]> granicus.if.org Git - curl/commitdiff
projects / curl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: de7597f)
url: Update current connection SSL verify params in setopt
authorArtak Galoyan <agaloyan@vmware.com>
Thu, 5 Oct 2017 19:43:13 +0000 (15:43 -0400)
committerJay Satiro <raysatiro@yahoo.com>
Wed, 11 Oct 2017 07:14:26 +0000 (03:14 -0400)
Now VERIFYHOST, VERIFYPEER and VERIFYSTATUS options change during active
connection updates the current connection's (i.e.'connectdata'
structure) appropriate ssl_config (and ssl_proxy_config) structures
variables, making these options effective for ongoing connection.

This functionality was available before and was broken by the
following change:
"proxy: Support HTTPS proxy and SOCKS+HTTP(s)"
CommitId: cb4e2be7c6d42ca0780f8e0a747cecf9ba45f151.

Bug: https://github.com/curl/curl/issues/1941

Closes https://github.com/curl/curl/pull/1951

lib/url.c patch | blob | history

diff --git a/lib/url.c b/lib/url.c
index 3b66ae33b1994c83d8985e142a65085273d04601..8eba5fd00555dedf000705d9a03914184cc876af 100644 (file)
--- a/lib/url.c
+++ b/lib/url.c
@@ -2141,6 +2141,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
      */
     data->set.ssl.primary.verifypeer = (0 != va_arg(param, long)) ?
                                        TRUE : FALSE;
+
+    /* Update the current connection ssl_config. */
+    if(data->easy_conn) {
+      data->easy_conn->ssl_config.verifypeer =
+        data->set.ssl.primary.verifypeer;
+    }
     break;
   case CURLOPT_PROXY_SSL_VERIFYPEER:
     /*
@@ -2148,6 +2154,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
      */
     data->set.proxy_ssl.primary.verifypeer =
       (0 != va_arg(param, long))?TRUE:FALSE;
+
+    /* Update the current connection proxy_ssl_config. */
+    if(data->easy_conn) {
+      data->easy_conn->proxy_ssl_config.verifypeer =
+        data->set.proxy_ssl.primary.verifypeer;
+    }
     break;
   case CURLOPT_SSL_VERIFYHOST:
     /*
@@ -2166,6 +2178,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
     }
 
     data->set.ssl.primary.verifyhost = (0 != arg) ? TRUE : FALSE;
+
+    /* Update the current connection ssl_config. */
+    if(data->easy_conn) {
+      data->easy_conn->ssl_config.verifyhost =
+        data->set.ssl.primary.verifyhost;
+    }
     break;
   case CURLOPT_PROXY_SSL_VERIFYHOST:
     /*
@@ -2184,6 +2202,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
     }
 
     data->set.proxy_ssl.primary.verifyhost = (0 != arg)?TRUE:FALSE;
+
+    /* Update the current connection proxy_ssl_config. */
+    if(data->easy_conn) {
+      data->easy_conn->proxy_ssl_config.verifyhost =
+        data->set.proxy_ssl.primary.verifyhost;
+    }
     break;
   case CURLOPT_SSL_VERIFYSTATUS:
     /*
@@ -2196,6 +2220,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
 
     data->set.ssl.primary.verifystatus = (0 != va_arg(param, long)) ?
                                          TRUE : FALSE;
+
+    /* Update the current connection ssl_config. */
+    if(data->easy_conn) {
+      data->easy_conn->ssl_config.verifystatus =
+        data->set.ssl.primary.verifystatus;
+    }
     break;
   case CURLOPT_SSL_CTX_FUNCTION:
     /*
Unnamed repository; edit this file 'description' to name the repository.