summaryrefslogtreecommitdiffabout
authorMichael Krelin <hacker@klever.net>2007-01-15 00:09:35 (UTC)
committer Michael Krelin <hacker@klever.net>2007-01-15 00:09:35 (UTC)
commit6c7a4fbf0c0e68a500a6b5834a1f3877b160bf77 (patch) (unidiff)
treeba6fa2874ab75f16cd588cc1a0729f6f78b18b93
parent4cfc41760dea44228b590fa9682b19f8a2e38ec2 (diff)
downloadlibopkele-6c7a4fbf0c0e68a500a6b5834a1f3877b160bf77.zip
libopkele-6c7a4fbf0c0e68a500a6b5834a1f3877b160bf77.tar.gz
libopkele-6c7a4fbf0c0e68a500a6b5834a1f3877b160bf77.tar.bz2
--disable-ssl-verify-{host,peer} options added
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--configure.ac14
-rw-r--r--lib/consumer.cc6
2 files changed, 20 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac
index fd50721..8397914 100644
--- a/configure.ac
+++ b/configure.ac
@@ -40,32 +40,46 @@ AC_ARG_ENABLE([doxygen],
40 [ 40 [
41 test "${enableval}" = "no" && WANT_DOXYGEN="no" 41 test "${enableval}" = "no" && WANT_DOXYGEN="no"
42 ] 42 ]
43) 43)
44if test "${WANT_DOXYGEN}" = "yes" ; then 44if test "${WANT_DOXYGEN}" = "yes" ; then
45 AC_WITH_DOXYGEN 45 AC_WITH_DOXYGEN
46 AC_WITH_DOT 46 AC_WITH_DOT
47else 47else
48 AM_CONDITIONAL([HAVE_DOXYGEN],[false]) 48 AM_CONDITIONAL([HAVE_DOXYGEN],[false])
49 AM_CONDITIONAL([HAVE_DOT],[false]) 49 AM_CONDITIONAL([HAVE_DOT],[false])
50fi 50fi
51 51
52LIBCURL_CHECK_CONFIG(,,,[ 52LIBCURL_CHECK_CONFIG(,,,[
53 AC_MSG_ERROR([no required libcurl library. get one from http://curl.haxx.se/]) 53 AC_MSG_ERROR([no required libcurl library. get one from http://curl.haxx.se/])
54]) 54])
55AC_WITH_PCRE([ 55AC_WITH_PCRE([
56 AC_WITH_PCREPP(,[ 56 AC_WITH_PCREPP(,[
57 AC_MSG_ERROR([no pcre++ library found. get one at http://www.daemon.de/PCRE]) 57 AC_MSG_ERROR([no pcre++ library found. get one at http://www.daemon.de/PCRE])
58 ]) 58 ])
59 ],[ 59 ],[
60 AC_MSG_ERROR([no pcre library found. get one at http://www.pcre.org/]) 60 AC_MSG_ERROR([no pcre library found. get one at http://www.pcre.org/])
61 ] 61 ]
62) 62)
63 63
64curl_ssl_verify_host="true"
65AC_ARG_ENABLE([ssl-verify-host],
66 AC_HELP_STRING([--disable-ssl-verify-host],[disable cURL cert/host relationships verification]),
67 [ test "${enableval}" = "no" && curl_ssl_verify_host="false" ]
68)
69${curl_ssl_verify_host} || AC_DEFINE([DISABLE_CURL_SSL_VERIFYHOST],,[defined if cURL is not to verify cert/host])
70
71curl_ssl_verify_peer="true"
72AC_ARG_ENABLE([ssl-verify-peer],
73 AC_HELP_STRING([--disable-ssl-verify-peer],[disable cURL cert validity verification]),
74 [ test "${enableval}" = "no" && curl_ssl_verify_peer="false" ]
75)
76${curl_ssl_verify_peer} || AC_DEFINE([DISABLE_CURL_SSL_VERIFYPEER],,[defined if cURL is not to verify cert validity])
77
64AC_CONFIG_FILES([ 78AC_CONFIG_FILES([
65 Makefile 79 Makefile
66 libopkele.pc 80 libopkele.pc
67 Doxyfile 81 Doxyfile
68 include/Makefile 82 include/Makefile
69 lib/Makefile 83 lib/Makefile
70]) 84])
71AC_OUTPUT 85AC_OUTPUT
diff --git a/lib/consumer.cc b/lib/consumer.cc
index 331b1e9..dc49405 100644
--- a/lib/consumer.cc
+++ b/lib/consumer.cc
@@ -17,48 +17,54 @@ namespace opkele {
17 using namespace std; 17 using namespace std;
18 18
19 class curl_t { 19 class curl_t {
20 public: 20 public:
