From 4f8b17743d7c55a0bfb48463238c88564875ae47 Mon Sep 17 00:00:00 2001
From: Thomas Glanzmann <thomas@glanzmann.de>
Date: Fri, 25 Nov 2016 10:47:25 +0100
Subject: HTTPS Proxy: Implement CURLOPT_PROXY_PINNEDPUBLICKEY

---
 lib/vtls/openssl.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'lib/vtls/openssl.c')

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 1d7892550..8507f866f 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -2891,7 +2891,8 @@ static CURLcode servercert(struct connectdata *conn,
     /* when not strict, we don't bother about the verify cert problems */
     result = CURLE_OK;
 
-  ptr = data->set.str[STRING_SSL_PINNEDPUBLICKEY];
+  ptr = SSL_IS_PROXY() ? data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
+                         data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG];
   if(!result && ptr) {
     result = pkp_pin_peer_pubkey(data, connssl->server_cert, ptr);
     if(result)
-- 
cgit v1.2.3