webdav ssl cleanup

This commit is contained in:
Bjoern Schiessle 2012-07-09 09:40:33 +02:00
parent f5c329af98
commit 7d41d3aba8
2 changed files with 44 additions and 38 deletions

View File

@ -43,10 +43,13 @@ class OC_FileStorage_DAV extends OC_Filestorage_Common{
); );
$this->client = new OC_Connector_Sabre_Client($settings); $this->client = new OC_Connector_Sabre_Client($settings);
/*
if($caview = \OCP\Files::getStorage('files_external')) { if($caview = \OCP\Files::getStorage('files_external')) {
$this->client->setCurlSettings(array(CURLOPT_CAINFO => \OCP\Config::getSystemValue('datadirectory').$caview->getAbsolutePath("").'rootcerts.crt')); $certPath=\OCP\Config::getSystemValue('datadirectory').$caview->getAbsolutePath("").'rootcerts.crt';
} if (file_exists($certPath)) {
$this->client->addTrustedCertificates($certPath);
}
}*/
//create the root folder if necesary //create the root folder if necesary
$this->mkdir(''); $this->mkdir('');
} }

View File

@ -23,29 +23,18 @@
class OC_Connector_Sabre_Client extends Sabre_DAV_Client { class OC_Connector_Sabre_Client extends Sabre_DAV_Client {
protected $curlSettings; protected $trustedCertificates;
public function __construct(array $settings) { /**
//set default curl settings * Add trusted root certificates to the webdav client.
$this->curlSettings = array( *
CURLOPT_RETURNTRANSFER => true, * The parameter certificates should be a absulute path to a file which contains
// Return headers as part of the response * all trusted certificates
CURLOPT_HEADER => true, *
// Automatically follow redirects * @param string $certificates
CURLOPT_FOLLOWLOCATION => true, */
CURLOPT_MAXREDIRS => 5, public function addTrustedCertificates($certificates) {
CURLOPT_SSL_VERIFYPEER => true, $this->trustedCertificates = $certificates;
//CURLOPT_SSL_VERIFYPEER => false,
);
parent::__construct($settings);
}
public function setCurlSettings($settings) {
if (is_array($settings)) {
foreach ($settings as $k => $v) {
$this->curlSettings[$k] = $v;
}
}
} }
/** /**
@ -68,13 +57,28 @@ class OC_Connector_Sabre_Client extends Sabre_DAV_Client {
* @return array * @return array
*/ */
public function request($method, $url = '', $body = null, $headers = array()) { public function request($method, $url = '', $body = null, $headers = array()) {
$this->curlSettings[CURLOPT_POSTFIELDS] = $body;
$url = $this->getAbsoluteUrl($url); $url = $this->getAbsoluteUrl($url);
$curlSettings = array(
CURLOPT_RETURNTRANSFER => true,
// Return headers as part of the response
CURLOPT_HEADER => true,
CURLOPT_POSTFIELDS => $body,
// Automatically follow redirects
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_MAXREDIRS => 5,
CURLOPT_SSL_VERIFYPEER => true,
//CURLOPT_SSL_VERIFYPEER => false,
);
if($this->trustedCertificates) {
$curlSettings[CURLOPT_CAINFO] = $this->trustedCertificates;
}
switch ($method) { switch ($method) {
case 'PUT': case 'PUT':
$this->curlSettings[CURLOPT_PUT] = true; $curlSettings[CURLOPT_PUT] = true;
break; break;
case 'HEAD' : case 'HEAD' :
@ -83,12 +87,12 @@ class OC_Connector_Sabre_Client extends Sabre_DAV_Client {
// specs...) cURL does unfortunately return an error in this case ("transfer closed transfer closed with // specs...) cURL does unfortunately return an error in this case ("transfer closed transfer closed with
// ... bytes remaining to read") this can be circumvented by explicitly telling cURL to ignore the // ... bytes remaining to read") this can be circumvented by explicitly telling cURL to ignore the
// response body // response body
$this->curlSettings[CURLOPT_NOBODY] = true; $curlSettings[CURLOPT_NOBODY] = true;
$this->curlSettings[CURLOPT_CUSTOMREQUEST] = 'HEAD'; $curlSettings[CURLOPT_CUSTOMREQUEST] = 'HEAD';
break; break;
default: default:
$this->curlSettings[CURLOPT_CUSTOMREQUEST] = $method; $curlSettings[CURLOPT_CUSTOMREQUEST] = $method;
break; break;
} }
@ -100,15 +104,15 @@ class OC_Connector_Sabre_Client extends Sabre_DAV_Client {
$nHeaders[] = $key . ': ' . $value; $nHeaders[] = $key . ': ' . $value;
} }
$this->curlSettings[CURLOPT_HTTPHEADER] = $nHeaders; $curlSettings[CURLOPT_HTTPHEADER] = $nHeaders;
if ($this->proxy) { if ($this->proxy) {
$this->curlSettings[CURLOPT_PROXY] = $this->proxy; $curlSettings[CURLOPT_PROXY] = $this->proxy;
} }
if ($this->userName) { if ($this->userName) {
$this->curlSettings[CURLOPT_HTTPAUTH] = CURLAUTH_BASIC | CURLAUTH_DIGEST; $curlSettings[CURLOPT_HTTPAUTH] = CURLAUTH_BASIC | CURLAUTH_DIGEST;
$this->curlSettings[CURLOPT_USERPWD] = $this->userName . ':' . $this->password; $curlSettings[CURLOPT_USERPWD] = $this->userName . ':' . $this->password;
} }
list( list(
@ -116,7 +120,7 @@ class OC_Connector_Sabre_Client extends Sabre_DAV_Client {
$curlInfo, $curlInfo,
$curlErrNo, $curlErrNo,
$curlError $curlError
) = $this->curlRequest($url, $this->curlSettings); ) = $this->curlRequest($url, $curlSettings);
$headerBlob = substr($response, 0, $curlInfo['header_size']); $headerBlob = substr($response, 0, $curlInfo['header_size']);
$response = substr($response, $curlInfo['header_size']); $response = substr($response, $curlInfo['header_size']);
@ -164,5 +168,4 @@ class OC_Connector_Sabre_Client extends Sabre_DAV_Client {
return $response; return $response;
} }
} }