MFB: Fixed bug #33770 (https:// or ftps:// do not work when

--with-curlwrappers is used and ssl certificate is not verifiable).

diff --git a/ext/curl/streams.c b/ext/curl/streams.c
index d438a91b877bc0365b3a3be1e9af582adcb8a461..1a342785778adfaf2d0457aaf69d68971d5e9562 100644 (file)
--- a/ext/curl/streams.c
+++ b/ext/curl/streams.c
@@ -301,6 +301,17 @@ php_stream *php_curl_stream_opener(php_stream_wrapper *wrapper, char *filename,
        
        /* TODO: read cookies and options from context */
        if (context && !strncasecmp(filename, "http", sizeof("http")-1)) {
+               if (SUCCESS == php_stream_context_get_option(context, "http", "curl_verify_ssl_host", &ctx_opt) && Z_TYPE_PP(ctx_opt) == IS_BOOL && Z_LVAL_PP(ctx_opt) == 1) {
+                       curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYHOST, 1);
+               } else {
+                       curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYHOST, 0);
+               }
+               if (SUCCESS == php_stream_context_get_option(context, "http", "curl_verify_ssl_peer", &ctx_opt) && Z_TYPE_PP(ctx_opt) == IS_BOOL && Z_LVAL_PP(ctx_opt) == 1) {
+                       curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYPEER, 1);
+               } else {
+                       curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYPEER, 0);
+               }
+
                /* HTTP(S) */
                if (SUCCESS == php_stream_context_get_option(context, "http", "user_agent", &ctx_opt) && Z_TYPE_PP(ctx_opt) == IS_STRING) {
                        curl_easy_setopt(curlstream->curl, CURLOPT_USERAGENT, Z_STRVAL_PP(ctx_opt));