Mercurial > trustbridge > trustbridge
comparison ui/sslconnection_curl.cpp @ 1088:508c96e72f62
(issue124) Switch server URL and remove some RELEASE_BUILD options
As the test server speaks ECDSA we do not need so much
#ifndef RELEASE_BUILD options anymore.
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Fri, 12 Sep 2014 15:38:42 +0200 |
| parents | fe2c6666b462 |
| children | e986d3d4705f |
comparison
equal
deleted
inserted
replaced
| 1087:7191addd8a53 | 1088:508c96e72f62 |
|---|---|
| 23 if (!mCurl) { | 23 if (!mCurl) { |
| 24 qDebug() << "Failed to initialize curl"; | 24 qDebug() << "Failed to initialize curl"; |
| 25 return; | 25 return; |
| 26 } | 26 } |
| 27 | 27 |
| 28 #ifdef RELEASE_BUILD | |
| 29 if (curl_easy_setopt(mCurl, CURLOPT_SSL_VERIFYPEER, 1L) != CURLE_OK) { | 28 if (curl_easy_setopt(mCurl, CURLOPT_SSL_VERIFYPEER, 1L) != CURLE_OK) { |
| 30 #else | |
| 31 /* For testing we do not have to trust the issuer. This should not | |
| 32 * be dangerous as we pin the peer certificate directly. */ | |
| 33 if (curl_easy_setopt(mCurl, CURLOPT_SSL_VERIFYPEER, 0L) != CURLE_OK) { | |
| 34 #endif | |
| 35 /* Should be default anyway */ | 29 /* Should be default anyway */ |
| 36 qDebug() << "Setting verifypeer failed"; | 30 qDebug() << "Setting verifypeer failed"; |
| 37 return; | 31 return; |
| 38 } | 32 } |
| 39 | 33 |
| 40 #ifdef RELEASE_BUILD | |
| 41 if (curl_easy_setopt(mCurl, CURLOPT_SSL_VERIFYHOST, 1L) != CURLE_OK) { | |
| 42 #else | |
| 43 /* For testing we do not have to trust host. This should not | |
| 44 * be dangerous as we pin the peer certificate directly. */ | |
| 45 if (curl_easy_setopt(mCurl, CURLOPT_SSL_VERIFYHOST, 0L) != CURLE_OK) { | |
| 46 #endif | |
| 47 /* Should be default anyway */ | |
| 48 qDebug() << "Setting verifypeer failed"; | |
| 49 return; | |
| 50 } | |
| 51 | |
| 52 if (curl_easy_setopt(mCurl, CURLOPT_ERRORBUFFER, mErrBuf) != CURLE_OK) { | 34 if (curl_easy_setopt(mCurl, CURLOPT_ERRORBUFFER, mErrBuf) != CURLE_OK) { |
| 53 qDebug() << "Setting errorbuf failed"; | 35 qDebug() << "Setting errorbuf failed"; |
| 54 return; | 36 return; |
| 55 } | 37 } |
| 56 | 38 |
| 57 #ifdef RELEASE_BUILD | |
| 58 if (curl_easy_setopt(mCurl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2) != CURLE_OK) { | 39 if (curl_easy_setopt(mCurl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2) != CURLE_OK) { |
| 59 qDebug() << "Setting ssl version failed."; | 40 qDebug() << "Setting ssl version failed."; |
| 60 return; | 41 return; |
| 61 } | 42 } |
| 62 #endif | |
| 63 | 43 |
| 64 mCertFile.open(); | 44 mCertFile.open(); |
| 65 if (mCertFile.write(mPinnedCert) != mPinnedCert.size()) { | 45 if (mCertFile.write(mPinnedCert) != mPinnedCert.size()) { |
| 66 qDebug() << "Failed to write temporary certificate"; | 46 qDebug() << "Failed to write temporary certificate"; |
| 67 return; | 47 return; |