webdav ssl cleanup

author Bjoern Schiessle <schiessle@owncloud.com>

Mon, 9 Jul 2012 07:40:33 +0000 (09:40 +0200)

committer Bjoern Schiessle <schiessle@owncloud.com>

Mon, 9 Jul 2012 07:40:33 +0000 (09:40 +0200)
author Bjoern Schiessle <schiessle@owncloud.com>
Mon, 9 Jul 2012 07:40:33 +0000 (09:40 +0200)
committer Bjoern Schiessle <schiessle@owncloud.com>
Mon, 9 Jul 2012 07:40:33 +0000 (09:40 +0200)
diff --git a/apps/files_external/lib/webdav.php b/apps/files_external/lib/webdav.php

index ea6ca65b976206109c26b581e1887f843cb37fc4..b30e121f99bbc5507f659eabe1fa0f75d6a48574 100644 (file)
--- a/apps/files_external/lib/webdav.php
+++ b/apps/files_external/lib/webdav.php
@@ -43,10 +43,13 @@ class OC_FileStorage_DAV extends OC_Filestorage_Common{
                 );
  
                 $this->client = new OC_Connector_Sabre_Client($settings);
-               
+               /*
                 if($caview = \OCP\Files::getStorage('files_external')) {
-                       $this->client->setCurlSettings(array(CURLOPT_CAINFO => \OCP\Config::getSystemValue('datadirectory').$caview->getAbsolutePath("").'rootcerts.crt'));
-               }
+                       $certPath=\OCP\Config::getSystemValue('datadirectory').$caview->getAbsolutePath("").'rootcerts.crt';
+                       if (file_exists($certPath))  {
+                               $this->client->addTrustedCertificates($certPath);
+                       }
+               }*/
                 //create the root folder if necesary
                 $this->mkdir('');
         }
diff --git a/lib/connector/sabre/client.php b/lib/connector/sabre/client.php

