summaryrefslogtreecommitdiffabout
Side-by-side diff
Diffstat (more/less context) (show whitespace changes)
-rw-r--r--configure.ac14
-rw-r--r--lib/consumer.cc6
2 files changed, 20 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac
index fd50721..8397914 100644
--- a/configure.ac
+++ b/configure.ac
@@ -52,20 +52,34 @@ fi
LIBCURL_CHECK_CONFIG(,,,[
AC_MSG_ERROR([no required libcurl library. get one from http://curl.haxx.se/])
])
AC_WITH_PCRE([
AC_WITH_PCREPP(,[
AC_MSG_ERROR([no pcre++ library found. get one at http://www.daemon.de/PCRE])
])
],[
AC_MSG_ERROR([no pcre library found. get one at http://www.pcre.org/])
]
)
+curl_ssl_verify_host="true"
+AC_ARG_ENABLE([ssl-verify-host],
+ AC_HELP_STRING([--disable-ssl-verify-host],[disable cURL cert/host relationships verification]),
+ [ test "${enableval}" = "no" && curl_ssl_verify_host="false" ]
+)
+${curl_ssl_verify_host} || AC_DEFINE([DISABLE_CURL_SSL_VERIFYHOST],,[defined if cURL is not to verify cert/host])
+
+curl_ssl_verify_peer="true"
+AC_ARG_ENABLE([ssl-verify-peer],
+ AC_HELP_STRING([--disable-ssl-verify-peer],[disable cURL cert validity verification]),
+ [ test "${enableval}" = "no" && curl_ssl_verify_peer="false" ]
+)
+${curl_ssl_verify_peer} || AC_DEFINE([DISABLE_CURL_SSL_VERIFYPEER],,[defined if cURL is not to verify cert validity])
+
AC_CONFIG_FILES([
Makefile
libopkele.pc
Doxyfile
include/Makefile
lib/Makefile
])
AC_OUTPUT
diff --git a/lib/consumer.cc b/lib/consumer.cc
index 331b1e9..dc49405 100644
--- a/lib/consumer.cc
+++ b/lib/consumer.cc
@@ -29,24 +29,30 @@ namespace opkele {
operator const CURL*(void) const { return _c; }
operator CURL*(void) { return _c; }
};
static CURLcode curl_misc_sets(CURL* c) {
CURLcode r;
(r=curl_easy_setopt(c,CURLOPT_FOLLOWLOCATION,1))
|| (r=curl_easy_setopt(c,CURLOPT_MAXREDIRS,5))
|| (r=curl_easy_setopt(c,CURLOPT_DNS_CACHE_TIMEOUT,120))
|| (r=curl_easy_setopt(c,CURLOPT_DNS_USE_GLOBAL_CACHE,1))
|| (r=curl_easy_setopt(c,CURLOPT_USERAGENT,PACKAGE_NAME"/"PACKAGE_VERSION))
|| (r=curl_easy_setopt(c,CURLOPT_TIMEOUT,20))
+#ifdef DISABLE_CURL_SSL_VERIFYHOST
+ || (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYHOST,0))
+#endif
+#ifdef DISABLE_CURL_SSL_VERYPEER
+ || (r=curl_easy_setopt(c,CURLOPT_SSL_VERIFYPEER,0))
+#endif
;
return r;
}
static size_t _curl_tostring(void *ptr,size_t size,size_t nmemb,void *stream) {
string *str = (string*)stream;
size_t bytes = size*nmemb;
size_t get = min(16384-str->length(),bytes);
str->append((const char*)ptr,get);
return get;
}