diff --git a/config.c b/config.c index 82c3418..473407d 100644 --- a/config.c +++ b/config.c @@ -495,6 +495,38 @@ int get_global_config(struct config *conf) { return error; } + if((error = uci_get_value(UCI_ACS_SSL_CAPATH,&value)) == CWMP_OK) + { + if(value != NULL) + { + if (conf->acs_ssl_capath != NULL) + { + free(conf->acs_ssl_capath); + } + conf->acs_ssl_capath = value; + value = NULL; + } + } + else + { + FREE(conf->acs_ssl_capath); + } + if((error = uci_get_value(UCI_ACS_SSL_VERSION,&value)) == CWMP_OK) + { + if(value != NULL) + { + if (conf->acs_ssl_version != NULL) + { + free(conf->acs_ssl_version); + } + conf->acs_ssl_version = value; + value = NULL; + } + } + else + { + FREE(conf->acs_ssl_version); + } if((error = uci_get_value(UCI_CPE_INTERFACE_PATH,&value)) == CWMP_OK) { if(value != NULL) diff --git a/http.c b/http.c index 769c413..49385f3 100644 --- a/http.c +++ b/http.c @@ -162,6 +162,7 @@ http_send_message(struct cwmp *cwmp, char *msg_out, char **msg_in) long http_code = 0; static char *ip_acs = NULL; char *ip = NULL; + char errbuf[CURL_ERROR_SIZE]; curl_easy_setopt(curl, CURLOPT_URL, http_c.url); curl_easy_setopt(curl, CURLOPT_USERNAME, cwmp->conf.acs_userid); curl_easy_setopt(curl, CURLOPT_PASSWORD, cwmp->conf.acs_passwd); @@ -183,16 +184,44 @@ http_send_message(struct cwmp *cwmp, char *msg_out, char **msg_in) # ifdef DEVEL curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); # endif + curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errbuf); curl_easy_setopt(curl, CURLOPT_COOKIEFILE, fc_cookies); curl_easy_setopt(curl, CURLOPT_COOKIEJAR, fc_cookies); - /* TODO: ssl config (from freecwmp) and test it with real ACS configuration */ + if (cwmp->conf.acs_ssl_version) { + if (strcmp(cwmp->conf.acs_ssl_version, "sslv3") == 0) + curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv3); + else if (strcmp(cwmp->conf.acs_ssl_version, "sslv2") == 0) + curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv2); + else if (strcmp(cwmp->conf.acs_ssl_version, "tlsv1") == 0) + curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1); + else if (strcmp(cwmp->conf.acs_ssl_version, "tlsv1.0") == 0) + curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_0); + else if (strcmp(cwmp->conf.acs_ssl_version, "tlsv1.1") == 0) + curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_1); + else if (strcmp(cwmp->conf.acs_ssl_version, "tlsv1.2") == 0) + curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2); + } + + if (cwmp->conf.acs_ssl_capath) + curl_easy_setopt(curl, CURLOPT_CAPATH, cwmp->conf.acs_ssl_capath); + *msg_in = (char *) calloc (1, sizeof(char)); res = curl_easy_perform(curl); + if(res != CURLE_OK) { + size_t len = strlen(errbuf); + if(len) { + if (errbuf[len - 1] == '\n') errbuf[len - 1] = '\0'; + CWMP_LOG(ERROR,"libcurl: (%d) %s", res, errbuf); + } else { + CWMP_LOG(ERROR,"libcurl: (%d) %s", res, curl_easy_strerror(res)); + } + } + if (!strlen(*msg_in)) FREE(*msg_in); diff --git a/inc/cwmp.h b/inc/cwmp.h index 2530301..4a99156 100644 --- a/inc/cwmp.h +++ b/inc/cwmp.h @@ -40,6 +40,8 @@ #define UCI_ACS_USERID_PATH "cwmp.acs.userid" #define UCI_ACS_PASSWD_PATH "cwmp.acs.passwd" #define UCI_ACS_PARAMETERKEY_PATH "cwmp.acs.ParameterKey" +#define UCI_ACS_SSL_CAPATH "cwmp.acs.ssl_capath" +#define UCI_ACS_SSL_VERSION "cwmp.acs.ssl_version" #define UCI_LOG_SEVERITY_PATH "cwmp.cpe.log_severity" #define UCI_CPE_USERID_PATH "cwmp.cpe.userid" #define UCI_CPE_PASSWD_PATH "cwmp.cpe.passwd" @@ -50,6 +52,8 @@ #define UCI_CPE_LOG_MAX_SIZE "cwmp.cpe.log_max_size" #define UCI_CPE_ENABLE_STDOUT_LOG "cwmp.cpe.log_to_console" #define UCI_CPE_ENABLE_FILE_LOG "cwmp.cpe.log_to_file" +#define DM_SOFTWARE_VERSION_PATH "InternetGatewayDevice.DeviceInfo.SoftwareVersion" + enum end_session { END_SESSION_REBOOT = 1,