summaryrefslogtreecommitdiff
path: root/src/tool_getparam.c
diff options
context:
space:
mode:
authorJay Satiro <raysatiro@yahoo.com>2021-02-11 17:09:59 -0500
committerJay Satiro <raysatiro@yahoo.com>2021-02-14 18:20:48 -0500
commit53022e1893de74b73554396b697f5a06cc7bc3f2 (patch)
treec771a0d256d150a43481f1b48b13656a6d9f4b93 /src/tool_getparam.c
parentb68026f7f4f4f99926fabf7f7b8ec948d5fcdc72 (diff)
downloadcurl-53022e1893de74b73554396b697f5a06cc7bc3f2.tar.gz
doh: add options to disable ssl verification
- New libcurl options CURLOPT_DOH_SSL_VERIFYHOST, CURLOPT_DOH_SSL_VERIFYPEER and CURLOPT_DOH_SSL_VERIFYSTATUS do the same as their respective counterparts. - New curl tool options --doh-insecure and --doh-cert-status do the same as their respective counterparts. Prior to this change DOH SSL certificate verification settings for verifyhost and verifypeer were supposed to be inherited respectively from CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER, but due to a bug were not. As a result DOH verification remained at the default, ie enabled, and it was not possible to disable. This commit changes behavior so that the DOH verification settings are independent and not inherited. Ref: https://github.com/curl/curl/pull/4579#issuecomment-554723676 Fixes https://github.com/curl/curl/issues/4578 Closes https://github.com/curl/curl/pull/6597
Diffstat (limited to 'src/tool_getparam.c')
-rw-r--r--src/tool_getparam.c11
1 files changed, 10 insertions, 1 deletions
diff --git a/src/tool_getparam.c b/src/tool_getparam.c
index d187643a7..d337251f9 100644
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@@ -251,6 +251,7 @@ static const struct LongShort aliases[]= {
{"Ep", "pinnedpubkey", ARG_STRING},
{"EP", "proxy-pinnedpubkey", ARG_STRING},
{"Eq", "cert-status", ARG_BOOL},
+ {"EQ", "doh-cert-status", ARG_BOOL},
{"Er", "false-start", ARG_BOOL},
{"Es", "ssl-no-revoke", ARG_BOOL},
{"ES", "ssl-revoke-best-effort", ARG_BOOL},
@@ -294,6 +295,7 @@ static const struct LongShort aliases[]= {
{"j", "junk-session-cookies", ARG_BOOL},
{"J", "remote-header-name", ARG_BOOL},
{"k", "insecure", ARG_BOOL},
+ {"kd", "doh-insecure", ARG_BOOL},
{"K", "config", ARG_FILENAME},
{"l", "list-only", ARG_BOOL},
{"L", "location", ARG_BOOL},
@@ -1626,6 +1628,10 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
config->verifystatus = TRUE;
break;
+ case 'Q': /* --doh-cert-status */
+ config->doh_verifystatus = TRUE;
+ break;
+
case 'r': /* --false-start */
config->falsestart = TRUE;
break;
@@ -1887,7 +1893,10 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
config->content_disposition = toggle;
break;
case 'k': /* allow insecure SSL connects */
- config->insecure_ok = toggle;
+ if(subletter == 'd') /* --doh-insecure */
+ config->doh_insecure_ok = toggle;
+ else
+ config->insecure_ok = toggle;
break;
case 'K': /* parse config file */
if(parseconfig(nextarg, global))