diff options
author | Thomas Glanzmann <thomas@glanzmann.de> | 2016-11-25 10:47:25 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2016-11-25 10:49:38 +0100 |
commit | 4f8b17743d7c55a0bfb48463238c88564875ae47 (patch) | |
tree | ea77a17d0cc904146e5bd17909c5c4dfbe1002ea /lib/vtls/nss.c | |
parent | 1232dbb8bd49b5502834ae9dd9f7ab1cb7a88b7b (diff) |
HTTPS Proxy: Implement CURLOPT_PROXY_PINNEDPUBLICKEY
Diffstat (limited to 'lib/vtls/nss.c')
-rw-r--r-- | lib/vtls/nss.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c index 91b8e05cc..efb19e6e7 100644 --- a/lib/vtls/nss.c +++ b/lib/vtls/nss.c @@ -1926,6 +1926,10 @@ static CURLcode nss_do_connect(struct connectdata *conn, int sockindex) PRUint32 timeout; long * const certverifyresult = SSL_IS_PROXY() ? &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult; + const char * const pinnedpubkey = SSL_IS_PROXY() ? + data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] : + data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]; + /* check timeout situation */ const long time_left = Curl_timeleft(data, NULL, TRUE); @@ -1971,7 +1975,7 @@ static CURLcode nss_do_connect(struct connectdata *conn, int sockindex) } } - result = cmp_peer_pubkey(connssl, data->set.str[STRING_SSL_PINNEDPUBLICKEY]); + result = cmp_peer_pubkey(connssl, pinnedpubkey); if(result) /* status already printed */ goto error; |