Patrick Bihan-Faou's verifyhost addition

author Daniel Stenberg <daniel@haxx.se>

Wed, 8 Aug 2001 07:15:00 +0000 (07:15 +0000)

committer Daniel Stenberg <daniel@haxx.se>

Wed, 8 Aug 2001 07:15:00 +0000 (07:15 +0000)
author Daniel Stenberg <daniel@haxx.se>
Wed, 8 Aug 2001 07:15:00 +0000 (07:15 +0000)
committer Daniel Stenberg <daniel@haxx.se>
Wed, 8 Aug 2001 07:15:00 +0000 (07:15 +0000)
diff --git a/include/curl/curl.h b/include/curl/curl.h

index 39317312c07f00a1ed7fedf1fac5cc8a4b835be1..ae75739553c7ce6c22734b27d67612874672c423 100644 (file)
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@@ -448,6 +448,11 @@ typedef enum {
     */
    CINIT(HTTPGET, LONG, 80),
  
+  /* Set if we should verify the Common name from the peer certificate in ssl
+   * handshake, set 1 to check existence, 2 to ensure that it matches the
+   * provided hostname. */
+  CINIT(SSL_VERIFYHOST, LONG, 81),
+  
    CURLOPT_LASTENTRY /* the last unusued */
  } CURLoption;
  
diff --git a/src/main.c b/src/main.c

index 3e0b3dcdaac7ba2e66e9a198f11f108b7937e3d7..7e2ac4669e8f42c266b3d66166fef2f0ae73b65f 100644 (file)
--- a/src/main.c
+++ b/src/main.c
@@ -1881,7 +1881,10 @@ operate(struct Configurable *config, int argc, char *argv[])
          /* available from libcurl 7.5: */
          curl_easy_setopt(curl, CURLOPT_CAINFO, config->cacert);
          curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, TRUE);
+        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 2);
        }
+      else
+        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 1);
        
        if(config->conf&(CONF_NOBODY|CONF_USEREMOTETIME)) {
          /* no body or use remote time */
author	Daniel Stenberg <daniel@haxx.se>
	Wed, 8 Aug 2001 07:15:00 +0000 (07:15 +0000)
committer	Daniel Stenberg <daniel@haxx.se>
	Wed, 8 Aug 2001 07:15:00 +0000 (07:15 +0000)
include/curl/curl.h		patch \| blob \| history
src/main.c		patch \| blob \| history