url: Update current connection SSL verify params in setopt

Now VERIFYHOST, VERIFYPEER and VERIFYSTATUS options change during active connection updates the current connection's (i.e.'connectdata' structure) appropriate ssl_config (and ssl_proxy_config) structures variables, making these options effective for ongoing connection. This functionality was available before and was broken by the following change: "proxy: Support HTTPS proxy and SOCKS+HTTP(s)" CommitId: cb4e2be7c6d42ca0780f8e0a747cecf9ba45f151. Bug: https://github.com/curl/curl/issues/1941 Closes https://github.com/curl/curl/pull/1951
author: Artak Galoyan <agaloyan@vmware.com> 2017-10-05 15:43:13 -0400
committer: Jay Satiro <raysatiro@yahoo.com> 2017-10-11 03:14:26 -0400
commit: 5505df7d24a2c251c7ed81a389781abca0cc5b25 (patch)
tree: 5bfeb11f960ca1d2747b78e6ad2273d41257d98f
parent: de7597f155beea1cfba341bd7d8d7bb6202edba0 (diff)
download: curl-5505df7d24a2c251c7ed81a389781abca0cc5b25.tar.gz
1 files changed, 30 insertions, 0 deletions
diff --git a/lib/url.c b/lib/url.c
index 3b66ae33b..8eba5fd00 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -2141,6 +2141,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
      */
     data->set.ssl.primary.verifypeer = (0 != va_arg(param, long)) ?
                                        TRUE : FALSE;
+
+    /* Update the current connection ssl_config. */
+    if(data->easy_conn) {
+      data->easy_conn->ssl_config.verifypeer =
+        data->set.ssl.primary.verifypeer;
+    }
     break;
   case CURLOPT_PROXY_SSL_VERIFYPEER:
     /*
@@ -2148,6 +2154,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
      */
     data->set.proxy_ssl.primary.verifypeer =
       (0 != va_arg(param, long))?TRUE:FALSE;
+
+    /* Update the current connection proxy_ssl_config. */
+    if(data->easy_conn) {
+      data->easy_conn->proxy_ssl_config.verifypeer =
+        data->set.proxy_ssl.primary.verifypeer;
+    }
     break;
   case CURLOPT_SSL_VERIFYHOST:
     /*
@@ -2166,6 +2178,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
     }
 
     data->set.ssl.primary.verifyhost = (0 != arg) ? TRUE : FALSE;
+
+    /* Update the current connection ssl_config. */
+    if(data->easy_conn) {
+      data->easy_conn->ssl_config.verifyhost =
+        data->set.ssl.primary.verifyhost;
+    }
     break;
   case CURLOPT_PROXY_SSL_VERIFYHOST:
     /*
@@ -2184,6 +2202,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
     }
 
     data->set.proxy_ssl.primary.verifyhost = (0 != arg)?TRUE:FALSE;
+
+    /* Update the current connection proxy_ssl_config. */
+    if(data->easy_conn) {
+      data->easy_conn->proxy_ssl_config.verifyhost =
+        data->set.proxy_ssl.primary.verifyhost;
+    }
     break;
   case CURLOPT_SSL_VERIFYSTATUS:
     /*
@@ -2196,6 +2220,12 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
 
     data->set.ssl.primary.verifystatus = (0 != va_arg(param, long)) ?
                                          TRUE : FALSE;
+
+    /* Update the current connection ssl_config. */
+    if(data->easy_conn) {
+      data->easy_conn->ssl_config.verifystatus =
+        data->set.ssl.primary.verifystatus;
+    }
     break;
   case CURLOPT_SSL_CTX_FUNCTION:
     /*
author	Artak Galoyan <agaloyan@vmware.com>	2017-10-05 15:43:13 -0400
committer	Jay Satiro <raysatiro@yahoo.com>	2017-10-11 03:14:26 -0400
commit	5505df7d24a2c251c7ed81a389781abca0cc5b25 (patch)
tree	5bfeb11f960ca1d2747b78e6ad2273d41257d98f
parent	de7597f155beea1cfba341bd7d8d7bb6202edba0 (diff)
download	curl-5505df7d24a2c251c7ed81a389781abca0cc5b25.tar.gz