Skip to content

Commit

Permalink
MDL-36818 cas: improve SSL validation
Browse files Browse the repository at this point in the history
  • Loading branch information
@thijskh @danpoltawski
thijskh authored and danpoltawski committed Oct 14, 2013
1 parent 079364c commit 2093a0c
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions auth/cas/CAS/CAS/client.php
View file
Expand Up @@ -2160,7 +2160,7 @@ function readURL($url,$cookies,&$headers,&$body,&$err_msg)
if ($this->_cas_server_cert != '' && $this->_cas_server_ca_cert != '') {
// This branch added by IDMS. Seems phpCAS implementor got a bit confused about the curl options CURLOPT_SSLCERT and CURLOPT_CAINFO
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_SSLCERT, $this->_cas_server_cert);
curl_setopt($ch, CURLOPT_CAINFO, $this->_cas_server_ca_cert);
curl_setopt($ch, CURLOPT_VERBOSE, '1');
Expand All @@ -2172,7 +2172,7 @@ function readURL($url,$cookies,&$headers,&$body,&$err_msg)
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_CAINFO, $this->_cas_server_ca_cert);
} else {
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
}

Expand Down

0 comments on commit 2093a0c

Please sign in to comment.