From e00dd9b205a4763873fbdf059bc2d48d3d314955 Mon Sep 17 00:00:00 2001
From: "imen.bhiri" <imen.bhiri@pivasoftware.com>
Date: Fri, 8 Jan 2016 11:44:49 +0100
Subject: [PATCH] add configuration otion to enable insecure mode

---
 config.c   | 11 +++++++++++
 http.c     |  4 ++++
 inc/cwmp.h |  2 ++
 3 files changed, 17 insertions(+)

diff --git a/config.c b/config.c
index c3b8884..a30e4cc 100644
--- a/config.c
+++ b/config.c
@@ -511,6 +511,17 @@ int get_global_config(struct config *conf)
     {
         FREE(conf->acs_ssl_capath);
     }
+    if((error = uci_get_value(UCI_ACS_INSECURE_ENABLE,&value)) == CWMP_OK)
+    {
+        if(value != NULL)
+        {			
+            if ((strcasecmp(value,"true")==0) || (strcmp(value,"1")==0))
+            {
+                conf->insecure_enable = true;
+            }			
+            value = NULL;
+        }
+    }
     if((error = uci_get_value(UCI_ACS_SSL_VERSION,&value)) == CWMP_OK)
     {
         if(value != NULL)
diff --git a/http.c b/http.c
index d6e2ae5..5ffffcb 100644
--- a/http.c
+++ b/http.c
@@ -191,6 +191,10 @@ http_send_message(struct cwmp *cwmp, char *msg_out, char **msg_in)
 	
 	if (cwmp->conf.acs_ssl_capath)
 		curl_easy_setopt(curl, CURLOPT_CAPATH,  cwmp->conf.acs_ssl_capath);
+	if (cwmp->conf.insecure_enable) {
+		curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, false);
+		curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);		
+	}
 		
 	*msg_in = (char *) calloc (1, sizeof(char));
 
diff --git a/inc/cwmp.h b/inc/cwmp.h
index 0bd62c0..3eac581 100644
--- a/inc/cwmp.h
+++ b/inc/cwmp.h
@@ -41,6 +41,7 @@
 #define UCI_ACS_PASSWD_PATH					"cwmp.acs.passwd"
 #define UCI_ACS_PARAMETERKEY_PATH			"cwmp.acs.ParameterKey"
 #define UCI_ACS_SSL_CAPATH					"cwmp.acs.ssl_capath"
+#define UCI_ACS_INSECURE_ENABLE				"cwmp.acs.insecure_enable" 
 #define UCI_ACS_SSL_VERSION			 		"cwmp.acs.ssl_version"
 #define UCI_LOG_SEVERITY_PATH				"cwmp.cpe.log_severity"
 #define UCI_CPE_USERID_PATH					"cwmp.cpe.userid"
@@ -138,6 +139,7 @@ typedef struct config {
     int                                 period;
     time_t                              time;
     bool                                periodic_enable;
+    bool                                insecure_enable;
 } config;
 
 typedef struct env {