[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 41/73: url: Update current connection SSL verify pa
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 41/73: url: Update current connection SSL verify params in setopt |
Date: |
Tue, 24 Oct 2017 18:54:22 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit 5505df7d24a2c251c7ed81a389781abca0cc5b25
Author: Artak Galoyan <address@hidden>
AuthorDate: Thu Oct 5 15:43:13 2017 -0400
url: Update current connection SSL verify params in setopt
Now VERIFYHOST, VERIFYPEER and VERIFYSTATUS options change during active
connection updates the current connection's (i.e.'connectdata'
structure) appropriate ssl_config (and ssl_proxy_config) structures
variables, making these options effective for ongoing connection.
This functionality was available before and was broken by the
following change:
"proxy: Support HTTPS proxy and SOCKS+HTTP(s)"
CommitId: cb4e2be7c6d42ca0780f8e0a747cecf9ba45f151.
Bug: https://github.com/curl/curl/issues/1941
Closes https://github.com/curl/curl/pull/1951
---
lib/url.c | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)
diff --git a/lib/url.c b/lib/url.c
index 3b66ae33b..8eba5fd00 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -2141,6 +2141,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
*/
data->set.ssl.primary.verifypeer = (0 != va_arg(param, long)) ?
TRUE : FALSE;
+
+ /* Update the current connection ssl_config. */
+ if(data->easy_conn) {
+ data->easy_conn->ssl_config.verifypeer =
+ data->set.ssl.primary.verifypeer;
+ }
break;
case CURLOPT_PROXY_SSL_VERIFYPEER:
/*
@@ -2148,6 +2154,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
*/
data->set.proxy_ssl.primary.verifypeer =
(0 != va_arg(param, long))?TRUE:FALSE;
+
+ /* Update the current connection proxy_ssl_config. */
+ if(data->easy_conn) {
+ data->easy_conn->proxy_ssl_config.verifypeer =
+ data->set.proxy_ssl.primary.verifypeer;
+ }
break;
case CURLOPT_SSL_VERIFYHOST:
/*
@@ -2166,6 +2178,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
}
data->set.ssl.primary.verifyhost = (0 != arg) ? TRUE : FALSE;
+
+ /* Update the current connection ssl_config. */
+ if(data->easy_conn) {
+ data->easy_conn->ssl_config.verifyhost =
+ data->set.ssl.primary.verifyhost;
+ }
break;
case CURLOPT_PROXY_SSL_VERIFYHOST:
/*
@@ -2184,6 +2202,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
}
data->set.proxy_ssl.primary.verifyhost = (0 != arg)?TRUE:FALSE;
+
+ /* Update the current connection proxy_ssl_config. */
+ if(data->easy_conn) {
+ data->easy_conn->proxy_ssl_config.verifyhost =
+ data->set.proxy_ssl.primary.verifyhost;
+ }
break;
case CURLOPT_SSL_VERIFYSTATUS:
/*
@@ -2196,6 +2220,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
data->set.ssl.primary.verifystatus = (0 != va_arg(param, long)) ?
TRUE : FALSE;
+
+ /* Update the current connection ssl_config. */
+ if(data->easy_conn) {
+ data->easy_conn->ssl_config.verifystatus =
+ data->set.ssl.primary.verifystatus;
+ }
break;
case CURLOPT_SSL_CTX_FUNCTION:
/*
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 23/73: mime: improve unbinding top multipart from easy handle., (continued)
- [GNUnet-SVN] [gnurl] 23/73: mime: improve unbinding top multipart from easy handle., gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 13/73: vtls: fix warnings with --disable-crypto-auth, gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 28/73: RTSP: avoid integer overflow on funny RTSP response, gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 18/73: Revert "multi_done: wait for name resolve to finish if still ongoing", gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 37/73: smtp_done: free data before returning (on send failure), gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 21/73: curlver.h: next expected release is 7.57.0, gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 27/73: ftpserver: properly reset $ftptargetdir., gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 36/73: FTP: URL decode path for dir listing in nocwd mode, gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 31/73: openssl: enable PKCS12 support for !BoringSSL, gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 40/73: openssl: don't use old BORINGSSL_YYYYMM macros, gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 41/73: url: Update current connection SSL verify params in setopt,
gnunet <=
- [GNUnet-SVN] [gnurl] 29/73: mime: properly unbind mime structure in curl_mime_free()., gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 32/73: FAQ: s/CURLOPT_PROGRESSFUNCTION/CURLOPT_XFERINFOFUNCTION, gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 34/73: CURLOPT_XFERINFODATA.3: fix duplicate see also, gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 46/73: cli tool: use file2memory() to buffer stdin in -F option., gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 25/73: mime: refuse to add subparts to one of their own descendants., gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 55/73: makefile.m32: allow to override gcc, ar and ranlib, gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 50/73: mime: do not call failf() if easy handle is NULL., gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 53/73: runtests: use valgrind for torture as well, gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 49/73: test651: curl_formadd with huge COPYCONTENTS, gnunet, 2017/10/24
- [GNUnet-SVN] [gnurl] 63/73: runtests: support MultiSSL client feature, gnunet, 2017/10/24