diff options
Diffstat (limited to 'src/tools')
| -rw-r--r-- | src/tools/http_download.c | 13 | ||||
| -rw-r--r-- | src/tools/http_upload.c | 13 |
2 files changed, 26 insertions, 0 deletions
diff --git a/src/tools/http_download.c b/src/tools/http_download.c index d4df5f6b..57e36e61 100644 --- a/src/tools/http_download.c +++ b/src/tools/http_download.c @@ -50,6 +50,7 @@ #include "profanity.h" #include "event/client_events.h" #include "tools/http_download.h" +#include "config/cafile.h" #include "config/preferences.h" #include "ui/ui.h" #include "ui/window.h" @@ -125,6 +126,10 @@ http_file_get(void* userdata) } char* cert_path = prefs_get_string(PREF_TLS_CERTPATH); + gchar* cafile = cafile_get_name(); + ProfAccount* account = accounts_get_account(session_get_account_name()); + gboolean insecure = strcmp(account->tls_policy, "trust") == 0; + account_free(account); pthread_mutex_unlock(&lock); curl_global_init(CURL_GLOBAL_ALL); @@ -145,9 +150,16 @@ http_file_get(void* userdata) curl_easy_setopt(curl, CURLOPT_USERAGENT, "profanity"); + if (cafile) { + curl_easy_setopt(curl, CURLOPT_CAINFO, cafile); + } if (cert_path) { curl_easy_setopt(curl, CURLOPT_CAPATH, cert_path); } + if (insecure) { + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); + } if ((res = curl_easy_perform(curl)) != CURLE_OK) { err = strdup(curl_easy_strerror(res)); @@ -161,6 +173,7 @@ http_file_get(void* userdata) } pthread_mutex_lock(&lock); + g_free(cafile); g_free(cert_path); if (err) { if (download->cancel) { diff --git a/src/tools/http_upload.c b/src/tools/http_upload.c index d1360b46..5b783441 100644 --- a/src/tools/http_upload.c +++ b/src/tools/http_upload.c @@ -48,6 +48,7 @@ #include "profanity.h" #include "event/client_events.h" #include "tools/http_upload.h" +#include "config/cafile.h" #include "config/preferences.h" #include "ui/ui.h" #include "ui/window.h" @@ -184,6 +185,10 @@ http_file_put(void* userdata) g_free(msg); char* cert_path = prefs_get_string(PREF_TLS_CERTPATH); + gchar* cafile = cafile_get_name(); + ProfAccount* account = accounts_get_account(session_get_account_name()); + gboolean insecure = strcmp(account->tls_policy, "trust") == 0; + account_free(account); pthread_mutex_unlock(&lock); curl_global_init(CURL_GLOBAL_ALL); @@ -244,9 +249,16 @@ http_file_put(void* userdata) fh = upload->filehandle; + if (cafile) { + curl_easy_setopt(curl, CURLOPT_CAINFO, cafile); + } if (cert_path) { curl_easy_setopt(curl, CURLOPT_CAPATH, cert_path); } + if (insecure) { + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); + } curl_easy_setopt(curl, CURLOPT_READDATA, fh); curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)(upload->filesize)); @@ -288,6 +300,7 @@ http_file_put(void* userdata) g_free(expires_header); pthread_mutex_lock(&lock); + g_free(cafile); g_free(cert_path); if (err) { |