mirror/icwmp
1
0
Fork 0
mirror of https://dev.iopsys.eu/bbf/icwmp.git synced 2026-03-11 11:38:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Bugg #7711: CWMP: Broken ssl

Browse source
This commit is contained in:
Anis Ellouze 2015-09-09 17:08:22 +01:00 committed by MOHAMED KALLEL
parent a28ffb1b34
commit ca9c1bdfdf
3 changed files with 66 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
config.c
View file

@ -495,6 +495,38 @@ int get_global_config(struct config *conf)
{
return error;
}
if((error = uci_get_value(UCI_ACS_SSL_CAPATH,&value)) == CWMP_OK)
{
if(value != NULL)
{
if (conf->acs_ssl_capath != NULL)
{
free(conf->acs_ssl_capath);
}
conf->acs_ssl_capath = value;
value = NULL;
}
}
else
{
FREE(conf->acs_ssl_capath);
}
if((error = uci_get_value(UCI_ACS_SSL_VERSION,&value)) == CWMP_OK)
{
if(value != NULL)
{
if (conf->acs_ssl_version != NULL)
{
free(conf->acs_ssl_version);
}
conf->acs_ssl_version = value;
value = NULL;
}
}
else
{
FREE(conf->acs_ssl_version);
}
if((error = uci_get_value(UCI_CPE_INTERFACE_PATH,&value)) == CWMP_OK)
{
if(value != NULL)

31
http.c
View file

@ -162,6 +162,7 @@ http_send_message(struct cwmp *cwmp, char *msg_out, char **msg_in)
long http_code = 0;
static char *ip_acs = NULL;
char *ip = NULL;
char errbuf[CURL_ERROR_SIZE];
curl_easy_setopt(curl, CURLOPT_URL, http_c.url);
curl_easy_setopt(curl, CURLOPT_USERNAME, cwmp->conf.acs_userid);
curl_easy_setopt(curl, CURLOPT_PASSWORD, cwmp->conf.acs_passwd);
@ -183,16 +184,44 @@ http_send_message(struct cwmp *cwmp, char *msg_out, char **msg_in)
# ifdef DEVEL
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
# endif
curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errbuf);
curl_easy_setopt(curl, CURLOPT_COOKIEFILE, fc_cookies);
curl_easy_setopt(curl, CURLOPT_COOKIEJAR, fc_cookies);
/* TODO: ssl config (from freecwmp) and test it with real ACS configuration */
if (cwmp->conf.acs_ssl_version) {
if (strcmp(cwmp->conf.acs_ssl_version, "sslv3") == 0)
curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv3);
else if (strcmp(cwmp->conf.acs_ssl_version, "sslv2") == 0)
curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv2);
else if (strcmp(cwmp->conf.acs_ssl_version, "tlsv1") == 0)
curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
else if (strcmp(cwmp->conf.acs_ssl_version, "tlsv1.0") == 0)
curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_0);
else if (strcmp(cwmp->conf.acs_ssl_version, "tlsv1.1") == 0)
curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_1);
else if (strcmp(cwmp->conf.acs_ssl_version, "tlsv1.2") == 0)
curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
}
if (cwmp->conf.acs_ssl_capath)
curl_easy_setopt(curl, CURLOPT_CAPATH, cwmp->conf.acs_ssl_capath);
*msg_in = (char *) calloc (1, sizeof(char));
res = curl_easy_perform(curl);
if(res != CURLE_OK) {
size_t len = strlen(errbuf);
if(len) {
if (errbuf[len - 1] == '\n') errbuf[len - 1] = '\0';
CWMP_LOG(ERROR,"libcurl: (%d) %s", res, errbuf);
} else {
CWMP_LOG(ERROR,"libcurl: (%d) %s", res, curl_easy_strerror(res));
}
}
if (!strlen(*msg_in))
FREE(*msg_in);

4
inc/cwmp.h
View file

@ -40,6 +40,8 @@
#define UCI_ACS_USERID_PATH "cwmp.acs.userid"
#define UCI_ACS_PASSWD_PATH "cwmp.acs.passwd"
#define UCI_ACS_PARAMETERKEY_PATH "cwmp.acs.ParameterKey"
#define UCI_ACS_SSL_CAPATH "cwmp.acs.ssl_capath"
#define UCI_ACS_SSL_VERSION "cwmp.acs.ssl_version"
#define UCI_LOG_SEVERITY_PATH "cwmp.cpe.log_severity"
#define UCI_CPE_USERID_PATH "cwmp.cpe.userid"
#define UCI_CPE_PASSWD_PATH "cwmp.cpe.passwd"
@ -50,6 +52,8 @@
#define UCI_CPE_LOG_MAX_SIZE "cwmp.cpe.log_max_size"
#define UCI_CPE_ENABLE_STDOUT_LOG "cwmp.cpe.log_to_console"
#define UCI_CPE_ENABLE_FILE_LOG "cwmp.cpe.log_to_file"
#define DM_SOFTWARE_VERSION_PATH "InternetGatewayDevice.DeviceInfo.SoftwareVersion"
enum end_session {
END_SESSION_REBOOT = 1,