Added: curl ca bundle option to client cfg

--HG--
branch : develop
hg/compatibility-develop
Nimetu 7 years ago
parent 6389fe3048
commit 98ae75fe57

@ -66,6 +66,8 @@ namespace NLGUI
std::vector< std::string > trustedDomains; std::vector< std::string > trustedDomains;
/// Maximum concurrent MultiCurl connections per CGroupHTML instance /// Maximum concurrent MultiCurl connections per CGroupHTML instance
sint32 curlMaxConnections; sint32 curlMaxConnections;
/// cacert.pem location
std::string curlCABundle;
SWebOptions(): curlMaxConnections(2) SWebOptions(): curlMaxConnections(2)
{ {

@ -395,13 +395,18 @@ namespace NLGUI
return false; return false;
} }
#if defined(NL_OS_WINDOWS)
// https:// // https://
if (toLower(download.url.substr(0, 8)) == "https://") if (toLower(download.url.substr(0, 8)) == "https://")
{ {
#if defined(NL_OS_WINDOWS)
curl_easy_setopt(curl, CURLOPT_SSL_CTX_FUNCTION, &CCurlCertificates::sslCtxFunction); curl_easy_setopt(curl, CURLOPT_SSL_CTX_FUNCTION, &CCurlCertificates::sslCtxFunction);
#else
if (!options.curlCABundle.empty())
{
curl_easy_setopt(curl, CURLOPT_CAINFO, options.curlCABundle.c_str());
} }
#endif #endif
}
download.data = new CCurlWWWData(curl, download.url); download.data = new CCurlWWWData(curl, download.url);
download.fp = fp; download.fp = fp;
@ -5354,13 +5359,18 @@ namespace NLGUI
return; return;
} }
#if defined(NL_OS_WINDOWS)
// https:// // https://
if (toLower(url.substr(0, 8)) == "https://") if (toLower(url.substr(0, 8)) == "https://")
{ {
#if defined(NL_OS_WINDOWS)
curl_easy_setopt(curl, CURLOPT_SSL_CTX_FUNCTION, &CCurlCertificates::sslCtxFunction); curl_easy_setopt(curl, CURLOPT_SSL_CTX_FUNCTION, &CCurlCertificates::sslCtxFunction);
#else
if (!options.curlCABundle.empty())
{
curl_easy_setopt(curl, CURLOPT_CAINFO, options.curlCABundle.c_str());
} }
#endif #endif
}
// do not follow redirects, we have own handler // do not follow redirects, we have own handler
curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 0); curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 0);

@ -52,6 +52,11 @@ ForgetPwdURL = "http://shard.ryzomcore.org/ams/?page=forgot_password";
LoginSupportURL = "https://plus.google.com/u/0/communities/103798956862568269036"; LoginSupportURL = "https://plus.google.com/u/0/communities/103798956862568269036";
InstallWebPage = ""; InstallWebPage = "";
// Full path and filename where cURL can find certificate bundle file
// cacert.pem file can be downloaded from https://curl.haxx.se/docs/caextract.html
// and added to client data path or system specific bundle can be used
// Ubuntu has "/etc/ssl/certs/ca-certificates.crt"
//CurlCABundle = "cacert.pem";
//////////////// ////////////////
// INTERFACES // // INTERFACES //

@ -430,6 +430,7 @@ CClientConfig::CClientConfig()
WebIgTrustedDomains.push_back(WebIgMainDomain); WebIgTrustedDomains.push_back(WebIgMainDomain);
CurlMaxConnections = 2; CurlMaxConnections = 2;
CurlCABundle.clear();
RingReleaseNotePath = "http://" + WebIgMainDomain + "/releasenotes_ring/index.php"; RingReleaseNotePath = "http://" + WebIgMainDomain + "/releasenotes_ring/index.php";
ReleaseNotePath = "http://" + WebIgMainDomain + "/releasenotes/index.php"; ReleaseNotePath = "http://" + WebIgMainDomain + "/releasenotes/index.php";
@ -1087,6 +1088,8 @@ void CClientConfig::setValues()
if (ClientCfg.CurlMaxConnections < 0) if (ClientCfg.CurlMaxConnections < 0)
ClientCfg.CurlMaxConnections = 2; ClientCfg.CurlMaxConnections = 2;
READ_STRING_FV(CurlCABundle);
/////////////// ///////////////
// ANIMATION // // ANIMATION //
// AnimatedAngleThreshold // AnimatedAngleThreshold

@ -308,6 +308,7 @@ struct CClientConfig
std::vector<string> WebIgTrustedDomains; std::vector<string> WebIgTrustedDomains;
sint32 CurlMaxConnections; sint32 CurlMaxConnections;
string CurlCABundle;
/////////////// ///////////////
// ANIMATION // // ANIMATION //

@ -471,6 +471,16 @@ CInterfaceManager::CInterfaceManager()
CGroupHTML::options.appName = getUserAgentName(); CGroupHTML::options.appName = getUserAgentName();
CGroupHTML::options.appVersion = getUserAgentVersion(); CGroupHTML::options.appVersion = getUserAgentVersion();
CGroupHTML::options.curlMaxConnections = ClientCfg.CurlMaxConnections; CGroupHTML::options.curlMaxConnections = ClientCfg.CurlMaxConnections;
if (!ClientCfg.CurlCABundle.empty())
{
string filename = CPath::lookup(ClientCfg.CurlCABundle, false);
if (!filename.empty())
{
filename = CPath::getFullPath(filename, false);
CGroupHTML::options.curlCABundle = filename;
nlinfo("curl ca bundle '%s'", filename.c_str());
}
}
NLGUI::CDBManager::getInstance()->resizeBanks( NB_CDB_BANKS ); NLGUI::CDBManager::getInstance()->resizeBanks( NB_CDB_BANKS );
interfaceLinkUpdater = new CInterfaceLink::CInterfaceLinkUpdater(); interfaceLinkUpdater = new CInterfaceLink::CInterfaceLinkUpdater();

Loading…
Cancel
Save