apply tls.policy to cURL calls

In case the user decides to ignore the validity-state of certificates
we also have to configure libcurl accordingly.

`tls.policy` can be set via
```
/account set <account> tls trust
```

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>

src/tools/http_download.c

@@ -127,6 +127,9 @@ http_file_get(void* userdata)
 
     char* cert_path = prefs_get_string(PREF_TLS_CERTPATH);
     gchar* cafile = cafile_get_name();
+    ProfAccount* account = accounts_get_account(session_get_account_name());
+    gboolean insecure = strcmp(account->tls_policy, "trust") == 0;
+    account_free(account);
     pthread_mutex_unlock(&lock);
 
     curl_global_init(CURL_GLOBAL_ALL);
@@ -153,6 +156,10 @@ http_file_get(void* userdata)
     if (cert_path) {
         curl_easy_setopt(curl, CURLOPT_CAPATH, cert_path);
     }
+    if (insecure) {
+        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
+    }
 
     if ((res = curl_easy_perform(curl)) != CURLE_OK) {
         err = strdup(curl_easy_strerror(res));

src/tools/http_upload.c

@@ -186,6 +186,9 @@ http_file_put(void* userdata)
 
     char* cert_path = prefs_get_string(PREF_TLS_CERTPATH);
     gchar* cafile = cafile_get_name();
+    ProfAccount* account = accounts_get_account(session_get_account_name());
+    gboolean insecure = strcmp(account->tls_policy, "trust") == 0;
+    account_free(account);
     pthread_mutex_unlock(&lock);
 
     curl_global_init(CURL_GLOBAL_ALL);
@@ -252,6 +255,10 @@ http_file_put(void* userdata)
     if (cert_path) {
         curl_easy_setopt(curl, CURLOPT_CAPATH, cert_path);
     }
+    if (insecure) {
+        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
+    }
 
     curl_easy_setopt(curl, CURLOPT_READDATA, fh);
     curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)(upload->filesize));