diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2001-08-08 07:15:00 +0000 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2001-08-08 07:15:00 +0000 |
| commit | dcfb10fb31ccc93a6affab36c1910201ea5275d9 (patch) | |
| tree | 4b3ea376e4eec6b4346dd0bb7f5e3b956f5688ed | |
| parent | 0553ab8181cc375d871d63306ba8935989b8fde1 (diff) | |
Patrick Bihan-Faou's verifyhost addition
| -rw-r--r-- | include/curl/curl.h | 5 | ||||
| -rw-r--r-- | src/main.c | 3 |
2 files changed, 8 insertions, 0 deletions
diff --git a/include/curl/curl.h b/include/curl/curl.h index 39317312c..ae7573955 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -448,6 +448,11 @@ typedef enum { */ CINIT(HTTPGET, LONG, 80), + /* Set if we should verify the Common name from the peer certificate in ssl + * handshake, set 1 to check existence, 2 to ensure that it matches the + * provided hostname. */ + CINIT(SSL_VERIFYHOST, LONG, 81), + CURLOPT_LASTENTRY /* the last unusued */ } CURLoption; diff --git a/src/main.c b/src/main.c index 3e0b3dcda..7e2ac4669 100644 --- a/src/main.c +++ b/src/main.c @@ -1881,7 +1881,10 @@ operate(struct Configurable *config, int argc, char *argv[]) /* available from libcurl 7.5: */ curl_easy_setopt(curl, CURLOPT_CAINFO, config->cacert); curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, TRUE); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 2); } + else + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 1); if(config->conf&(CONF_NOBODY|CONF_USEREMOTETIME)) { /* no body or use remote time */ |