Bring back SSL certificate validation

Signed-off-by: Michal Čihař <michal@cihar.com>
phpmyadmin · Feb 25, 2016 · e42b7e3 · e42b7e3
1 parent 16a6a02
commit e42b7e3
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 5 deletions.
diff --git a/libraries/Config.class.php b/libraries/Config.class.php
@@ -774,8 +774,8 @@ public function checkHTTP($link, $get_body = false)
         PMA_Util::configureCurl($handle);
         curl_setopt($handle, CURLOPT_FOLLOWLOCATION, 0);
         curl_setopt($handle, CURLOPT_RETURNTRANSFER, 1);
-        curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, 0);
-        curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, 0);
+        curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, '2');
+        curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, '1');
         curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, 5);
         curl_setopt($handle, CURLOPT_TIMEOUT, 5);
         curl_setopt($handle, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);

diff --git a/test/classes/PMA_Config_test.php b/test/classes/PMA_Config_test.php
@@ -53,6 +53,7 @@ protected function setUp()
         $GLOBALS['server'] = 0;
         $_SESSION['is_git_revision'] = true;
         $GLOBALS['PMA_Config'] = new PMA_Config(CONFIG_FILE);
+        $GLOBALS['cfg']['ProxyUrl'] = '';
 
         //for testing file permissions
         $this->permTestObj = new PMA_Config("./config.sample.inc.php");
@@ -1038,14 +1039,19 @@ public function testCheckHTTP()
             $this->markTestSkipped('Missing curl extension!');
         }
         $this->assertTrue(
-            $this->object->checkHTTP("http://www.phpmyadmin.net/test/data")
+            $this->object->checkHTTP("https://www.phpmyadmin.net/test/data")
         );
         $this->assertContains(
             "TEST DATA",
-            $this->object->checkHTTP("http://www.phpmyadmin.net/test/data", true)
+            $this->object->checkHTTP("https://www.phpmyadmin.net/test/data", true)
         );
         $this->assertFalse(
-            $this->object->checkHTTP("http://www.phpmyadmin.net/test/nothing")
+            $this->object->checkHTTP("https://www.phpmyadmin.net/test/nothing")
+        );
+        // Use rate limit API as it's not subject to rate limiting
+        $this->assertContains(
+            '"resources"',
+            $this->object->checkHTTP("https://api.github.com/rate_limit", true)
         );
     }