mirror of https://github.com/SeanOMik/znc-push.git
Merge pull request #57 from Kami/specify_curl_ssl_options_update_readme
Force older versions of cURL to verify server SSL certificate, update readme, add module version to the User-Agent header
This commit is contained in:
commit
2a5242b139
21
README.md
21
README.md
|
@ -31,9 +31,8 @@ ZNC Push was created by [John Reese](http://johnmreese.com) and designed to fill
|
||||||
personal need. It may not fit your use cases, but any and all feedback would be greatly
|
personal need. It may not fit your use cases, but any and all feedback would be greatly
|
||||||
appreciated.
|
appreciated.
|
||||||
|
|
||||||
|
Dependencies
|
||||||
Compiling
|
------------
|
||||||
---------
|
|
||||||
|
|
||||||
If you have installed ZNC from a Linux distribution's repository, you will most likely
|
If you have installed ZNC from a Linux distribution's repository, you will most likely
|
||||||
need to install the development package before building this module. On Ubuntu, this can
|
need to install the development package before building this module. On Ubuntu, this can
|
||||||
|
@ -41,6 +40,17 @@ be installed with:
|
||||||
|
|
||||||
$ sudo aptitude install znc-dev
|
$ sudo aptitude install znc-dev
|
||||||
|
|
||||||
|
Optionally, if you want to use libcurl for http requests, you also need to install cURL
|
||||||
|
development header files.
|
||||||
|
|
||||||
|
On Ubuntu, development headers can be installed by installing `libcurl3-dev` or
|
||||||
|
`libcurl4-openssl-dev` package:
|
||||||
|
|
||||||
|
$ sudo aptitude install libcurl4-openssl-dev
|
||||||
|
|
||||||
|
Compiling
|
||||||
|
---------
|
||||||
|
|
||||||
If you have `make` installed, you can compile the module with:
|
If you have `make` installed, you can compile the module with:
|
||||||
|
|
||||||
$ make
|
$ make
|
||||||
|
@ -59,13 +69,16 @@ If you would like to compile ZNC Push using libcurl for http requests, you must
|
||||||
If libcurl is not in the default system library paths, you will need to populate `$CXXFLAGS`
|
If libcurl is not in the default system library paths, you will need to populate `$CXXFLAGS`
|
||||||
with the appropriate GCC flags so that it can find and link ZNC Push with libcurl.
|
with the appropriate GCC flags so that it can find and link ZNC Push with libcurl.
|
||||||
|
|
||||||
|
Note: You are strongly encouraged to use libcurl transport. The reason for that is, that
|
||||||
|
the default CSocket transport doesn't verify server's SSL certificate which leaves you
|
||||||
|
vulnerable to MITM attacks.
|
||||||
|
|
||||||
Installation
|
Installation
|
||||||
------------
|
------------
|
||||||
|
|
||||||
Copy the compiled module into your ZNC profile:
|
Copy the compiled module into your ZNC profile:
|
||||||
|
|
||||||
$ cp push.so ~/.znc/modules/
|
$ make install
|
||||||
|
|
||||||
Now, load the module in ZNC:
|
Now, load the module in ZNC:
|
||||||
|
|
||||||
|
|
9
push.cpp
9
push.cpp
|
@ -52,7 +52,7 @@ class CPushSocket : public CSocket
|
||||||
parent = (CPushMod*) p;
|
parent = (CPushMod*) p;
|
||||||
first = true;
|
first = true;
|
||||||
crlf = "\r\n";
|
crlf = "\r\n";
|
||||||
user_agent = "ZNC Push";
|
user_agent = "ZNC Push/" + CString(PUSHVERSION);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Implemented after CPushMod
|
// Implemented after CPushMod
|
||||||
|
@ -1500,6 +1500,8 @@ CURLcode make_curl_request(const CString& service_host, const CString& service_u
|
||||||
|
|
||||||
curl = curl_easy_init();
|
curl = curl_easy_init();
|
||||||
|
|
||||||
|
CString user_agent = "ZNC Push/" + CString(PUSHVERSION);
|
||||||
|
|
||||||
CString url = CString(use_ssl ? "https" : "http") + "://" + service_host + service_url;
|
CString url = CString(use_ssl ? "https" : "http") + "://" + service_host + service_url;
|
||||||
CString query = build_query_string(params);
|
CString query = build_query_string(params);
|
||||||
|
|
||||||
|
@ -1508,9 +1510,12 @@ CURLcode make_curl_request(const CString& service_host, const CString& service_u
|
||||||
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
|
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L);
|
||||||
|
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 2L);
|
||||||
|
|
||||||
curl_easy_setopt(curl, CURLOPT_URL, url.data());
|
curl_easy_setopt(curl, CURLOPT_URL, url.data());
|
||||||
curl_easy_setopt(curl, CURLOPT_PORT, port);
|
curl_easy_setopt(curl, CURLOPT_PORT, port);
|
||||||
curl_easy_setopt(curl, CURLOPT_USERAGENT, "ZNC Push");
|
curl_easy_setopt(curl, CURLOPT_USERAGENT, user_agent.c_str());
|
||||||
curl_easy_setopt(curl, CURLOPT_TIMEOUT, 3); // three seconds ought to be good enough for anyone, eh?
|
curl_easy_setopt(curl, CURLOPT_TIMEOUT, 3); // three seconds ought to be good enough for anyone, eh?
|
||||||
|
|
||||||
if (service_auth != "")
|
if (service_auth != "")
|
||||||
|
|
Loading…
Reference in New Issue