Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Force the validation of SSL certificates #3

Merged
merged 1 commit into from

2 participants

Francois Marier Alex Wolkov
Francois Marier

Setting these options will ensure that users of this library will
not be vulnerable to a trivial MITM attack against the Persona
verifier.

Francois Marier fmarier Force the validation of SSL certificates
Setting these options will ensure that users of this library will
not be vulnerable to a trivial MITM attack against the Persona
verifier.
634b113
Alex Wolkov altryne merged commit 8f61dcd into from
Alex Wolkov
Owner

All merged! Thanx for this @fmarier !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Feb 13, 2013
  1. Francois Marier

    Force the validation of SSL certificates

    fmarier authored
    Setting these options will ensure that users of this library will
    not be vulnerable to a trivial MITM attack against the Persona
    verifier.
This page is out of date. Refresh to see the latest.
Showing with 6 additions and 4 deletions.
  1. +3 −2 Demos/login.class.php
  2. +3 −2 Source/login.class.php
5 Demos/login.class.php
View
@@ -113,7 +113,8 @@ private function _requestPOST($url, $data) {
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
@@ -178,4 +179,4 @@ public function verify_assertion() {
}
}
-?>
+?>
5 Source/login.class.php
View
@@ -113,7 +113,8 @@ private function _requestPOST($url, $data) {
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
@@ -178,4 +179,4 @@ public function verify_assertion() {
}
}
-?>
+?>
Something went wrong with that request. Please try again.