add option ssl verification

diff --git a/src/kds_s2000w_client.c b/src/kds_s2000w_client.c
index 1517a7de9ccc42a6552f00dc56bfd86403121cea..bb61fd8ed9e99b2c0ba8453770e04e7dd617f737 100644 (file)
--- a/src/kds_s2000w_client.c
+++ b/src/kds_s2000w_client.c
@@ -68,6 +68,15 @@ void _kds_s2000w_client_print_error_result(CURLcode result)
        fprintf(stderr, "ERROR: curl_easy_perform: %s\n", curl_easy_strerror(result));
 }
 
+void _kds_s2000w_client_set_ssl_verification_off(CURL* curl)
+{
+       if (p_config.ssl_verify)
+               return;
+
+       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
+       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+}
+
 response* kds_s2000w_client_response_init()
 {
        debug_printf(ALL, "kds_s2000w_client_response_init");
@@ -144,8 +153,7 @@ int kds_s2000w_client_open_session(response* response)
        sprintf(body, "{\"OCPUserName\": \"%s\"}", p_config.username);
        curl_easy_setopt(curl, CURLOPT_POST, 1L);
        curl_easy_setopt(curl, CURLOPT_POSTFIELDS, body);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+       _kds_s2000w_client_set_ssl_verification_off(curl);
 
        CURLcode result = curl_easy_perform(curl);
        curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response->code);
@@ -196,8 +204,7 @@ void kds_s2000w_client_close_session(int64_t sessionid)
        curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
 
        curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "DELETE");
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+       _kds_s2000w_client_set_ssl_verification_off(curl);
 
        CURLcode result = curl_easy_perform(curl);
 
@@ -244,8 +251,7 @@ int kds_s2000w_client_status_session(int64_t sessionid, response* response)
        curl_easy_setopt(curl, CURLOPT_WRITEDATA, stream);
 
        curl_easy_setopt(curl, CURLOPT_HTTPGET, 1L);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+       _kds_s2000w_client_set_ssl_verification_off(curl);
 
        CURLcode result = curl_easy_perform(curl);
        curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response->code);
@@ -302,8 +308,7 @@ int kds_s2000w_client_start_scan(int64_t sessionid, response* response)
 
        curl_easy_setopt(curl, CURLOPT_POST, 1L);
        curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, 0L);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+       _kds_s2000w_client_set_ssl_verification_off(curl);
 
        CURLcode result = curl_easy_perform(curl);
        curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response->code);
@@ -360,8 +365,7 @@ int kds_s2000w_client_stop_scan(int64_t sessionid, response* response)
 
        curl_easy_setopt(curl, CURLOPT_POST, 1L);
        curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, 0L);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+       _kds_s2000w_client_set_ssl_verification_off(curl);
 
        CURLcode result = curl_easy_perform(curl);
        curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response->code);
@@ -420,8 +424,7 @@ int kds_s2000w_client_get_image(int64_t sessionid, int img_number, response* res
        curl_easy_setopt(curl, CURLOPT_WRITEDATA, stream);
 
        curl_easy_setopt(curl, CURLOPT_HTTPGET, 1L);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+       _kds_s2000w_client_set_ssl_verification_off(curl);
 
        CURLcode result = curl_easy_perform(curl);
        curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response->code);
@@ -482,8 +485,7 @@ int kds_s2000w_client_delete_image(int64_t sessionid, int img_number, response*
        curl_easy_setopt(curl, CURLOPT_WRITEDATA, stream);
 
        curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "DELETE");
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+       _kds_s2000w_client_set_ssl_verification_off(curl);
 
        CURLcode result = curl_easy_perform(curl);
        curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response->code);
@@ -535,8 +537,7 @@ int kds_s2000w_client_get_capabilities(response* response)
        curl_easy_setopt(curl, CURLOPT_WRITEDATA, stream);
 
        curl_easy_setopt(curl, CURLOPT_HTTPGET, 1L);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+       _kds_s2000w_client_set_ssl_verification_off(curl);
 
        CURLcode result = curl_easy_perform(curl);
        curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response->code);
@@ -590,8 +591,7 @@ int kds_s2000w_client_get_option(int64_t sessionid, response* response)
        curl_easy_setopt(curl, CURLOPT_WRITEDATA, stream);
 
        curl_easy_setopt(curl, CURLOPT_HTTPGET, 1L);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+       _kds_s2000w_client_set_ssl_verification_off(curl);
 
        CURLcode result = curl_easy_perform(curl);
        curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response->code);
@@ -644,8 +644,7 @@ int kds_s2000w_client_set_option(int64_t sessionid, response* response)
        curl_easy_setopt(curl, CURLOPT_POSTFIELDS, response->data);
        curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, response->size);
        curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "PUT");
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
-       curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+       _kds_s2000w_client_set_ssl_verification_off(curl);
 
        CURLcode result = curl_easy_perform(curl);
        curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response->code);

diff --git a/src/kds_s2000w_config.c b/src/kds_s2000w_config.c
index ecf72f865668e85c11a9cbbcfb7fc78c9e88a493..8850a90b9cfa383a9a1f8153f52ccdb60a36e5a5 100644 (file)
--- a/src/kds_s2000w_config.c
+++ b/src/kds_s2000w_config.c
@@ -51,6 +51,7 @@ void load_config(program_config* config, const char* config_stream)
                CFG_STR("username", "", CFGF_NONE),
                CFG_STR("scanner_url", "", CFGF_NONE),
                CFG_INT("heartbeat_seconds", 0, CFGF_NONE),
+               CFG_INT("ssl_verify", 0, CFGF_NONE),
                CFG_END()
        };
 
@@ -69,10 +70,11 @@ void load_config(program_config* config, const char* config_stream)
        memcpy(config->username, value_str, str_length);
 
        config->heartbeat = cfg_getint(cfg, "heartbeat_seconds");
-
        if (config->heartbeat < 1)
                config->heartbeat = 1;
 
+       config->ssl_verify = cfg_getint(cfg, "ssl_verify");
+
        cfg_free(cfg);
        cfg = NULL;
 }
\ No newline at end of file

diff --git a/src/kds_s2000w_config.h b/src/kds_s2000w_config.h
index eb8a5ac1e892440f8504b9f2ff2150b9a0f17040..f3d0c429a80846700f0c0c4f67a8742a36662eb2 100644 (file)
--- a/src/kds_s2000w_config.h
+++ b/src/kds_s2000w_config.h
@@ -5,6 +5,7 @@ typedef struct {
        char* scanner_url;
        char* username;
        unsigned int heartbeat;
+       int ssl_verify;
 } program_config;
 
 extern program_config p_config;

diff --git a/src/kds_s2000w_net.conf b/src/kds_s2000w_net.conf
index ecfd01c66f2a9316f7726530e10b15845ba91abc..29ba13edecbb99482a0f437c140ea3d7e81995bd 100644 (file)
--- a/src/kds_s2000w_net.conf
+++ b/src/kds_s2000w_net.conf
@@ -1,4 +1,6 @@
 scanner_url = "https://scanner.example.com"
 username = "muster"
 # Scanner heart beat is by default 1 seconds before check next scan status,
-# heartbeat_seconds = 1
\ No newline at end of file
+# heartbeat_seconds = 1
+# SSL Verification default 0 (OFF)
+# ssl_verify = 1
\ No newline at end of file