enable tls certificate checks for some services (#1422)

* enable tls certificate checks for some services * more dynamic dns security * additional security * GratisDNS works -> enable TLS verify * OVH works -> enable TLS verify * citynetwork works -> enable * HE.net Tunnelbroker works -> enable

enable tls certificate checks for some services (#1422)
* enable tls certificate checks for some services * more dynamic dns security * additional security * GratisDNS works -> enable TLS verify * OVH works -> enable TLS verify * citynetwork works -> enable * HE.net Tunnelbroker works -> enable
f0f65fc9 · Fabian Franz · Franco Fichtner · 052745d3 · f0f65fc9
Commit f0f65fc9 authored Mar 03, 2017 by Fabian Franz Committed by Franco Fichtner Mar 03, 2017
Show whitespace changes
Inline Side-by-side

Showing with 9 additions and 10 deletions

dyndns.class src/etc/inc/dyndns.class +9 -10

No files found.
--- a/src/etc/inc/dyndns.class
+++ b/src/etc/inc/dyndns.class
@@ -355,7 +355,7 @@
 					curl_setopt($ch, CURLOPT_URL, $server . $port . '?username=' . urlencode($this->_dnsUser) . '&pass=' . urlencode($this->_dnsPass) . '&hostname=' . $this->_dnsHost.'&ip=' . $iptoset);
 					break;
 				case 'easydns':
-					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
+					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
 					curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser.':'.$this->_dnsPass);
 					$server = "https://members.easydns.com/dyn/dyndns.php";
 					$port = "";
@@ -366,7 +366,6 @@
 					curl_setopt($ch, CURLOPT_URL, $server . $port . '?hostname=' . $this->_dnsHost . '&myip=' . $this->_dnsIP . '&wildcard=' . $this->_dnsWildcard . '&mx=' . $this->_dnsMX . '&backmx=' . $this->_dnsBackMX);
 					break;
 				case 'hn':
-					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
 					curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser.':'.$this->_dnsPass);
 					$server = "http://dup.hn.org/vanity/update";
 					$port = "";
@@ -448,7 +447,7 @@
 					break;
 				case 'opendns':
 					if (isset($this->_dnsWildcard) && $this->_dnsWildcard != "OFF") $this->_dnsWildcard = "ON";
-					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
+					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
 					curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser.':'.$this->_dnsPass);
 					$server = "https://updates.opendns.com/nic/update?hostname=". $this->_dnsHost;
 					$port = "";
@@ -515,7 +514,7 @@
 					if ($this->_dnsVerboseLog)
 						log_error("HE.net Tunnelbroker: DNS update() starting.");
 					$server = "https://ipv4.tunnelbroker.net/ipv4_end.php?";
-					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
+					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
 					curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser . ':' . $this->_dnsPass);
 					curl_setopt($ch, CURLOPT_URL, $server . 'tid=' . $this->_dnsHost);
 					break;
@@ -523,7 +522,7 @@
 					if ($this->_dnsVerboseLog)
 						log_error("SelfHost: DNS update() starting.");
 					if (isset($this->_dnsWildcard) && $this->_dnsWildcard != "OFF") $this->_dnsWildcard = "ON";
-					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
+					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
 					curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser.':'.$this->_dnsPass);
 					$server = "https://carol.selfhost.de/nic/update";
 					$port = "";
@@ -667,7 +666,7 @@
 					if ($this->_dnsVerboseLog)
 						log_error("GratisDNS.dk ({$this->_dnsHost}): DNS update() starting.");
 					$server = "https://ssl.gratisdns.dk/ddns.phtml";
-					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
+					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
 					list($hostname, $domain) = explode(".", $this->_dnsHost, 2);
 					curl_setopt($ch, CURLOPT_URL, $server . '?u=' . $this->_dnsUser . '&p=' . $this->_dnsPass . '&h=' . $this->_dnsHost . '&d=' . $domain);
 					break;
@@ -675,7 +674,7 @@
 					if ($this->_dnsVerboseLog)
 						log_error("OVH DynHOST: ({$this->_dnsHost}) DNS update() starting.");
 					if (isset($this->_dnsWildcard) && $this->_dnsWildcard != "OFF") $this->_dnsWildcard = "ON";
-					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
+					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
 					curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser.':'.$this->_dnsPass);
 					$server = "https://www.ovh.com/nic/update";
 					$port = "";
@@ -688,7 +687,7 @@
 				case 'citynetwork':
 					if ($this->_dnsVerboseLog)
 						log_error("City Network: ({$this->_dnsHost}) DNS update() starting.");
-					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
+					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
 					curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser.':'.$this->_dnsPass);
 					$server = 'https://dyndns.citynetwork.se/nic/update';
 					$port = "";
@@ -702,7 +701,7 @@
 					if ($this->_dnsVerboseLog)
 						log_error("Duck DNS ({$this->_dnsHost}): DNS update() starting.");
 					$server = "https://www.duckdns.org/update";
-					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
+					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
 					curl_setopt($ch, CURLOPT_URL, $server . '?domains=' . str_replace('.duckdns.org', '', $this->_dnsHost) . '&token=' . $this->_dnsUser);
 					break;
 				case 'googledomains':
@@ -712,7 +711,7 @@
 					$post_data['hostname'] = $this->_dnsHost;
 					$post_data['myip'] = $this->_dnsIP;
 					$post_data['offline'] = 'no';
-					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
+					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
 					curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser.':'.$this->_dnsPass);
 					curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
 					curl_setopt($ch, CURLOPT_URL, $server);