+static size_t
+ftp_data (void* buffer, size_t size, size_t nmemb, void* stream)
+{
+ FILE* f = reinterpret_cast<FILE*> (stream);
+ return fwrite (buffer, size, nmemb, f);
+}
+
+void
+ScreenDialog::download_certificate ()
+{
+ if (_manufacturer->GetStringSelection() == _("Doremi")) {
+ string const serial = wx_to_std (_serial->GetValue ());
+ if (serial.length() != 6) {
+ error_dialog (this, _("Doremi serial numbers must have 6 numbers"));
+ return;
+ }
+
+ CURL* curl = curl_easy_init ();
+ if (!curl) {
+ error_dialog (this, N_("Could not set up libcurl"));
+ return;
+ }
+
+ string const url = String::compose (
+ "ftp://service:t3chn1c1an@ftp.doremilabs.com/Certificates/%1xxx/dcp2000-%2.dcicerts.zip",
+ serial.substr(0, 3), serial
+ );
+
+ curl_easy_setopt (curl, CURLOPT_URL, url.c_str ());
+
+ ScopedTemporary temp_zip;
+ FILE* f = temp_zip.open ("wb");
+ curl_easy_setopt (curl, CURLOPT_WRITEFUNCTION, ftp_data);
+ curl_easy_setopt (curl, CURLOPT_WRITEDATA, f);
+ _progress->set_message (_("Downloading certificate from Doremi"));
+ CURLcode const cr = curl_easy_perform (curl);
+ _progress->set_value (50);
+ temp_zip.close ();
+ curl_easy_cleanup (curl);
+ if (cr != CURLE_OK) {
+ _progress->set_message (wxString::Format (_("Certificate download failed (%d)"), cr));
+ return;
+ }
+
+ _progress->set_message (_("Unpacking"));
+ struct zip* zip = zip_open (temp_zip.c_str(), 0, 0);
+ if (!zip) {
+ _progress->set_message ("Could not open certificate ZIP file");
+ return;
+ }
+
+ string const name_in_zip = String::compose ("dcp2000-%1.cert.sha256.pem", serial);
+ struct zip_file* zip_file = zip_fopen (zip, name_in_zip.c_str(), 0);
+ if (!zip_file) {
+ _progress->set_message ("Could not find certificate in ZIP file");
+ return;
+ }
+
+ ScopedTemporary temp_cert;
+ f = temp_cert.open ("wb");
+ char buffer[4096];
+ while (1) {
+ int const N = zip_fread (zip_file, buffer, sizeof (buffer));
+ fwrite (buffer, 1, N, f);
+ if (N < int (sizeof (buffer))) {
+ break;
+ }
+ }
+ temp_cert.close ();
+
+ _progress->set_value (100);
+ _progress->set_message (_("OK"));
+ load_certificate (temp_cert.file ());
+ }
+}
+