[http,conf] allow user to request no ssl peer verification
This solves for the case where hosted RSS podcasts have self signed or expired certs: using default (verify peer) in these instances results in 'SSL peer certificate or SSH remote key was not OK'
This commit is contained in:
parent
5efe0eeb0f
commit
8f9356ff11
|
@ -69,6 +69,7 @@ static cfg_opt_t sec_general[] =
|
||||||
CFG_INT("db_pragma_synchronous", -1, CFGF_NONE),
|
CFG_INT("db_pragma_synchronous", -1, CFGF_NONE),
|
||||||
CFG_STR("allow_origin", "*", CFGF_NONE),
|
CFG_STR("allow_origin", "*", CFGF_NONE),
|
||||||
CFG_STR("user_agent", PACKAGE_NAME "/" PACKAGE_VERSION, CFGF_NONE),
|
CFG_STR("user_agent", PACKAGE_NAME "/" PACKAGE_VERSION, CFGF_NONE),
|
||||||
|
CFG_BOOL("ssl_verifypeer", cfg_true, CFGF_NONE),
|
||||||
CFG_BOOL("timer_test", cfg_false, CFGF_NONE),
|
CFG_BOOL("timer_test", cfg_false, CFGF_NONE),
|
||||||
CFG_END()
|
CFG_END()
|
||||||
};
|
};
|
||||||
|
|
|
@ -102,6 +102,7 @@ http_client_request(struct http_client_ctx *ctx)
|
||||||
struct curl_slist *headers;
|
struct curl_slist *headers;
|
||||||
struct onekeyval *okv;
|
struct onekeyval *okv;
|
||||||
const char *user_agent;
|
const char *user_agent;
|
||||||
|
long verifypeer;
|
||||||
char header[1024];
|
char header[1024];
|
||||||
long response_code;
|
long response_code;
|
||||||
|
|
||||||
|
@ -116,6 +117,9 @@ http_client_request(struct http_client_ctx *ctx)
|
||||||
curl_easy_setopt(curl, CURLOPT_USERAGENT, user_agent);
|
curl_easy_setopt(curl, CURLOPT_USERAGENT, user_agent);
|
||||||
curl_easy_setopt(curl, CURLOPT_URL, ctx->url);
|
curl_easy_setopt(curl, CURLOPT_URL, ctx->url);
|
||||||
|
|
||||||
|
verifypeer = cfg_getbool(cfg_getsec(cfg, "general"), "ssl_verifypeer");
|
||||||
|
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, verifypeer);
|
||||||
|
|
||||||
headers = NULL;
|
headers = NULL;
|
||||||
if (ctx->output_headers)
|
if (ctx->output_headers)
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue