# HG changeset patch # User Sebastien Jodogne # Date 1561541365 -7200 # Node ID 25292488ff8f245e76e2f2c4ec918eeb12d69e4c # Parent 11368fbbce2abd242b81837c53e9318c605ddbeb using option HttpsVerifyPeers from Orthanc configuration diff -r 11368fbbce2a -r 25292488ff8f Plugin/GoogleConfiguration.cpp --- a/Plugin/GoogleConfiguration.cpp Thu Jun 20 11:38:22 2019 +0200 +++ b/Plugin/GoogleConfiguration.cpp Wed Jun 26 11:29:25 2019 +0200 @@ -47,7 +47,8 @@ { OrthancPlugins::OrthancConfiguration configuration; caInfo_ = configuration.GetStringValue("HttpsCACertificates", ""); - + httpsVerifyPeers_ = configuration.GetBooleanValue("HttpsVerifyPeers", true); + { #if HAS_ORTHANC_FRAMEWORK_1_5_7 == 1 OrthancPlugins::OrthancConfiguration dicomWeb(false); diff -r 11368fbbce2a -r 25292488ff8f Plugin/GoogleConfiguration.h --- a/Plugin/GoogleConfiguration.h Thu Jun 20 11:38:22 2019 +0200 +++ b/Plugin/GoogleConfiguration.h Wed Jun 26 11:29:25 2019 +0200 @@ -43,6 +43,7 @@ std::vector accounts_; unsigned int timeoutSeconds_; unsigned int refreshIntervalSeconds_; + bool httpsVerifyPeers_; GoogleConfiguration(); // Singleton pattern @@ -88,5 +89,10 @@ return timeoutSeconds_; } + bool IsHttpsVerifyPeers() const + { + return httpsVerifyPeers_; + } + static const GoogleConfiguration& GetInstance(); }; diff -r 11368fbbce2a -r 25292488ff8f Plugin/GoogleUpdater.cpp --- a/Plugin/GoogleUpdater.cpp Thu Jun 20 11:38:22 2019 +0200 +++ b/Plugin/GoogleUpdater.cpp Wed Jun 26 11:29:25 2019 +0200 @@ -54,11 +54,28 @@ long timeout = static_cast(configuration.GetTimeoutSeconds()); - if ((!configuration.GetCaInfo().empty() && - curl_easy_setopt(handle.get(), CURLOPT_CAINFO, configuration.GetCaInfo().c_str()) != CURLE_OK) || - curl_easy_setopt(handle.get(), CURLOPT_SSL_VERIFYHOST, 2) != CURLE_OK || - curl_easy_setopt(handle.get(), CURLOPT_SSL_VERIFYPEER, 1) != CURLE_OK || - curl_easy_setopt(handle.get(), CURLOPT_TIMEOUT, timeout) != CURLE_OK) + if (!configuration.GetCaInfo().empty() && + curl_easy_setopt(handle.get(), CURLOPT_CAINFO, configuration.GetCaInfo().c_str()) != CURLE_OK) + { + throw Orthanc::OrthancException(Orthanc::ErrorCode_InternalError, + "Cannot set the trusted Certificate Authorities"); + } + + bool ok; + + if (configuration.IsHttpsVerifyPeers()) + { + ok = (curl_easy_setopt(handle.get(), CURLOPT_SSL_VERIFYHOST, 2) == CURLE_OK && + curl_easy_setopt(handle.get(), CURLOPT_SSL_VERIFYPEER, 1) == CURLE_OK && + curl_easy_setopt(handle.get(), CURLOPT_TIMEOUT, timeout) == CURLE_OK); + } + else + { + ok = (curl_easy_setopt(handle.get(), CURLOPT_SSL_VERIFYHOST, 0) == CURLE_OK && + curl_easy_setopt(handle.get(), CURLOPT_SSL_VERIFYPEER, 0) == CURLE_OK); + } + + if (!ok) { throw Orthanc::OrthancException(Orthanc::ErrorCode_InternalError, "Cannot initialize a libcurl handle"); @@ -96,20 +113,27 @@ { std::shared_ptr credentials; - switch (account->GetType()) + try { - case GoogleAccount::Type_ServiceAccount: - credentials = std::make_shared>(account->GetServiceAccount()); - break; + switch (account->GetType()) + { + case GoogleAccount::Type_ServiceAccount: + credentials = std::make_shared>(account->GetServiceAccount()); + break; - case GoogleAccount::Type_AuthorizedUser: - credentials = std::make_shared>(account->GetAuthorizedUser()); - break; + case GoogleAccount::Type_AuthorizedUser: + credentials = std::make_shared>(account->GetAuthorizedUser()); + break; - default: - throw Orthanc::OrthancException(Orthanc::ErrorCode_NotImplemented); + default: + throw Orthanc::OrthancException(Orthanc::ErrorCode_NotImplemented); + } + } + catch (Orthanc::OrthancException& e) + { + credentials.reset(); } if (credentials.get() == NULL)