From 382ea0234800d168e843722439349bea3af5267b Mon Sep 17 00:00:00 2001
From: "Hahn Axel (hahn)" <axel.hahn@iml.unibe.ch>
Date: Wed, 7 Jun 2017 17:57:28 +0200
Subject: [PATCH] task-1462: disable ssl verification per config value

---
 hooks/templates/inc_projects_config.php.erb         | 1 +
 public_html/deployment/classes/foremanapi.class.php | 7 ++++++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/hooks/templates/inc_projects_config.php.erb b/hooks/templates/inc_projects_config.php.erb
index 20a8de09..01b812fa 100644
--- a/hooks/templates/inc_projects_config.php.erb
+++ b/hooks/templates/inc_projects_config.php.erb
@@ -78,6 +78,7 @@ $aConfig = array(
         'api'=>'<%= @replace["foreman-url"] %>', // with ending "/"
         'user'=>'<%= @replace["foreman-user"] %>',
         'password'=>'<%= @replace["foreman-password"] %>',
+        'verify-ssl'=><%= @replace["foreman-verify-ssl"] %>,
         // 'varname-replace'=>'ci-replacement',
     ),
     // where to store project data
diff --git a/public_html/deployment/classes/foremanapi.class.php b/public_html/deployment/classes/foremanapi.class.php
index 2c2e3e08..afde157b 100644
--- a/public_html/deployment/classes/foremanapi.class.php
+++ b/public_html/deployment/classes/foremanapi.class.php
@@ -246,7 +246,12 @@ class ForemanApi {
         }
         curl_setopt($ch, CURLOPT_HEADER, 1);
         curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
-        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
+        
+        if (array_key_exists('verify-ssl', $this->_aCfg) && !$this->_aCfg['verify-ssl']){
+            $this->log(__FUNCTION__ . " WARNING: SSL verifify was disabled in the config.", 'warning');
+            curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
+            curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
+        }
         curl_setopt($ch, CURLOPT_TIMEOUT, $iTimeout);
         curl_setopt($ch, CURLOPT_USERAGENT, 'IML Deployment GUI :: ' . __CLASS__);
         if ($sApiUser){
-- 
GitLab