From 53a9d6a4baa3eb9ee7415e46ee6b8612d962a343 Mon Sep 17 00:00:00 2001 From: Adam Sutton Date: Wed, 6 Feb 2013 16:17:51 +0000 Subject: [PATCH] Fix #1574 - imagecache: add option to ignore all invalid SSL certificates --- src/imagecache.c | 37 ++++++++++++++++++++++++++-------- src/imagecache.h | 3 +++ src/webui/extjs.c | 3 +++ src/webui/static/app/config.js | 10 +++++++-- 4 files changed, 43 insertions(+), 10 deletions(-) diff --git a/src/imagecache.c b/src/imagecache.c index 53198945..44bd6506 100644 --- a/src/imagecache.c +++ b/src/imagecache.c @@ -76,6 +76,7 @@ static void _imagecache_save ( imagecache_image_t *img ); uint32_t imagecache_enabled; uint32_t imagecache_ok_period; uint32_t imagecache_fail_period; +uint32_t imagecache_ignore_sslcert; static pthread_cond_t _imagecache_cond; static TAILQ_HEAD(, imagecache_image) _imagecache_queue; @@ -106,11 +107,12 @@ void imagecache_init ( void ) uint32_t id; /* Init vars */ - _imagecache_id = 0; + _imagecache_id = 0; #if ENABLE_IMAGECACHE - imagecache_enabled = 0; - imagecache_ok_period = 24 * 7; // weekly - imagecache_fail_period = 24; // daily + imagecache_enabled = 0; + imagecache_ok_period = 24 * 7; // weekly + imagecache_fail_period = 24; // daily + imagecache_ignore_sslcert = 0; #endif /* Create threads */ @@ -126,6 +128,7 @@ void imagecache_init ( void ) htsmsg_get_u32(m, "enabled", &imagecache_enabled); htsmsg_get_u32(m, "ok_period", &imagecache_ok_period); htsmsg_get_u32(m, "fail_period", &imagecache_fail_period); + htsmsg_get_u32(m, "ignore_sslcert", &imagecache_ignore_sslcert); htsmsg_destroy(m); } #endif @@ -173,9 +176,10 @@ void imagecache_init ( void ) void imagecache_save ( void ) { htsmsg_t *m = htsmsg_create_map(); - htsmsg_add_u32(m, "enabled", imagecache_enabled); - htsmsg_add_u32(m, "ok_period", imagecache_ok_period); - htsmsg_add_u32(m, "fail_period", imagecache_fail_period); + htsmsg_add_u32(m, "enabled", imagecache_enabled); + htsmsg_add_u32(m, "ok_period", imagecache_ok_period); + htsmsg_add_u32(m, "fail_period", imagecache_fail_period); + htsmsg_add_u32(m, "ignore_sslcert", imagecache_ignore_sslcert); hts_settings_save(m, "imagecache/config"); } @@ -213,6 +217,17 @@ int imagecache_set_fail_period ( uint32_t p ) imagecache_fail_period = p; return 1; } + +/* + * Set ignore SSL cert + */ +int imagecache_set_ignore_sslcert ( uint32_t p ) +{ + if (p == imagecache_ignore_sslcert) + return 0; + imagecache_ignore_sslcert = p; + return 1; +} #endif /* @@ -406,7 +421,8 @@ static int _imagecache_fetch ( imagecache_image_t *img ) if (!(fp = fopen(tmp, "wb"))) return 1; - /* Fetch file */ + /* Build command */ + pthread_mutex_lock(&imagecache_mutex); tvhlog(LOG_DEBUG, "imagecache", "fetch %s", img->url); curl = curl_easy_init(); curl_easy_setopt(curl, CURLOPT_URL, img->url); @@ -415,6 +431,11 @@ static int _imagecache_fetch ( imagecache_image_t *img ) curl_easy_setopt(curl, CURLOPT_TIMEOUT, 120); curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1); curl_easy_setopt(curl, CURLOPT_FAILONERROR, 1); + if (imagecache_ignore_sslcert) + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0); + pthread_mutex_unlock(&imagecache_mutex); + + /* Fetch */ res = curl_easy_perform(curl); curl_easy_cleanup(curl); fclose(fp); diff --git a/src/imagecache.h b/src/imagecache.h index 5776f46f..c96b3186 100644 --- a/src/imagecache.h +++ b/src/imagecache.h @@ -24,6 +24,7 @@ extern uint32_t imagecache_enabled; extern uint32_t imagecache_ok_period; extern uint32_t imagecache_fail_period; +extern uint32_t imagecache_ignore_sslcert; extern pthread_mutex_t imagecache_mutex; @@ -37,6 +38,8 @@ int imagecache_set_ok_period ( uint32_t e ) __attribute__((warn_unused_result)); int imagecache_set_fail_period ( uint32_t e ) __attribute__((warn_unused_result)); +int imagecache_set_ignore_sslcert ( uint32_t e ) + __attribute__((warn_unused_result)); // Note: will return 0 if invalid (must serve original URL) uint32_t imagecache_get_id ( const char *url ); diff --git a/src/webui/extjs.c b/src/webui/extjs.c index 8f1be797..c11ec87a 100644 --- a/src/webui/extjs.c +++ b/src/webui/extjs.c @@ -1982,6 +1982,7 @@ extjs_config(http_connection_t *hc, const char *remain, void *opaque) htsmsg_add_u32(m, "imagecache_enabled", imagecache_enabled); htsmsg_add_u32(m, "imagecache_ok_period", imagecache_ok_period); htsmsg_add_u32(m, "imagecache_fail_period", imagecache_fail_period); + htsmsg_add_u32(m, "imagecache_ignore_sslcert", imagecache_ignore_sslcert); pthread_mutex_unlock(&imagecache_mutex); #endif @@ -2011,6 +2012,8 @@ extjs_config(http_connection_t *hc, const char *remain, void *opaque) save |= imagecache_set_ok_period(atoi(str)); if ((str = http_arg_get(&hc->hc_req_args, "imagecache_fail_period"))) save |= imagecache_set_fail_period(atoi(str)); + str = http_arg_get(&hc->hc_req_args, "imagecache_ignore_sslcert"); + save |= imagecache_set_ignore_sslcert(!!str); if (save) imagecache_save(); pthread_mutex_unlock(&imagecache_mutex); diff --git a/src/webui/static/app/config.js b/src/webui/static/app/config.js index b71a4a5d..183b8eef 100644 --- a/src/webui/static/app/config.js +++ b/src/webui/static/app/config.js @@ -39,7 +39,7 @@ tvheadend.miscconf = function() { root : 'config' }, [ 'muxconfpath', 'language', 'imagecache_enabled', 'imagecache_ok_period', - 'imagecache_fail_period']); + 'imagecache_fail_period', 'imagecache_ignore_sslcert']); /* **************************************************************** * Form Fields @@ -93,12 +93,18 @@ tvheadend.miscconf = function() { fieldLabel: 'Re-try period (hours)', }); + var imagecacheIgnoreSSLCert = new Ext.form.Checkbox({ + name: 'imagecache_ignore_sslcert', + fieldLabel: 'Ignore invalid SSL certificate' + }); + var imagecachePanel = new Ext.form.FieldSet({ title: 'Image Caching', width: 700, autoHeight: true, collapsible: true, - items : [ imagecacheEnabled, imagecacheOkPeriod, imagecacheFailPeriod ] + items : [ imagecacheEnabled, imagecacheOkPeriod, imagecacheFailPeriod, + imagecacheIgnoreSSLCert ] }); if (tvheadend.capabilities.indexOf('imagecache') == -1) imagecachePanel.hide();