mirror of
https://github.com/profanity-im/profanity.git
synced 2024-12-04 14:46:46 -05:00
apply tls.policy
to cURL calls
In case the user decides to ignore the validity-state of certificates we also have to configure libcurl accordingly. `tls.policy` can be set via ``` /account set <account> tls trust ``` Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
This commit is contained in:
parent
7f1f9787cb
commit
3a86b8c29b
@ -127,6 +127,9 @@ http_file_get(void* userdata)
|
|||||||
|
|
||||||
char* cert_path = prefs_get_string(PREF_TLS_CERTPATH);
|
char* cert_path = prefs_get_string(PREF_TLS_CERTPATH);
|
||||||
gchar* cafile = cafile_get_name();
|
gchar* cafile = cafile_get_name();
|
||||||
|
ProfAccount* account = accounts_get_account(session_get_account_name());
|
||||||
|
gboolean insecure = strcmp(account->tls_policy, "trust") == 0;
|
||||||
|
account_free(account);
|
||||||
pthread_mutex_unlock(&lock);
|
pthread_mutex_unlock(&lock);
|
||||||
|
|
||||||
curl_global_init(CURL_GLOBAL_ALL);
|
curl_global_init(CURL_GLOBAL_ALL);
|
||||||
@ -153,6 +156,10 @@ http_file_get(void* userdata)
|
|||||||
if (cert_path) {
|
if (cert_path) {
|
||||||
curl_easy_setopt(curl, CURLOPT_CAPATH, cert_path);
|
curl_easy_setopt(curl, CURLOPT_CAPATH, cert_path);
|
||||||
}
|
}
|
||||||
|
if (insecure) {
|
||||||
|
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
|
||||||
|
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
|
||||||
|
}
|
||||||
|
|
||||||
if ((res = curl_easy_perform(curl)) != CURLE_OK) {
|
if ((res = curl_easy_perform(curl)) != CURLE_OK) {
|
||||||
err = strdup(curl_easy_strerror(res));
|
err = strdup(curl_easy_strerror(res));
|
||||||
|
@ -186,6 +186,9 @@ http_file_put(void* userdata)
|
|||||||
|
|
||||||
char* cert_path = prefs_get_string(PREF_TLS_CERTPATH);
|
char* cert_path = prefs_get_string(PREF_TLS_CERTPATH);
|
||||||
gchar* cafile = cafile_get_name();
|
gchar* cafile = cafile_get_name();
|
||||||
|
ProfAccount* account = accounts_get_account(session_get_account_name());
|
||||||
|
gboolean insecure = strcmp(account->tls_policy, "trust") == 0;
|
||||||
|
account_free(account);
|
||||||
pthread_mutex_unlock(&lock);
|
pthread_mutex_unlock(&lock);
|
||||||
|
|
||||||
curl_global_init(CURL_GLOBAL_ALL);
|
curl_global_init(CURL_GLOBAL_ALL);
|
||||||
@ -252,6 +255,10 @@ http_file_put(void* userdata)
|
|||||||
if (cert_path) {
|
if (cert_path) {
|
||||||
curl_easy_setopt(curl, CURLOPT_CAPATH, cert_path);
|
curl_easy_setopt(curl, CURLOPT_CAPATH, cert_path);
|
||||||
}
|
}
|
||||||
|
if (insecure) {
|
||||||
|
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
|
||||||
|
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
|
||||||
|
}
|
||||||
|
|
||||||
curl_easy_setopt(curl, CURLOPT_READDATA, fh);
|
curl_easy_setopt(curl, CURLOPT_READDATA, fh);
|
||||||
curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)(upload->filesize));
|
curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)(upload->filesize));
|
||||||
|
Loading…
Reference in New Issue
Block a user