Fixed issue #1442 - Self signed SSL certificate fails Exchange autodiscovery.

2017-10-04 16:18:13 +02:00 · 2017-10-04 16:18:13 +02:00 · caa85bbf5a
commit caa85bbf5a
parent acb1df1c4a
3 changed files with 44 additions and 3 deletions
--- a/app/assets/javascripts/app/controllers/_integration/exchange.coffee
+++ b/app/assets/javascripts/app/controllers/_integration/exchange.coffee
@ -175,8 +175,10 @@ class ConnectionWizard extends App.WizardModal

  events:
    'submit form.js-discover':           'discover'
+    'submit form.js-discoverSsl':        'discover'
    'submit form.js-bind':               'folders'
    'submit form.js-folders':            'mapping'
+    'click .js-cancelSsl':               'showSlideDiscover'
    'click .js-mapping .js-submitTry':   'mappingChange'
    'click .js-try .js-submitSave':      'save'
    'click .js-close':                   'hide'
@ -244,6 +246,9 @@ class ConnectionWizard extends App.WizardModal
    @$('.js-bind input[name="user"]').val(@wizardConfig.user)
    @$('.js-bind input[name="password"]').val(@wizardConfig.password)

+  showSlideDiscover: =>
+    @showSlide('js-discover')
+
  discover: (e) =>
    e.preventDefault()
    @showSlide('js-connect')
@ -256,8 +261,15 @@ class ConnectionWizard extends App.WizardModal
      processData: true
      success: (data, status, xhr) =>
        if data.result isnt 'ok'
-          @showSlide('js-discover')
-          @showAlert('js-discover', data.message)
+
+          if data.message.indexOf('certificate verify failed') is -1
+            @showSlide('js-discover')
+            @showAlert('js-discover', data.message)
+          else
+            @$('.js-discoverSsl input[name="user"]').val(params.user)
+            @$('.js-discoverSsl input[name="password"]').val(params.password)
+            @showSlide('js-discoverSsl')
+
          return

        @wizardConfig.endpoint = data.endpoint
--- a/app/assets/javascripts/app/views/integration/exchange_wizard.jst.eco
+++ b/app/assets/javascripts/app/views/integration/exchange_wizard.jst.eco
@ -34,6 +34,31 @@
    </div>
  </form>

+  <form class="modal-content setup wizard hide js-discoverSsl">
+    <input type="hidden" name="disable_ssl_verify" value="1">
+    <input type="hidden" name="user" value="">
+    <input type="hidden" name="password" value="">
+    <div class="modal-header">
+      <div class="modal-close js-close">
+        <%- @Icon('diagonal-cross') %>
+      </div>
+      <h1 class="modal-title"><%- @T('Your connection is not private') %></h1>
+    </div>
+    <div class="modal-body">
+      <div class="wizard-body vertical">
+        <p><%- @T('The certificate of the domain could not be verified. Hackers could steal the credentials or redirect the connection. Or maybe you are using a self-signed certificate.') %></p>
+      </div>
+    </div>
+    <div class="modal-footer">
+      <div class="modal-leftFooter">
+        <button class="btn btn--text btn--danger btn--secondary js-submit"><%- @T('Proceed') %></button>
+      </div>
+      <div class="modal-rightFooter">
+        <a class="btn btn--primary align-right js-cancelSsl"><%- @T('Cancel') %></a>
+      </div>
+    </div>
+  </form>
+
  <form class="modal-content setup wizard hide js-connect">
    <div class="modal-header">
      <div class="modal-close js-close">
--- a/app/controllers/integration/exchange_controller.rb
+++ b/app/controllers/integration/exchange_controller.rb
@ -11,7 +11,11 @@ class Integration::ExchangeController < ApplicationController
        email:    params[:user],
        password: params[:password],
      )
-      client.http.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE
+
+      if params[:disable_ssl_verify]
+        client.http.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      end
+
      {
        endpoint: client.try(:autodiscover).try(:ews_url),
      }