21 CURL *_c; 21 CURL *_c;
22 22
23 curl_t() : _c(0) { } 23 curl_t() : _c(0) { }
24 curl_t(CURL *c) : _c(c) { } 24 curl_t(CURL *c) : _c(c) { }
25 ~curl_t() throw() { if(_c) curl_easy_cleanup(_c); } 25 ~curl_t() throw() { if(_c) curl_easy_cleanup(_c); }
26 26
27 curl_t& operator=(CURL *c) { if(_c) curl_easy_cleanup(_c); _c=c; return *this; } 27 curl_t& operator=(CURL *c) { if(_c) curl_easy_cleanup(_c); _c=c; return *this; }
28 28
29 operator const CURL*(void) const { return _c; } 29 operator const CURL*(void) const { return _c; }
30 operator CURL*(void) { return _c; } 30 operator CURL*(void) { return _c; }
31 }; 31 };
32 32
33 static CURLcode curl_misc_sets(CURL* c) { 33 static CURLcode curl_misc_sets(CURL* c) {
34 CURLcode r; 34 CURLcode r;
35 (r=curl_easy_setopt(c,CURLOPT_FOLLOWLOCATION,1)) 35 (r=curl_easy_setopt(c,CURLOPT_FOLLOWLOCATION,1))
36 || (r=curl_easy_setopt(c,CURLOPT_MAXREDIRS,5)) 36 || (r=curl_easy_setopt(c,CURLOPT_MAXREDIRS,5))
37 || (r=curl_easy_setopt(c,CURLOPT_DNS_CACHE_TIMEOUT,120)) 37 || (r=curl_easy_setopt(c,CURLOPT_DNS_CACHE_TIMEOUT,120))
38 || (r=curl_easy_setopt(c,CURLOPT_DNS_USE_GLOBAL_CACHE,1)) 38 || (r=curl_easy_setopt(c,CURLOPT_DNS_USE_GLOBAL_CACHE,1))
39 || (r=curl_easy_setopt(c,CURLOPT_USERAGENT,PACKAGE_NAME"/"PACKAGE_VERSION)) 39 || (r=curl_easy_setopt(c,CURLOPT_USERAGENT,PACKAGE_NAME"/"PACKAGE_VERSION))
40 || (r=curl_easy_setopt(c,CURLOPT_TIMEOUT,20)) 40 || (r=curl_easy_setopt(c,CURLOPT_TIMEOUT,20))
41 #ifdefDISABLE_CURL_SSL_VERIFYHOST
42 || (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYHOST,0))
43#endif
44 #ifdefDISABLE_CURL_SSL_VERYPEER
45 || (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYPEER,0))
46#endif
41 ; 47 ;
42 return r; 48 return r;
43 } 49 }
44 50
45 static size_t _curl_tostring(void *ptr,size_t size,size_t nmemb,void *stream) { 51 static size_t _curl_tostring(void *ptr,size_t size,size_t nmemb,void *stream) {
46 string *str = (string*)stream; 52 string *str = (string*)stream;
47 size_t bytes = size*nmemb; 53 size_t bytes = size*nmemb;
48 size_t get = min(16384-str->length(),bytes); 54 size_t get = min(16384-str->length(),bytes);
49 str->append((const char*)ptr,get); 55 str->append((const char*)ptr,get);
50 return get; 56 return get;
51 } 57 }
52 58
53 assoc_t consumer_t::associate(const string& server) { 59 assoc_t consumer_t::associate(const string& server) {
54 util::dh_t dh = DH_new(); 60 util::dh_t dh = DH_new();
55 if(!dh) 61 if(!dh)
56 throw exception_openssl(OPKELE_CP_ "failed to DH_new()"); 62 throw exception_openssl(OPKELE_CP_ "failed to DH_new()");
57 dh->p = util::dec_to_bignum(data::_default_p); 63 dh->p = util::dec_to_bignum(data::_default_p);
58 dh->g = util::dec_to_bignum(data::_default_g); 64 dh->g = util::dec_to_bignum(data::_default_g);
59 if(!DH_generate_key(dh)) 65 if(!DH_generate_key(dh))
60 throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()"); 66 throw exception_openssl(OPKELE_CP_ "failed to DH_generate_key()");
61 string request = 67 string request =
62 "openid.mode=associate" 68 "openid.mode=associate"
63 "&openid.assoc_type=HMAC-SHA1" 69 "&openid.assoc_type=HMAC-SHA1"
64 "&openid.session_type=DH-SHA1" 70 "&openid.session_type=DH-SHA1"