From 3aee3612b466418612c685cc9dfb2878ff3ad89c Mon Sep 17 00:00:00 2001
From: Alessandro Ghedini <alessandro@cloudflare.com>
Date: Thu, 13 Jan 2022 13:43:20 +0000
Subject: quiche: verify the server cert on connect

Similarly to c148f0f551f9bea0e3d0, make quiche correctly acknowledge
`CURLOPT_SSL_VERIFYPEER` and `CURLOPT_SSL_VERIFYHOST`.

Fixes #8173
Closes #8275
---
 lib/vquic/quiche.h | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'lib/vquic/quiche.h')

diff --git a/lib/vquic/quiche.h b/lib/vquic/quiche.h
index d311e9988..4a079d37b 100644
--- a/lib/vquic/quiche.h
+++ b/lib/vquic/quiche.h
@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -27,6 +27,7 @@
 #ifdef USE_QUICHE
 
 #include <quiche.h>
+#include <openssl/ssl.h>
 
 struct quic_handshake {
   char *buf;       /* pointer to the buffer */
@@ -43,6 +44,8 @@ struct quicsocket {
   uint8_t scid[QUICHE_MAX_CONN_ID_LEN];
   curl_socket_t sockfd;
   uint32_t version;
+  SSL_CTX *sslctx;
+  SSL *ssl;
 };
 
 #endif
-- 
cgit v1.2.1