trustbridge: ui/sslconnection_curl.cpp comparison

comparison ui/sslconnection_curl.cpp @ 1088:508c96e72f62

(issue124) Switch server URL and remove some RELEASE_BUILD options As the test server speaks ECDSA we do not need so much #ifndef RELEASE_BUILD options anymore.

author	Andre Heinecke <andre.heinecke@intevation.de>
date	Fri, 12 Sep 2014 15:38:42 +0200
parents	fe2c6666b462
children	e986d3d4705f

comparison

equal deleted inserted replaced

-:7191addd8a53
+:508c96e72f62
 if (!mCurl) {
 qDebug() << "Failed to initialize curl";
 return;
 }
-#ifdef RELEASE_BUILD
 if (curl_easy_setopt(mCurl, CURLOPT_SSL_VERIFYPEER, 1L) != CURLE_OK) {
-#else
-/* For testing we do not have to trust the issuer. This should not
-* be dangerous as we pin the peer certificate directly. */
-if (curl_easy_setopt(mCurl, CURLOPT_SSL_VERIFYPEER, 0L) != CURLE_OK) {
-#endif
 /* Should be default anyway */
 qDebug() << "Setting verifypeer failed";
 return;
 }
-#ifdef RELEASE_BUILD
-if (curl_easy_setopt(mCurl, CURLOPT_SSL_VERIFYHOST, 1L) != CURLE_OK) {
-#else
-/* For testing we do not have to trust host. This should not
-* be dangerous as we pin the peer certificate directly. */
-if (curl_easy_setopt(mCurl, CURLOPT_SSL_VERIFYHOST, 0L) != CURLE_OK) {
-#endif
-/* Should be default anyway */
-qDebug() << "Setting verifypeer failed";
-return;
-}
 if (curl_easy_setopt(mCurl, CURLOPT_ERRORBUFFER, mErrBuf) != CURLE_OK) {
 qDebug() << "Setting errorbuf failed";
 return;
 }
-#ifdef RELEASE_BUILD
 if (curl_easy_setopt(mCurl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2) != CURLE_OK) {
 qDebug() << "Setting ssl version failed.";
 return;
 }
-#endif
 mCertFile.open();
 if (mCertFile.write(mPinnedCert) != mPinnedCert.size()) {
 qDebug() << "Failed to write temporary certificate";
 return;

Mercurial > trustbridge

comparison ui/sslconnection_curl.cpp @ 1088:508c96e72f62