desktop/source/lib/init.cxx | 3 +++
include/tools/hostfilter.hxx | 4 ++++
tools/source/inet/hostfilter.cxx | 11 +++++++++++
ucb/source/ucp/webdav-curl/CurlSession.cxx | 5 +++++
4 files changed, 23 insertions(+)
New commits:
commit 2a5c998d4cdfd54ba65b93318292dab542beaabd
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Tue Jun 4 21:17:59 2024 +0100
Commit: Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Fri Aug 23 21:52:26 2024 +0200
allow an exemption to be made for a specific host
Change-Id: Ie423df7839e793a9c07561efb56d5649876947ee
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/168826
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
Reviewed-by: Andras Timar <andras.ti...@collabora.com>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/172328
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
Tested-by: Caolán McNamara <caolan.mcnam...@collabora.com>
diff --git a/desktop/source/lib/init.cxx b/desktop/source/lib/init.cxx
index 2d9f489b6c74..f06cffe5eaae 100644
--- a/desktop/source/lib/init.cxx
+++ b/desktop/source/lib/init.cxx
@@ -2825,6 +2825,9 @@ static LibreOfficeKitDocument*
lo_documentLoadWithOptions(LibreOfficeKit* pThis,
OutputDevice::StartTrackingFontMappingUse();
+ if (const char* pExemptVerifyHost = ::getenv("LOK_EXEMPT_VERIFY_HOST"))
+ HostFilter::setExemptVerifyHost(OUString(pExemptVerifyHost,
strlen(pExemptVerifyHost), RTL_TEXTENCODING_UTF8));
+
const int nThisDocumentId = nDocumentIdCounter++;
SfxViewShell::SetCurrentDocId(ViewShellDocId(nThisDocumentId));
uno::Reference<lang::XComponent> xComponent =
xComponentLoader->loadComponentFromURL(
diff --git a/include/tools/hostfilter.hxx b/include/tools/hostfilter.hxx
index afbf885b0cb4..ca2d91355986 100644
--- a/include/tools/hostfilter.hxx
+++ b/include/tools/hostfilter.hxx
@@ -21,6 +21,10 @@ public:
static void setAllowedHostsRegex(const char* sAllowedRegex);
static bool isForbidden(const OUString& rHost);
+
+ static void setExemptVerifyHost(const OUString& rExemptVerifyHost);
+
+ static bool isExemptVerifyHost(const std::u16string_view rHost);
};
#endif
diff --git a/tools/source/inet/hostfilter.cxx b/tools/source/inet/hostfilter.cxx
index 5bc63d42cfb7..e13e3d66cab6 100644
--- a/tools/source/inet/hostfilter.cxx
+++ b/tools/source/inet/hostfilter.cxx
@@ -11,6 +11,7 @@
#include <regex>
static std::regex g_AllowedHostsRegex("");
+static OUString g_ExceptVerifyHost;
static bool g_AllowedHostsSet = false;
void HostFilter::setAllowedHostsRegex(const char* sAllowedRegex)
@@ -28,4 +29,14 @@ bool HostFilter::isForbidden(const OUString& rHost)
return !std::regex_match(rHost.toUtf8().getStr(), g_AllowedHostsRegex);
}
+void HostFilter::setExemptVerifyHost(const OUString& rExemptVerifyHost)
+{
+ g_ExceptVerifyHost = rExemptVerifyHost;
+}
+
+bool HostFilter::isExemptVerifyHost(const std::u16string_view rHost)
+{
+ return rHost == g_ExceptVerifyHost;
+}
+
/* vim:set shiftwidth=4 softtabstop=4 expandtab cinoptions=b1,g0,N-s
cinkeys+=0=break: */
diff --git a/ucb/source/ucp/webdav-curl/CurlSession.cxx
b/ucb/source/ucp/webdav-curl/CurlSession.cxx
index 128cb4b538af..8d933acf200a 100644
--- a/ucb/source/ucp/webdav-curl/CurlSession.cxx
+++ b/ucb/source/ucp/webdav-curl/CurlSession.cxx
@@ -758,6 +758,11 @@
CurlSession::CurlSession(uno::Reference<uno::XComponentContext> xContext,
rc = curl_easy_setopt(m_pCurl.get(), CURLOPT_FORBID_REUSE, 1L);
assert(rc == CURLE_OK);
}
+ if (HostFilter::isExemptVerifyHost(m_URI.GetHost()))
+ {
+ rc = curl_easy_setopt(m_pCurl.get(), CURLOPT_SSL_VERIFYHOST, 0L);
+ assert(rc == CURLE_OK);
+ }
}
CurlSession::~CurlSession() {}
