MISP/app/Lib/Tools/SyncTool.php

<?php

class SyncTool
{
    // take a server as parameter and return a HttpSocket object using the ssl options defined in the server settings
    public function setupHttpSocket($server = null, $timeout = false)
    {
        $params = array();
        if (!empty($server)) {
            if ($server['Server']['cert_file']) {
                $params['ssl_cafile'] = APP . "files" . DS . "certs" . DS . $server['Server']['id'] . '.pem';
            }
            if ($server['Server']['client_cert_file']) {
                $params['ssl_local_cert'] = APP . "files" . DS . "certs" . DS . $server['Server']['id'] . '_client.pem';
            }
            if ($server['Server']['self_signed']) {
                $params['ssl_allow_self_signed'] = true;
                $params['ssl_verify_peer_name'] = false;
                if (!isset($server['Server']['cert_file'])) {
                    $params['ssl_verify_peer'] = false;
                }
            }
            if (!empty($server['Server']['skip_proxy'])) {
                $params['skip_proxy'] = 1;
            }
            if (!empty($timeout)) {
                $params['timeout'] = $timeout;
            }
        }

        return $this->createHttpSocket($params);
    }

    public function setupHttpSocketFeed($feed = null)
    {
        return $this->setupHttpSocket();
    }

    /**
     * @param array $params
     * @return HttpSocket
     * @throws Exception
     */
    public function createHttpSocket($params = array())
    {
        // Use own CA PEM file
        $caPath = Configure::read('MISP.ca_path');
        if (!isset($params['ssl_cafile']) && $caPath) {
            if (!file_exists($caPath)) {
                throw new Exception("CA file '$caPath' doesn't exists.");
            }
            $params['ssl_cafile'] = $caPath;
        }

        App::uses('HttpSocket', 'Network/Http');
        $HttpSocket = new HttpSocket($params);
        $proxy = Configure::read('Proxy');
        if (empty($params['skip_proxy']) && isset($proxy['host']) && !empty($proxy['host'])) {
            $HttpSocket->configProxy($proxy['host'], $proxy['port'], $proxy['method'], $proxy['user'], $proxy['password']);
        }
        return $HttpSocket;
    }
}
SSL certificate changes - you can now upload a certificate file and allow a server link to use a provided self signed certificate. This should solve the issues that some organisations are having when trying to connect their instances 2014-01-16 08:47:25 +01:00			`<?php`

chg: [CS] Changed to PSR-2 - to make contributions easier, adopted PSR-2 - used php-cs-fixer to rework the style - sniff sniff Goodbye tab indentation 2018-07-19 11:48:22 +02:00			`class SyncTool`
			`{`
			`// take a server as parameter and return a HttpSocket object using the ssl options defined in the server settings`
fix: [synctool] tests improved 2020-03-02 23:09:47 +01:00			`public function setupHttpSocket($server = null, $timeout = false)`
chg: [CS] Changed to PSR-2 - to make contributions easier, adopted PSR-2 - used php-cs-fixer to rework the style - sniff sniff Goodbye tab indentation 2018-07-19 11:48:22 +02:00			`{`
			`$params = array();`
			`if (!empty($server)) {`
			`if ($server['Server']['cert_file']) {`
			`$params['ssl_cafile'] = APP . "files" . DS . "certs" . DS . $server['Server']['id'] . '.pem';`
			`}`
			`if ($server['Server']['client_cert_file']) {`
			`$params['ssl_local_cert'] = APP . "files" . DS . "certs" . DS . $server['Server']['id'] . '_client.pem';`
			`}`
			`if ($server['Server']['self_signed']) {`
			`$params['ssl_allow_self_signed'] = true;`
			`$params['ssl_verify_peer_name'] = false;`
			`if (!isset($server['Server']['cert_file'])) {`
			`$params['ssl_verify_peer'] = false;`
			`}`
			`}`
fix: [proxy] Skip_proxy was broken up until now, fixes #5324 - was simply ignored, added the hook for it for the sync tool 2019-11-08 10:06:44 +01:00			`if (!empty($server['Server']['skip_proxy'])) {`
			`$params['skip_proxy'] = 1;`
			`}`
fix: [synctool] tests improved 2020-03-02 23:09:47 +01:00			`if (!empty($timeout)) {`
			`$params['timeout'] = $timeout;`
			`}`
chg: [CS] Changed to PSR-2 - to make contributions easier, adopted PSR-2 - used php-cs-fixer to rework the style - sniff sniff Goodbye tab indentation 2018-07-19 11:48:22 +02:00			`}`
new: [internal] Allow to use custom CA 2019-09-26 14:26:58 +02:00
			`return $this->createHttpSocket($params);`
chg: [CS] Changed to PSR-2 - to make contributions easier, adopted PSR-2 - used php-cs-fixer to rework the style - sniff sniff Goodbye tab indentation 2018-07-19 11:48:22 +02:00			`}`
remove whitespace (space/tab) from empty lines 2016-06-04 01:08:16 +02:00
chg: [CS] Changed to PSR-2 - to make contributions easier, adopted PSR-2 - used php-cs-fixer to rework the style - sniff sniff Goodbye tab indentation 2018-07-19 11:48:22 +02:00			`public function setupHttpSocketFeed($feed = null)`
			`{`
new: [internal] Allow to use custom CA 2019-09-26 14:26:58 +02:00			`return $this->setupHttpSocket();`
			`}`

