From cb025a34191b7dbfdfa754bb46152ce2ec70b738 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Wed, 21 Jul 2010 13:13:34 +0200
Subject: wire up SSLVerify in RHTSupport.conf to actually have the desired
 effect

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
---
 lib/Plugins/RHTSupport.cpp    |  1 +
 lib/Utils/abrt_curl.cpp       |  8 +++++++-
 lib/Utils/abrt_curl.h         |  7 ++++---
 lib/Utils/abrt_rh_support.cpp | 15 +++++++++++----
 lib/Utils/abrt_rh_support.h   |  3 ++-
 5 files changed, 25 insertions(+), 9 deletions(-)

(limited to 'lib')

diff --git a/lib/Plugins/RHTSupport.cpp b/lib/Plugins/RHTSupport.cpp
index b2871ac9..5af375e1 100644
--- a/lib/Plugins/RHTSupport.cpp
+++ b/lib/Plugins/RHTSupport.cpp
@@ -232,6 +232,7 @@ string CReporterRHticket::Report(const map_crash_data_t& pCrashData,
         char* result = send_report_to_new_case(URL.c_str(),
                 login.c_str(),
                 password.c_str(),
+                m_bSSLVerify,
                 summary.c_str(),
                 description.c_str(),
                 package.c_str(),
diff --git a/lib/Utils/abrt_curl.cpp b/lib/Utils/abrt_curl.cpp
index 0eea9dbe..2cf6b920 100644
--- a/lib/Utils/abrt_curl.cpp
+++ b/lib/Utils/abrt_curl.cpp
@@ -220,7 +220,8 @@ abrt_post(abrt_post_state_t *state,
     }
     // Override "Content-Type:"
     struct curl_slist *httpheader_list = NULL;
-    if (data_size != ABRT_POST_DATA_FROMFILE_AS_FORM_DATA) {
+    if (data_size != ABRT_POST_DATA_FROMFILE_AS_FORM_DATA)
+    {
         char *content_type_header = xasprintf("Content-Type: %s", content_type);
         // Note: curl_slist_append() copies content_type_header
         httpheader_list = curl_slist_append(httpheader_list, content_type_header);
@@ -258,6 +259,11 @@ abrt_post(abrt_post_state_t *state,
             error_msg_and_die("out of memory");
         xcurl_easy_setopt_ptr(handle, CURLOPT_WRITEDATA, body_stream);
     }
+    if (!(state->flags & ABRT_POST_WANT_SSL_VERIFY))
+    {
+        xcurl_easy_setopt_long(handle, CURLOPT_SSL_VERIFYPEER, 0);
+        xcurl_easy_setopt_long(handle, CURLOPT_SSL_VERIFYHOST, 0);
+    }
 
     // This is the place where everything happens.
     // Here errors are not limited to "out of memory", can't just die.
diff --git a/lib/Utils/abrt_curl.h b/lib/Utils/abrt_curl.h
index b1ecd249..1f34e7ec 100644
--- a/lib/Utils/abrt_curl.h
+++ b/lib/Utils/abrt_curl.h
@@ -43,9 +43,10 @@ void free_abrt_post_state(abrt_post_state_t *state);
 char *find_header_in_abrt_post_state(abrt_post_state_t *state, const char *str);
 
 enum {
-    ABRT_POST_WANT_HEADERS   = (1 << 0),
-    ABRT_POST_WANT_ERROR_MSG = (1 << 1),
-    ABRT_POST_WANT_BODY      = (1 << 2),
+    ABRT_POST_WANT_HEADERS    = (1 << 0),
+    ABRT_POST_WANT_ERROR_MSG  = (1 << 1),
+    ABRT_POST_WANT_BODY       = (1 << 2),
+    ABRT_POST_WANT_SSL_VERIFY = (1 << 3),
 };
 enum {
     /* Must be -1! CURLOPT_POSTFIELDSIZE interprets -1 as "use strlen" */
diff --git a/lib/Utils/abrt_rh_support.cpp b/lib/Utils/abrt_rh_support.cpp
index 72523988..7e804f9f 100644
--- a/lib/Utils/abrt_rh_support.cpp
+++ b/lib/Utils/abrt_rh_support.cpp
@@ -220,14 +220,16 @@ reportfile_free(reportfile_t* file)
 // post_signature()
 //
 char*
-post_signature(const char* baseURL, const char* signature)
+post_signature(const char* baseURL, bool ssl_verify, const char* signature)
 {
     string URL = concat_path_file(baseURL, "/signatures");
 
     abrt_post_state *state = new_abrt_post_state(0
                 + ABRT_POST_WANT_HEADERS
                 + ABRT_POST_WANT_BODY
-                + ABRT_POST_WANT_ERROR_MSG);
+                + ABRT_POST_WANT_ERROR_MSG
+                + (ssl_verify ? ABRT_POST_WANT_SSL_VERIFY : 0)
+    );
     int http_resp_code = abrt_post_string(state, URL.c_str(), "application/xml", signature);
 
     char *retval;
@@ -361,6 +363,7 @@ char*
 send_report_to_new_case(const char* baseURL,
                 const char* username,
                 const char* password,
+                bool ssl_verify,
                 const char* summary,
                 const char* description,
                 const char* component,
@@ -382,7 +385,9 @@ send_report_to_new_case(const char* baseURL,
     case_state = new_abrt_post_state(0
             + ABRT_POST_WANT_HEADERS
             + ABRT_POST_WANT_BODY
-            + ABRT_POST_WANT_ERROR_MSG);
+            + ABRT_POST_WANT_ERROR_MSG
+            + (ssl_verify ? ABRT_POST_WANT_SSL_VERIFY : 0)
+    );
     case_state->username = username;
     case_state->password = password;
     abrt_post_string(case_state, case_url.c_str(), "application/xml", case_data);
@@ -440,7 +445,9 @@ send_report_to_new_case(const char* baseURL,
         atch_state = new_abrt_post_state(0
                 + ABRT_POST_WANT_HEADERS
                 + ABRT_POST_WANT_BODY
-                + ABRT_POST_WANT_ERROR_MSG);
+                + ABRT_POST_WANT_ERROR_MSG
+                + (ssl_verify ? ABRT_POST_WANT_SSL_VERIFY : 0)
+        );
         atch_state->username = username;
         atch_state->password = password;
         abrt_post_file_as_form(atch_state, atch_url.c_str(), "application/binary", report_file_name);
diff --git a/lib/Utils/abrt_rh_support.h b/lib/Utils/abrt_rh_support.h
index dcc87091..393a1a2c 100644
--- a/lib/Utils/abrt_rh_support.h
+++ b/lib/Utils/abrt_rh_support.h
@@ -33,11 +33,12 @@ void reportfile_add_binding_from_namedfile(reportfile_t* file,
 
 const char* reportfile_as_string(reportfile_t* file);
 
-char* post_signature(const char* baseURL, const char* signature);
+char* post_signature(const char* baseURL, bool ssl_verify, const char* signature);
 char*
 send_report_to_new_case(const char* baseURL,
                 const char* username,
                 const char* password,
+                bool ssl_verify,
                 const char* summary,
                 const char* description,
                 const char* component,
-- 
cgit