Added sopport for insecure mode (skip verification certs)

wazuh · Dec 10, 2024 · 3b40ddf · 3b40ddf
1 parent 22c85e7
commit 3b40ddf
Show file tree

Hide file tree

Showing 4 changed files with 41 additions and 10 deletions.
diff --git a/include/secureCommunication.hpp b/include/secureCommunication.hpp
@@ -14,6 +14,7 @@
 
 #include <map>
 #include <string>
+#include <variant>
 
 namespace urlrequest
 {
@@ -22,7 +23,8 @@ enum class AuthenticationParameter
     SSL_CERTIFICATE,
     SSL_KEY,
     CA_ROOT_CERTIFICATE,
-    BASIC_AUTH_CREDS
+    BASIC_AUTH_CREDS,
+    SKIP_PEER_VERIFICATION
 };
 /**
  * @brief This class provides a simple interface to construct an object using a Builder pattern.
@@ -63,7 +65,7 @@ class Builder
 class SecureCommunication final : public urlrequest::Builder<SecureCommunication>
 {
 private:
-    std::map<urlrequest::AuthenticationParameter, std::string> m_parameters;
+    std::map<urlrequest::AuthenticationParameter, std::variant<std::string, bool>> m_parameters;
 
 public:
     /**
@@ -114,19 +116,38 @@ class SecureCommunication final : public urlrequest::Builder<SecureCommunication
         return (*this);
     }
 
+    /**
+     * @brief Set the Skip Peer Verification.
+     *
+     * @param skipPeerVerification Skip peer verification.
+     */
+    SecureCommunication& skipPeerVerification(const bool skipPeerVerification)
+    {
+        m_parameters[urlrequest::AuthenticationParameter::SKIP_PEER_VERIFICATION] = skipPeerVerification;
+
+        return (*this);
+    }
+
     /**
      * @brief Get parameters.
      *
+     * @tparam T Type of the parameter, std::string or bool.
      * @param parameter AuthenticationParameter Parameter to get.
      *
-     * @return std::string Parameter value.
+     * @return T Parameter value.
      */
-    std::string getParameter(const urlrequest::AuthenticationParameter parameter) const
+    template<typename T = std::string>
+    T getParameter(const urlrequest::AuthenticationParameter parameter) const
     {
+        if constexpr (!std::is_same_v<T, std::string> && !std::is_same_v<T, bool>)
+        {
+            static_assert(false, "Invalid type of AuthenticationParameter");
+        }
+
         auto it = m_parameters.find(parameter);
         if (it != m_parameters.end())
         {
-            return it->second;
+            return std::get<T>(it->second);
         }
         return {};
     }

diff --git a/src/urlRequest.hpp b/src/urlRequest.hpp
@@ -196,10 +196,10 @@ class cURLRequest
                 }
             }
 
-            if (m_certificate.empty())
-            {
-                m_requestImplementator->setOption(OPT_VERIFYPEER, 0L);
-            }
+            const auto skipVerify =
+                secureCommunication.getParameter<bool>(urlrequest::AuthenticationParameter::SKIP_PEER_VERIFICATION);
+
+            m_requestImplementator->setOption(OPT_VERIFYPEER, skipVerify ? 0L : 1L);
         }
 
         const auto authCreds = secureCommunication.getParameter(urlrequest::AuthenticationParameter::BASIC_AUTH_CREDS);

diff --git a/test_tool/cmdArgsParser.hpp b/test_tool/cmdArgsParser.hpp
@@ -38,6 +38,7 @@ class CmdLineArgs
         , m_key {paramValueOf(argc, argv, "--key", {false, ""})}
         , m_username {paramValueOf(argc, argv, "--username", {false, ""})}
         , m_password {paramValueOf(argc, argv, "--password", {false, ""})}
+        , m_skipVerifyPeer {paramValueOf(argc, argv, "--skip-verify-peer", {false, "false"}) == "true"}
         , m_timeout {std::stol(paramValueOf(argc, argv, "--timeout", {false, "0"}))}
     {
         auto postArgumentsFile {paramValueOf(argc, argv, "-p", {false, ""})};
@@ -135,6 +136,11 @@ class CmdLineArgs
         return m_password;
     }
 
+    const bool skipVerifyPeer() const
+    {
+        return m_skipVerifyPeer;
+    }
+
     /**
      * @brief Returns the timeout.
      */
@@ -163,6 +169,7 @@ class CmdLineArgs
             << "\t--key KEY\t\tSpecifies the key file to use in the request.\n"
             << "\t--username USERNAME\tSpecifies the username to use in the request.\n"
             << "\t--password PASSWORD\tSpecifies the password to use in the request.\n"
+            << "\t--skip-verify-peer\tSpecifies if the peer verification should be skipped. Default is false.\n"
             << "\t--timeout TIMEOUT\tSpecifies the timeout in miliseconds for the request.\n"
             << "\nExample:"
             << "\n\t./urlrequest_testtool -u https://httpbin.org/get -t download -o out \n"
@@ -212,6 +219,7 @@ class CmdLineArgs
     const std::string m_key;
     const std::string m_username;
     const std::string m_password;
+    const bool m_skipVerifyPeer;
     const long m_timeout;
 };
 

diff --git a/test_tool/factoryAction.hpp b/test_tool/factoryAction.hpp
@@ -34,12 +34,14 @@ class FactoryAction final
         std::string sslKey {args.key()};
         std::string username {args.username()};
         std::string password {args.password()};
+        bool skipVerifyPeer {args.skipVerifyPeer()};
 
         auto secureCommunication = SecureCommunication::builder();
         secureCommunication.basicAuth(username + ":" + password)
             .sslCertificate(sslCertificate)
             .sslKey(sslKey)
-            .caRootCertificate(caRootCertificate);
+            .caRootCertificate(caRootCertificate)
+            .skipPeerVerification(skipVerifyPeer);
 
         std::unordered_set<std::string> headers;
         if (args.headers().empty())