			`/**`
			`* @param array $params`
			`* @return HttpSocket`
			`* @throws Exception`
			`*/`
new: [SightingDB] Added integration with SightingDB - Added configuration tool - Added lookups from the event view - Added includeSightingdb flag for the restSearch searches - Added SightingDB search tool - Added SightingDB connection test tool 2019-11-06 21:20:04 +01:00			`public function createHttpSocket($params = array())`
new: [internal] Allow to use custom CA 2019-09-26 14:26:58 +02:00			`{`
			`// Use own CA PEM file`
			`$caPath = Configure::read('MISP.ca_path');`
			`if (!isset($params['ssl_cafile']) && $caPath) {`
			`if (!file_exists($caPath)) {`
			`throw new Exception("CA file '$caPath' doesn't exists.");`
			`}`
			`$params['ssl_cafile'] = $caPath;`
			`}`

chg: [CS] Changed to PSR-2 - to make contributions easier, adopted PSR-2 - used php-cs-fixer to rework the style - sniff sniff Goodbye tab indentation 2018-07-19 11:48:22 +02:00			`App::uses('HttpSocket', 'Network/Http');`
new: [internal] Allow to use custom CA 2019-09-26 14:26:58 +02:00			`$HttpSocket = new HttpSocket($params);`
chg: [CS] Changed to PSR-2 - to make contributions easier, adopted PSR-2 - used php-cs-fixer to rework the style - sniff sniff Goodbye tab indentation 2018-07-19 11:48:22 +02:00			`$proxy = Configure::read('Proxy');`
fix: [proxy] Skip_proxy was broken up until now, fixes #5324 - was simply ignored, added the hook for it for the sync tool 2019-11-08 10:06:44 +01:00			`if (empty($params['skip_proxy']) && isset($proxy['host']) && !empty($proxy['host'])) {`
chg: [CS] Changed to PSR-2 - to make contributions easier, adopted PSR-2 - used php-cs-fixer to rework the style - sniff sniff Goodbye tab indentation 2018-07-19 11:48:22 +02:00			`$HttpSocket->configProxy($proxy['host'], $proxy['port'], $proxy['method'], $proxy['user'], $proxy['password']);`
			`}`
			`return $HttpSocket;`
			`}`
SSL certificate changes - you can now upload a certificate file and allow a server link to use a provided self signed certificate. This should solve the issues that some organisations are having when trying to connect their instances 2014-01-16 08:47:25 +01:00			`}`