apply `tls.policy` to cURL calls

In case the user decides to ignore the validity-state of certificates
we also have to configure libcurl accordingly.

`tls.policy` can be set via
```
/account set <account> tls trust
```

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>

1 files changed, 7 insertions, 0 deletions

diff --git a/src/tools/http_upload.c b/src/tools/http_upload.c
index ca336c9b..5b783441 100644
--- a/src/tools/http_upload.c
+++ b/src/tools/http_upload.c
@@ -186,6 +186,9 @@ http_file_put(void* userdata)
 
     char* cert_path = prefs_get_string(PREF_TLS_CERTPATH);
     gchar* cafile = cafile_get_name();
+    ProfAccount* account = accounts_get_account(session_get_account_name());
+    gboolean insecure = strcmp(account->tls_policy, "trust") == 0;
+    account_free(account);
     pthread_mutex_unlock(&lock);
 
     curl_global_init(CURL_GLOBAL_ALL);
@@ -252,6 +255,10 @@ http_file_put(void* userdata)
     if (cert_path) {
         curl_easy_setopt(curl, CURLOPT_CAPATH, cert_path);
     }
+    if (insecure) {
+        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
+    }
 
     curl_easy_setopt(curl, CURLOPT_READDATA, fh);
     curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)(upload->filesize));