Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

- defaulted CURLOPT_SSL_VERIFYPEER to true

- added CURLOPT_SSL_VERIFYHOST and defaulted it to true
- added the most current cacert.pem file from http://curl.haxx.se/ca/cacert.pem and configured curl to use it
  • Loading branch information...
commit 16101877fbe8d38c0da8416cf8bf9ced3196057d 1 parent 4613a7b
@themattharris authored
Showing with 3,390 additions and 3 deletions.
  1. +3,376 −0 cacert.pem
  2. +14 −3 tmhOAuth.php
View
3,376 cacert.pem
3,376 additions, 0 deletions not shown
View
17 tmhOAuth.php
@@ -50,9 +50,13 @@ function __construct($config) {
'curl_connecttimeout' => 30,
'curl_timeout' => 10,
- // for security you may want to set this to TRUE. If you do you need
- // to install the servers certificate in your local certificate store.
- 'curl_ssl_verifypeer' => false,
+ // for security these should always be set to true.
+ 'curl_ssl_verifyhost' => true,
+ 'curl_ssl_verifypeer' => true,
+
+ // you can get the latest cacert.pem from here http://curl.haxx.se/ca/cacert.pem
+ 'curl_cainfo' => dirname(__FILE__) . '/cacert.pem',
+ 'curl_capath' => dirname(__FILE__),
'curl_followlocation' => false, // whether to follow redirects or not
@@ -544,6 +548,7 @@ private function curlit() {
CURLOPT_TIMEOUT => $this->config['curl_timeout'],
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => $this->config['curl_ssl_verifypeer'],
+ CURLOPT_SSL_VERIFYHOST => $this->config['curl_ssl_verifyhost'],
CURLOPT_FOLLOWLOCATION => $this->config['curl_followlocation'],
CURLOPT_PROXY => $this->config['curl_proxy'],
@@ -555,6 +560,12 @@ private function curlit() {
CURLINFO_HEADER_OUT => true,
));
+ if ($this->config['curl_cainfo'] !== false)
+ curl_setopt($c, CURLOPT_CAINFO, $this->config['curl_cainfo']);
+
+ if ($this->config['curl_capath'] !== false)
+ curl_setopt($c, CURLOPT_CAPATH, $this->config['curl_capath']);
+
if ($this->config['curl_proxyuserpwd'] !== false)
curl_setopt($c, CURLOPT_PROXYUSERPWD, $this->config['curl_proxyuserpwd']);
Please sign in to comment.
Something went wrong with that request. Please try again.