summaryrefslogtreecommitdiff
path: root/libfetch/common.c
diff options
context:
space:
mode:
Diffstat (limited to 'libfetch/common.c')
-rw-r--r--libfetch/common.c13
1 files changed, 11 insertions, 2 deletions
diff --git a/libfetch/common.c b/libfetch/common.c
index 4a6b867..f867373 100644
--- a/libfetch/common.c
+++ b/libfetch/common.c
@@ -55,6 +55,8 @@
/*** Local data **************************************************************/
+static int ssl_verify_mode = SSL_VERIFY_PEER;
+
/*
* Error messages for resolver errors
*/
@@ -79,6 +81,12 @@ fetch_finderr(struct fetcherr *p, int e)
return (p);
}
+void
+fetch_no_check_certificate(void)
+{
+ ssl_verify_mode = SSL_VERIFY_NONE;
+}
+
/*
* Set error code
*/
@@ -466,7 +474,7 @@ static int fetch_ssl_setup_peer_verification(SSL_CTX *ctx, int verbose)
else
SSL_CTX_set_default_verify_paths(ctx);
- SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
+ SSL_CTX_set_verify(ctx, ssl_verify_mode, 0);
return 1;
}
@@ -573,7 +581,8 @@ fetch_ssl(conn_t *conn, const struct url *URL, int verbose)
NULL) != 1) {
fprintf(stderr, "SSL certificate subject doesn't match host %s\n",
URL->host);
- return -1;
+ if (ssl_verify_mode != SSL_VERIFY_NONE)
+ return -1;
}
}
generated by cgit v1.2.3-60-g2f50 (git 2.42.0) at 2024-06-02 06:01:56 +0000