From 8f839dc9c75be117b1fd0bc5246614e19af7b72a Mon Sep 17 00:00:00 2001 From: kaetemi Date: Sun, 3 Oct 2021 20:08:36 +0800 Subject: [PATCH] Properly follow StartupVerify setting --- nel/include/nel/web/http_client_curl.h | 4 +++- nel/src/web/http_client_curl.cpp | 7 ++++--- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/nel/include/nel/web/http_client_curl.h b/nel/include/nel/web/http_client_curl.h index babd0d7f9..0a08b5ac0 100644 --- a/nel/include/nel/web/http_client_curl.h +++ b/nel/include/nel/web/http_client_curl.h @@ -34,7 +34,7 @@ class CCurlHttpClient public: /// Constructor - CCurlHttpClient() : _CurlStruct(NULL) {} + CCurlHttpClient() : _CurlStruct(NULL), m_Verify(true) {} /// Connect to an http server (string by val is intended). If you specify a whole URL, an attempt will be made to determine the server. bool connect(const std::string &server); @@ -82,6 +82,8 @@ private: std::string _Auth; // must be kept here because curl only stores the char pointer std::vector m_ErrorBuf; + bool m_Verify; + }; extern CCurlHttpClient CurlHttpClient; diff --git a/nel/src/web/http_client_curl.cpp b/nel/src/web/http_client_curl.cpp index 446491768..b5e54494c 100644 --- a/nel/src/web/http_client_curl.cpp +++ b/nel/src/web/http_client_curl.cpp @@ -75,8 +75,9 @@ static const std::string CAFilename = "cacert.pem"; // https://curl.haxx.se/docs // *************************************************************************** bool CCurlHttpClient::verifyServer(bool verify) { - curl_easy_setopt(_Curl, CURLOPT_SSL_VERIFYHOST, verify ? 2 : 0); + m_Verify = verify; curl_easy_setopt(_Curl, CURLOPT_SSL_VERIFYPEER, verify ? 1 : 0); + curl_easy_setopt(_Curl, CURLOPT_SSL_VERIFYHOST, verify ? 2 : 0); // specify custom CA certs CCurlCertificates::addCertificateFile(CAFilename); @@ -97,8 +98,8 @@ bool CCurlHttpClient::sendRequest(const std::string& methodWB, const std::string curl_easy_setopt(_Curl, CURLOPT_URL, url.c_str()); if (url.length() > 8 && (url[4] == 's' || url[4] == 'S')) // 01234 https { - curl_easy_setopt(_Curl, CURLOPT_SSL_VERIFYPEER, 1L); - curl_easy_setopt(_Curl, CURLOPT_SSL_VERIFYHOST, 2L); + curl_easy_setopt(_Curl, CURLOPT_SSL_VERIFYPEER, m_Verify ? 1L : 0); + curl_easy_setopt(_Curl, CURLOPT_SSL_VERIFYHOST, m_Verify ? 2L : 0); } // Authentication