[sr-dev] git:tmp/hpw_curl_improvements:2f020509: curl: Ensure all values of verify_host are valid

Hugh Waite hugh.waite at xura.com
Tue Feb 2 11:18:13 CET 2016 

Module: kamailio
Branch: tmp/hpw_curl_improvements
Commit: 2f0205093803cbd3761e6ae0384b548c19b4e3e4
URL: https://github.com/kamailio/kamailio/commit/2f0205093803cbd3761e6ae0384b548c19b4e3e4

Author: Hugh Waite <hugh.waite at xura.com>
Committer: Hugh Waite <hugh.waite at xura.com>
Date: 2016-02-02T10:15:22Z

curl: Ensure all values of verify_host are valid
- verify_host=1 is deprecated, automatically use 2

---

Modified: modules/curl/curlcon.c
Modified: modules/curl/functions.c

---

Diff:  https://github.com/kamailio/kamailio/commit/2f0205093803cbd3761e6ae0384b548c19b4e3e4.diff
Patch: https://github.com/kamailio/kamailio/commit/2f0205093803cbd3761e6ae0384b548c19b4e3e4.patch

---

diff --git a/modules/curl/curlcon.c b/modules/curl/curlcon.c
index 85a0142..5c947f5 100644
--- a/modules/curl/curlcon.c
+++ b/modules/curl/curlcon.c
@@ -326,10 +326,6 @@ int curl_parse_param(char *val)
 					LM_DBG("curl connection [%.*s]: verifyhost bad value. Using default\n", name.len, name.s);
 					verify_host = default_tls_verify_host;
 				}
-				if (verify_host != 0 && verify_host != 1) {
-					LM_DBG("curl connection [%.*s]: verifyhost bad value. Using default\n", name.len, name.s);
-					verify_host = default_tls_verify_host;
-				}
 				LM_DBG("curl [%.*s] - verifyhost [%d]\n", pit->name.len, pit->name.s, verify_host);
 			} else if(pit->name.len==10 && strncmp(pit->name.s, "sslversion", 10)==0) {
 				if(str2int(&tok, &sslversion)!=0) {
diff --git a/modules/curl/functions.c b/modules/curl/functions.c
index 1b530d6..754bbb3 100644
--- a/modules/curl/functions.c
+++ b/modules/curl/functions.c
@@ -181,7 +181,7 @@ static int curL_query_url(struct sip_msg* _m, const char* _url, str* _dst, const
     }
 
     res |= curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, (long) params->verify_peer);
-    res |= curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, (long) params->verify_host);
+    res |= curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, (long) params->verify_host?2:0);
 
     res |= curl_easy_setopt(curl, CURLOPT_NOSIGNAL, (long) 1);
     res |= curl_easy_setopt(curl, CURLOPT_TIMEOUT, (long) params->timeout);

More information about the sr-dev mailing list