[FEATURE] Option for disabling SSL certificate verification 34/14534/4
authorNicole Cordes <n.cordes@biz-design.biz>
Wed, 12 Sep 2012 06:22:08 +0000 (08:22 +0200)
committerAndreas Wolf <andreas.wolf@typo3.org>
Sun, 24 Mar 2013 13:46:18 +0000 (14:46 +0100)
When using a SSL connection to connect to the WebDAV server CURL doesn't
trust peer certificate. This patch adds the opportunity to disable
verification.

Change-Id: Ib68054241a6e9524a1ff25cecb0c5cf4c9d950f9
Resolves: #40829
Reviewed-on: https://review.typo3.org/14534
Reviewed-by: Andreas Wolf
Tested-by: Andreas Wolf
Classes/Dav/WebDavClient.php [new file with mode: 0644]
Classes/Driver/WebDavDriver.php
Configuration/FlexForm/WebDavDriverFlexForm.xml

diff --git a/Classes/Dav/WebDavClient.php b/Classes/Dav/WebDavClient.php
new file mode 100644 (file)
index 0000000..1e37091
--- /dev/null
@@ -0,0 +1,78 @@
+<?php
+namespace TYPO3\FalWebdav\Dav;
+
+/***************************************************************
+ *  Copyright notice
+ *
+ *  (c) 2013 Nicole Cordes
+ *  All rights reserved
+ *
+ *  This script is part of the TYPO3 project. The TYPO3 project is
+ *  free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  The GNU General Public License can be found at
+ *  http://www.gnu.org/copyleft/gpl.html.
+ *  A copy is found in the textfile GPL.txt and important notices to the license
+ *  from the author is found in LICENSE.txt distributed with these scripts.
+ *
+ *
+ *  This script is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  This copyright notice MUST APPEAR in all copies of the script!
+ ***************************************************************/
+
+include_once 'Sabre/autoload.php';
+
+/**
+ * Helper class to circumvent limitations in SabreDAV's support for cURL's certificate verification options.
+ */
+class WebDavClient extends \Sabre_DAV_Client {
+
+       /**
+        * Trigger to enable/disable peer certificate verification
+        *
+        * @var boolean
+        */
+       protected $verifyCertificates = TRUE;
+
+       /**
+        * @param boolean $peerVerification
+        */
+       public function setCertificateVerification($peerVerification) {
+               $this->verifyCertificates = $peerVerification;
+       }
+
+       /**
+        * Wrapper for all cUrl functions.
+        *
+        * @param string $url
+        * @param array $settings
+        *
+        * @return array
+        */
+       protected function curlRequest($url, $settings) {
+
+               $curl = curl_init($url);
+               curl_setopt_array($curl, $settings);
+
+               if ($this->verifyCertificates === FALSE) {
+                       curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
+               }
+
+               return array(
+                       curl_exec($curl),
+                       curl_getinfo($curl),
+                       curl_errno($curl),
+                       curl_error($curl)
+               );
+
+       }
+}
+
+?>
\ No newline at end of file
index 0868e94..099b10b 100644 (file)
@@ -52,7 +52,7 @@ class WebDavDriver extends \TYPO3\CMS\Core\Resource\Driver\AbstractDriver {
        protected $basePath = '';
 
        /**
-        * @var \Sabre_DAV_Client
+        * @var \TYPO3\FalWebdav\Dav\WebDavClient
         */
        protected $davClient;
 
@@ -102,9 +102,9 @@ class WebDavDriver extends \TYPO3\CMS\Core\Resource\Driver\AbstractDriver {
        /**
         * Inject method for the DAV client. Mostly useful for unit tests.
         *
-        * @param \Sabre_DAV_Client $client
+        * @param \TYPO3\FalWebdav\Dav\WebDavClient $client
         */
-       public function injectDavClient(\Sabre_DAV_Client $client) {
+       public function injectDavClient(\TYPO3\FalWebdav\Dav\WebDavClient $client) {
                $this->davClient = $client;
        }
 
@@ -147,7 +147,9 @@ class WebDavDriver extends \TYPO3\CMS\Core\Resource\Driver\AbstractDriver {
                $this->baseUrl = rtrim(\TYPO3\CMS\Core\Utility\HttpUtility::buildUrl($urlInfo), '/') . '/';
                $settings['baseUri'] = $this->baseUrl;
 
-               $this->davClient = new \Sabre_DAV_Client($settings);
+               $this->davClient = new \TYPO3\FalWebdav\Dav\WebDavClient($settings);
+
+               $this->davClient->setCertificateVerification($this->configuration['disableCertificateVerification'] != 1);
        }
 
        /**
index baad644..1c0caf4 100644 (file)
                                        </config>
                                </TCEforms>
                        </baseUrl>
+                       <disableCertificateVerification>
+                               <TCEforms>
+                                       <label>Disable server certificate verification</label>
+                                       <config>
+                                               <type>check</type>
+                                       </config>
+                               </TCEforms>
+                       </disableCertificateVerification>
                        <useAuthentication>
                                <TCEforms>
                                        <label>Use authentication?</label>