aboutsummaryrefslogtreecommitdiff
path: root/backends
diff options
context:
space:
mode:
Diffstat (limited to 'backends')
-rw-r--r--backends/networking/curl/connectionmanager.cpp24
-rw-r--r--backends/networking/curl/connectionmanager.h3
-rw-r--r--backends/networking/curl/networkreadstream.cpp10
3 files changed, 37 insertions, 0 deletions
diff --git a/backends/networking/curl/connectionmanager.cpp b/backends/networking/curl/connectionmanager.cpp
index 557fcf06eb..21381d9a3d 100644
--- a/backends/networking/curl/connectionmanager.cpp
+++ b/backends/networking/curl/connectionmanager.cpp
@@ -26,6 +26,7 @@
#include "backends/networking/curl/connectionmanager.h"
#include "backends/networking/curl/networkreadstream.h"
#include "common/debug.h"
+#include "common/fs.h"
#include "common/system.h"
#include "common/timer.h"
@@ -98,6 +99,29 @@ uint32 ConnectionManager::getCloudRequestsPeriodInMicroseconds() {
return TIMER_INTERVAL * CLOUD_PERIOD;
}
+const char *ConnectionManager::getCaCertPath() {
+#if defined(DATA_PATH)
+ static enum {
+ kNotInitialized,
+ kFileNotFound,
+ kFileExists
+ } state = kNotInitialized;
+
+ if (state == kNotInitialized) {
+ Common::FSNode node(DATA_PATH"/cacert.pem");
+ state = node.exists() ? kFileExists : kFileNotFound;
+ }
+
+ if (state == kFileExists) {
+ return DATA_PATH"/cacert.pem";
+ } else {
+ return nullptr;
+ }
+#else
+ return nullptr;
+#endif
+}
+
//private goes here:
void connectionsThread(void *ignored) {
diff --git a/backends/networking/curl/connectionmanager.h b/backends/networking/curl/connectionmanager.h
index 6c261b8c63..a01d115c2c 100644
--- a/backends/networking/curl/connectionmanager.h
+++ b/backends/networking/curl/connectionmanager.h
@@ -118,6 +118,9 @@ public:
Common::String urlEncode(Common::String s) const;
static uint32 getCloudRequestsPeriodInMicroseconds();
+
+ /** Return the path to the CA certificates bundle. */
+ static const char *getCaCertPath();
};
/** Shortcut for accessing the connection manager. */
diff --git a/backends/networking/curl/networkreadstream.cpp b/backends/networking/curl/networkreadstream.cpp
index b41a3c37b7..b8f06b728f 100644
--- a/backends/networking/curl/networkreadstream.cpp
+++ b/backends/networking/curl/networkreadstream.cpp
@@ -91,6 +91,11 @@ void NetworkReadStream::init(const char *url, curl_slist *headersList, const byt
curl_easy_setopt(_easy, CURLOPT_SSL_VERIFYPEER, 0);
#endif
+ const char *caCertPath = ConnMan.getCaCertPath();
+ if (caCertPath) {
+ curl_easy_setopt(_easy, CURLOPT_CAINFO, caCertPath);
+ }
+
#if LIBCURL_VERSION_NUM >= 0x072000
// CURLOPT_XFERINFOFUNCTION introduced in libcurl 7.32.0
// CURLOPT_PROGRESSFUNCTION is used as a backup plan in case older version is used
@@ -149,6 +154,11 @@ void NetworkReadStream::init(const char *url, curl_slist *headersList, Common::H
curl_easy_setopt(_easy, CURLOPT_SSL_VERIFYPEER, 0);
#endif
+ const char *caCertPath = ConnMan.getCaCertPath();
+ if (caCertPath) {
+ curl_easy_setopt(_easy, CURLOPT_CAINFO, caCertPath);
+ }
+
#if LIBCURL_VERSION_NUM >= 0x072000
// CURLOPT_XFERINFOFUNCTION introduced in libcurl 7.32.0
// CURLOPT_PROGRESSFUNCTION is used as a backup plan in case older version is used