index b799b541a055b5dd5af23f95bb8e7131ed29b6dd..87f9d59b3aed1ae0785df2bd47f2a855234d7c14 100644 (file)
--- a/lib/connector/sabre/client.php
+++ b/lib/connector/sabre/client.php
@@ -23,29 +23,18 @@
  \r
  class OC_Connector_Sabre_Client extends Sabre_DAV_Client {\r
         \r
-       protected $curlSettings;\r
-       \r
-       public function __construct(array $settings) {\r
-               //set default curl settings\r
-               $this->curlSettings = array(\r
-                               CURLOPT_RETURNTRANSFER => true,\r
-                               // Return headers as part of the response\r
-                               CURLOPT_HEADER => true,\r
-                               // Automatically follow redirects\r
-                               CURLOPT_FOLLOWLOCATION => true,\r
-                               CURLOPT_MAXREDIRS => 5,\r
-                               CURLOPT_SSL_VERIFYPEER => true,\r
-                               //CURLOPT_SSL_VERIFYPEER        => false,\r
-               );\r
-               parent::__construct($settings);\r
-       }\r
-       \r
-       public function setCurlSettings($settings) {\r
-               if (is_array($settings)) {\r
-                       foreach ($settings as $k => $v) {\r
-                               $this->curlSettings[$k] = $v;\r
-                       }\r
-               }\r
+       protected $trustedCertificates;\r
+\r
+       /**\r
+        * Add trusted root certificates to the webdav client.\r
+        *\r
+        * The parameter certificates should be a absulute path to a file which contains\r
+        * all trusted certificates\r
+        *\r
+        * @param string $certificates\r
+        */\r
+       public function addTrustedCertificates($certificates) {\r
+               $this->trustedCertificates = $certificates;\r
         }\r
         \r
         /**\r
@@ -68,13 +57,28 @@ class OC_Connector_Sabre_Client extends Sabre_DAV_Client {
          * @return array\r
          */\r
         public function request($method, $url = '', $body = null, $headers = array()) {\r
-\r
-               $this->curlSettings[CURLOPT_POSTFIELDS] = $body;         \r
+       \r
                 $url = $this->getAbsoluteUrl($url);\r
         \r
+               $curlSettings = array(\r
+                               CURLOPT_RETURNTRANSFER => true,\r
+                               // Return headers as part of the response\r
+                               CURLOPT_HEADER => true,\r
+                               CURLOPT_POSTFIELDS => $body,\r
+                               // Automatically follow redirects\r
+                               CURLOPT_FOLLOWLOCATION => true,\r
+                               CURLOPT_MAXREDIRS => 5,\r
+                               CURLOPT_SSL_VERIFYPEER => true,\r
+                               //CURLOPT_SSL_VERIFYPEER        => false,\r
+               );\r
+               \r
+               if($this->trustedCertificates) {\r
+                       $curlSettings[CURLOPT_CAINFO] = $this->trustedCertificates;\r
+               }\r
+       \r
                 switch ($method) {\r
                         case 'PUT':\r
-                               $this->curlSettings[CURLOPT_PUT] = true;\r
+                               $curlSettings[CURLOPT_PUT] = true;\r
                                 break;\r
                         case 'HEAD' :\r
         \r
@@ -83,12 +87,12 @@ class OC_Connector_Sabre_Client extends Sabre_DAV_Client {
                                 // specs...) cURL does unfortunately return an error in this case ("transfer closed transfer closed with\r
                                 // ... bytes remaining to read") this can be circumvented by explicitly telling cURL to ignore the\r
                                 // response body\r
-                               $this->curlSettings[CURLOPT_NOBODY] = true;\r
-                               $this->curlSettings[CURLOPT_CUSTOMREQUEST] = 'HEAD';\r
+                               $curlSettings[CURLOPT_NOBODY] = true;\r
+                               $curlSettings[CURLOPT_CUSTOMREQUEST] = 'HEAD';\r
                                 break;\r
         \r
                         default:\r
-                               $this->curlSettings[CURLOPT_CUSTOMREQUEST] = $method;\r
+                               $curlSettings[CURLOPT_CUSTOMREQUEST] = $method;\r
                                 break;\r
         \r
                 }\r
@@ -100,15 +104,15 @@ class OC_Connector_Sabre_Client extends Sabre_DAV_Client {
                         $nHeaders[] = $key . ': ' . $value;\r
         \r
                 }\r
-               $this->curlSettings[CURLOPT_HTTPHEADER] = $nHeaders;\r
+               $curlSettings[CURLOPT_HTTPHEADER] = $nHeaders;\r
         \r
                 if ($this->proxy) {\r
-                       $this->curlSettings[CURLOPT_PROXY] = $this->proxy;\r
+                       $curlSettings[CURLOPT_PROXY] = $this->proxy;\r
                 }\r
         \r
                 if ($this->userName) {\r
-                       $this->curlSettings[CURLOPT_HTTPAUTH] = CURLAUTH_BASIC | CURLAUTH_DIGEST;\r
-                       $this->curlSettings[CURLOPT_USERPWD] = $this->userName . ':' . $this->password;\r
+                       $curlSettings[CURLOPT_HTTPAUTH] = CURLAUTH_BASIC | CURLAUTH_DIGEST;\r
+                       $curlSettings[CURLOPT_USERPWD] = $this->userName . ':' . $this->password;\r
                 }\r
         \r
                 list(\r
@@ -116,7 +120,7 @@ class OC_Connector_Sabre_Client extends Sabre_DAV_Client {
                                 $curlInfo,\r
                                 $curlErrNo,\r
                                 $curlError\r
-               ) = $this->curlRequest($url, $this->curlSettings);\r
+               ) = $this->curlRequest($url, $curlSettings);\r
         \r
                 $headerBlob = substr($response, 0, $curlInfo['header_size']);\r
                 $response = substr($response, $curlInfo['header_size']);\r
@@ -164,5 +168,4 @@ class OC_Connector_Sabre_Client extends Sabre_DAV_Client {
                 return $response;\r
         \r
         }\r
-       \r
  }
 \ No newline at end of file
author	Bjoern Schiessle <schiessle@owncloud.com>
	Mon, 9 Jul 2012 07:40:33 +0000 (09:40 +0200)
committer	Bjoern Schiessle <schiessle@owncloud.com>
	Mon, 9 Jul 2012 07:40:33 +0000 (09:40 +0200)
apps/files_external/lib/webdav.php		patch \| blob \| history
lib/connector/sabre/client.php		patch \| blob \| history