268 }

http://wald.intevation.org/projects/trustbridge/