diff options
| author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2015-09-27T15·05+0200 |
|---|---|---|
| committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2015-09-27T15·05+0200 |
| commit | bdc4a0b54d54146448061dd9a248212f98a9f801 (patch) | |
| tree | a1a39828893346ba3b85be7d7b414c3b749bd2f8 | |
| parent | aaf8a1c16bb8de4045d8aae4fea8ac8a1bef2c34 (diff) | |
| parent | a49514a2e2325a7926c90e2dab1f504d7aa78255 (diff) | |
Merge pull request #654 from utdemir/more-insecure-verify-https-binary-caches
Also set CURLOPT_SSL_VERIFYHOST=0 when "verify-https-binary-caches" is false
| -rw-r--r-- | scripts/download-from-binary-cache.pl.in | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/scripts/download-from-binary-cache.pl.in b/scripts/download-from-binary-cache.pl.in index bb63eafca522..ea053bf14da4 100644 --- a/scripts/download-from-binary-cache.pl.in +++ b/scripts/download-from-binary-cache.pl.in @@ -80,7 +80,12 @@ sub addRequest { $curl->setopt(CURLOPT_WRITEDATA, $fh); $curl->setopt(CURLOPT_FOLLOWLOCATION, 1); $curl->setopt(CURLOPT_CAINFO, $caBundle) if defined $caBundle; - $curl->setopt(CURLOPT_SSL_VERIFYPEER, 0) unless isTrue($Nix::Config::config{"verify-https-binary-caches"} // "1"); + + unless (isTrue($Nix::Config::config{"verify-https-binary-caches"} // "1")) { + $curl->setopt(CURLOPT_SSL_VERIFYPEER, 0); + $curl->setopt(CURLOPT_SSL_VERIFYHOST, 0); + } + $curl->setopt(CURLOPT_USERAGENT, $userAgent); $curl->setopt(CURLOPT_NOBODY, 1) if $head; $curl->setopt(CURLOPT_FAILONERROR, 1); |