There is already a setting for that ...

diff --git a/include/network.php b/include/network.php
index 14497f01a2d600f66fa1aaedba732e2bacc018c6..911d9784a5e82ac0b576bcf9352840205b5c0d2c 100644 (file)
--- a/include/network.php
+++ b/include/network.php
@@ -34,11 +34,6 @@ function fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0, $accept_
                ));
        }
 
-       // There are many servers out there that don't have valid certificates
-       // We have to disable the checks :-(
-       @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,false);
-       @curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,false);
-
        @curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
        @curl_setopt($ch, CURLOPT_USERAGENT, $a->get_useragent());
 
@@ -55,6 +50,7 @@ function fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0, $accept_
 
        $check_cert = get_config('system','verifyssl');
        @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false));
+       @curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, (($check_cert) ? 2 : false));
 
        $prx = get_config('system','proxy');
        if(strlen($prx)) {
@@ -163,6 +159,7 @@ function post_url($url,$params, $headers = null, &$redirects = 0, $timeout = 0)
 
        $check_cert = get_config('system','verifyssl');
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false));
+       curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, (($check_cert) ? 2 : false));
        $prx = get_config('system','proxy');
        if(strlen($prx)) {
                curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);