From: Aki Tuomi Date: Wed, 5 Jun 2013 11:57:52 +0000 (+0300) Subject: SSL support and few small fixes X-Git-Tag: rec-3.6.0-rc1~698^2~7 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ab487be28382c3512d9748383c5cd158eb4907fc;p=thirdparty%2Fpdns.git SSL support and few small fixes --- diff --git a/modules/remotebackend/httpconnector.cc b/modules/remotebackend/httpconnector.cc index 93ce237ed2..fe6a4cda47 100644 --- a/modules/remotebackend/httpconnector.cc +++ b/modules/remotebackend/httpconnector.cc @@ -42,6 +42,8 @@ HTTPConnector::HTTPConnector(std::map options) { this->d_post_json = true; } } + if (options.find("capath") != options.end()) this->d_capath = options.find("capath")->second; + if (options.find("cafile") != options.end()) this->d_cafile = options.find("cafile")->second; } HTTPConnector::~HTTPConnector() { @@ -60,6 +62,8 @@ size_t httpconnector_write_data(void *buffer, size_t size, size_t nmemb, void *u bool HTTPConnector::json2string(const rapidjson::Value &input, std::string &output) { if (input.IsString()) output = input.GetString(); else if (input.IsNull()) output = ""; + else if (input.IsUint64()) output = lexical_cast(input.GetUint64()); + else if (input.IsInt64()) output = lexical_cast(input.GetInt64()); else if (input.IsUint()) output = lexical_cast(input.GetUint()); else if (input.IsInt()) output = lexical_cast(input.GetInt()); else return false; @@ -186,10 +190,12 @@ void HTTPConnector::restful_requestbuilder(const std::string &method, const rapi curl_easy_setopt(d_c, CURLOPT_COPYPOSTFIELDS, out.c_str()); } else if (method == "feedRecord") { std::string out = buildMemberListArgs("rr", ¶meters["rr"], d_c); + addUrlComponent(parameters, "trxid", ss); curl_easy_setopt(d_c, CURLOPT_POSTFIELDSIZE, out.size()); curl_easy_setopt(d_c, CURLOPT_COPYPOSTFIELDS, out.c_str()); } else if (method == "feedEnts") { std::stringstream ss2; + addUrlComponent(parameters, "trxid", ss); for(rapidjson::Value::ConstValueIterator itr = parameters["nonterm"].Begin(); itr != parameters["nonterm"].End(); itr++) { tmpstr = curl_easy_escape(d_c, itr->GetString(), 0); ss2 << "nonterm[]=" << tmpstr << "&"; @@ -201,6 +207,7 @@ void HTTPConnector::restful_requestbuilder(const std::string &method, const rapi } else if (method == "feedEnts3") { std::stringstream ss2; addUrlComponent(parameters, "domain", ss); + addUrlComponent(parameters, "trxid", ss); ss2 << "times=" << parameters["times"].GetInt() << "&salt=" << parameters["salt"].GetString() << "&narrow=" << (parameters["narrow"].GetBool() ? 1 : 0) << "&"; for(rapidjson::Value::ConstValueIterator itr = parameters["nonterm"].Begin(); itr != parameters["nonterm"].End(); itr++) { tmpstr = curl_easy_escape(d_c, itr->GetString(), 0); @@ -317,6 +324,17 @@ int HTTPConnector::send_message(const rapidjson::Document &input) { d_data = ""; curl_easy_setopt(d_c, CURLOPT_NOSIGNAL, 1); curl_easy_setopt(d_c, CURLOPT_TIMEOUT, this->timeout); + + // turn off peer verification or set verification roots + if (d_capath.empty()) { + if (d_cafile.empty()) { + curl_easy_setopt(d_c, CURLOPT_SSL_VERIFYPEER, 0); + } else { + curl_easy_setopt(d_c, CURLOPT_CAINFO, d_cafile.c_str()); + } + } else { + curl_easy_setopt(d_c, CURLOPT_CAPATH, d_capath.c_str()); + } slist = NULL; diff --git a/modules/remotebackend/remotebackend.hh b/modules/remotebackend/remotebackend.hh index ee2f443d5b..c1758d8a4e 100644 --- a/modules/remotebackend/remotebackend.hh +++ b/modules/remotebackend/remotebackend.hh @@ -68,6 +68,8 @@ class HTTPConnector: public Connector { int timeout; bool d_post; bool d_post_json; + std::string d_capath; + std::string d_cafile; bool json2string(const rapidjson::Value &input, std::string &output); void restful_requestbuilder(const std::string &method, const rapidjson::Value ¶meters, struct curl_slist **slist); void post_requestbuilder(const rapidjson::Document &input, struct curl_slist **slist); @@ -133,6 +135,6 @@ class RemoteBackend : public DNSBackend bool d_dnssec; rapidjson::Document *d_result; int d_index; - time_t d_trxid; + int64_t d_trxid; }; #endif