Skip to content

Commit

Permalink
ssl: Update the current connection SSL params in curl_easy_setopt().
Browse files Browse the repository at this point in the history 
Now VERIFYHOST and VERIFYPEER options change during active connection
updates the current connection's (i.e.'connectdata' structure)
appropriate ssl_config (and ssl_proxy_config) structures variables,
making these options effective for ongoing connection.

This functionality was available before and was broken by the
following change:
"proxy: Support HTTPS proxy and SOCKS+HTTP(s)"
CommitId: cb4e2be.

bug: curl#1941
  • Loading branch information
Artak Galoyan committed Oct 6, 2017
1 parent 7bc5308 commit 7ea8113
Showing 1 changed file with 20 additions and 0 deletions.
20 changes: 20 additions & 0 deletions lib/url.c
View file
Expand Up @@ -2142,13 +2142,23 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
*/
data->set.ssl.primary.verifypeer = (0 != va_arg(param, long)) ?
TRUE : FALSE;
/* Sync the current connection ssl_config. */
if(data->easy_conn) {
data->easy_conn->ssl_config.verifypeer =
data->set.ssl.primary.verifypeer;
}
break;
case CURLOPT_PROXY_SSL_VERIFYPEER:
/*
* Enable peer SSL verifying for proxy.
*/
data->set.proxy_ssl.primary.verifypeer =
(0 != va_arg(param, long))?TRUE:FALSE;
/* Sync the current connection proxy_ssl_config. */
if(data->easy_conn) {
data->easy_conn->proxy_ssl_config.verifypeer =
data->set.proxy_ssl.primary.verifypeer;
}
break;
case CURLOPT_SSL_VERIFYHOST:
/*
Expand All @@ -2167,6 +2177,11 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
}

data->set.ssl.primary.verifyhost = (0 != arg) ? TRUE : FALSE;
/* Sync the current connection ssl_config. */
if(data->easy_conn) {
data->easy_conn->ssl_config.verifyhost =
data->set.ssl.primary.verifyhost;
}
break;
case CURLOPT_PROXY_SSL_VERIFYHOST:
/*
Expand All @@ -2185,6 +2200,11 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
}

data->set.proxy_ssl.primary.verifyhost = (0 != arg)?TRUE:FALSE;
/* Sync the current connection proxy_ssl_config. */
if(data->easy_conn) {
data->easy_conn->proxy_ssl_config.verifyhost =
data->set.proxy_ssl.primary.verifyhost;
}
break;
case CURLOPT_SSL_VERIFYSTATUS:
/*
Expand Down

0 comments on commit 7ea8113

Please sign in to comment.