NotificationsYou must be signed in to change notification settings
Fork0
Star0

Commit9f005c3

Felipe Zimmerle

committed

mlgoc: Adds option to enable or disable the SSL checks

Added the configuration option `InsecureNoCheckCert' to the mlogcconfiguration file. This option allow to establish connections ignoringSSL checks.

1 parent73d7955 commit9f005c3Copy full SHA for 9f005c3

File tree

2 files changed

+36

-6

lines changed

mlogc
- mlogc-default.conf
- mlogc.c

2 files changed

+36

-6

lines changed

`‎mlogc/mlogc-default.conf‎`

Lines changed: 7 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -96,3 +96,10 @@ ServerErrorTimeout 60`
`96`	`96`	`# KeepAlive 150`
`97`	`97`	`# KeepAliveTimeout 300`
`98`	`98`
	`99`	`+`
	`100`	`+# When set to '0', mlogc will validate the certificate and the whole`
	`101`	`+# chain, the root certificate most be trusted. If this check fail the`
	`102`	`+# connection will be dropped. To ignore the SSL checks, set InsecureNoCheckCert`
	`103`	`+# to '1'`
	`104`	`+InsecureNoCheckCert 1`
	`105`	`+`

`‎mlogc/mlogc.c‎`

Lines changed: 29 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -157,6 +157,7 @@ static apr_pool_t *thread_pool = NULL;`
`157`	`157`	`staticapr_pool_t*recv_pool=NULL;`
`158`	`158`	`staticapr_array_header_t*queue=NULL;`
`159`	`159`	`staticconstchar*queue_path=NULL;`
	`160`	`+staticintssl_validation=0;`
`160`	`161`	`/* static apr_time_t queue_time = 0; */`
`161`	`162`	`staticvoid*requestline_regex=NULL;`
`162`	`163`	`staticintrunning=0;`
`@@ -831,6 +832,20 @@ static void init_configuration(void)`
`831`	`832`	`"CheckpointInterval=%d",checkpoint_interval);`
`832`	`833`	`}`
`833`	`834`
	`835`	`+s=apr_table_get(conf,"InsecureNoCheckCert");`
	`836`	`+if (s!=NULL) {`
	`837`	`+intnum=atoi(s);`
	`838`	`+if (num)`
	`839`	`+ {`
	`840`	`+ssl_validation=0;`
	`841`	`+ }`
	`842`	`+else`
	`843`	`+ {`
	`844`	`+ssl_validation=1;`
	`845`	`+ }`
	`846`	`+error_log(LOG_DEBUG2,NULL,"InsecureNoCheckCert=%d",num);`
	`847`	`+ }`
	`848`	`+`
`834`	`849`	`s=apr_table_get(conf,"QueuePath");`
`835`	`850`	`if (s!=NULL) {`
`836`	`851`	`queue_path=file_path(s);`
`@@ -1216,16 +1231,24 @@ static void logc_init(void)`
`1216`	`1231`	`curl_easy_setopt(curl,CURLOPT_ERRORBUFFER, (char*)NULL);`
`1217`	`1232`	`curl_easy_setopt(curl,CURLOPT_URL,console_uri);`
`1218`	`1233`	`curl_easy_setopt(curl,CURLOPT_HTTPAUTH,CURLAUTH_BASIC);`
`1219`		`-curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER, FALSE);`
`1220`		`-curl_easy_setopt(curl,CURLOPT_SSL_VERIFYHOST,0);`
	`1234`	`+`
	`1235`	`+if (ssl_validation)`
	`1236`	`+ {`
	`1237`	`+curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,1);`
	`1238`	`+curl_easy_setopt(curl,CURLOPT_SSL_VERIFYHOST,1);`
	`1239`	`+ }`
	`1240`	`+else`
	`1241`	`+ {`
	`1242`	`+curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER, FALSE);`
	`1243`	`+curl_easy_setopt(curl,CURLOPT_SSL_VERIFYHOST,0);`
	`1244`	`+ }`
	`1245`	`+`
	`1246`	`+`
`1221`	`1247`	`/* Seems like CURL_SSLVERSION_TLSv1_2 is not supported on libcurl`
`1222`	`1248`	`* < v7.34.0`
`1223`	`1249`	`*/`
`1224`		`-#ifdefWITH_CURL_SSLVERSION_TLSv1_2`
`1225`		`-curl_easy_setopt(curl,CURLOPT_SSLVERSION,CURL_SSLVERSION_TLSv1_2);`
`1226`		`-#else`
`1227`	`1250`	`curl_easy_setopt(curl,CURLOPT_SSLVERSION,CURL_SSLVERSION_TLSv1);`
`1228`		`-#endif`
	`1251`	`+`
`1229`	`1252`	`curl_easy_setopt(curl,CURLOPT_CONNECTTIMEOUT,15);`
`1230`	`1253`	`curl_easy_setopt(curl,CURLOPT_NOSIGNAL, TRUE);`
`1231`	`1254`	`curl_easy_setopt(curl,CURLOPT_HEADER, TRUE);`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit9f005c3

File tree

2 files changed

2 files changed

`‎mlogc/mlogc-default.conf‎`

`‎mlogc/mlogc.c‎`

0 commit comments