[calendar] Access to CalDav-Server via SSL

[GoogleCodeExporter]

Token: e755b7e63dce4532595bbb8b1fa4d539 (Don't modify this token!)
Version: 18.1.15 (10-06-2014)
PHP: 5.5.9-1ubuntu4
RCMAIL: 1.0.1
Database: mysql
SERVER: Apache/2.4.7 (Ubuntu)
----
I.  Issue Description:
When trying to access a DAV-server via SSL and the CN in the certificate does 
not match the url, the connection will fail.

II. Solution:
I added the following line behind line 251:
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);

in file:
/plugins/calendar/program/backend/caldav/caldav-client.php

Original issue reported on code.google.com by bavend...@googlemail.com on 11 Jun 2014 at 10:40

[GoogleCodeExporter]

This is not a defect. Use a valid cert. CURLOPT_SSL_VERIFYPEER (default TRUE) 
is there to protect you. It is not recommended to bypass peer verfication.

Original comment by myroundc...@gmail.com on 11 Jun 2014 at 10:49

• Changed state: Invalid

[GoogleCodeExporter]

The carddav-plugin also impletments the CURLOPT_SSL_VERIFYPEER option.

May be you should think about to make it configurable, cause when you use a 
foreign/not your own DAV-server, you are often not be able to configure this!?!

Original comment by bavend...@googlemail.com on 11 Jun 2014 at 10:59

[GoogleCodeExporter]

I can make it configurable, but on a per user and not admin level. The plugin 
is a client where users can add there own CalDAVs and that's exactly the point. 
Users have to be prevented from invalid certs.

Original comment by myroundc...@gmail.com on 11 Jun 2014 at 11:13

[GoogleCodeExporter]

Thanks, I think this is a good solution...

Original comment by bavend...@googlemail.com on 11 Jun 2014 at 11:17