summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorToshio Kuratomi <toshio@fedoraproject.org>2009-02-06 15:32:22 (GMT)
committerToshio Kuratomi <toshio@fedoraproject.org>2009-02-06 15:32:22 (GMT)
commita1cf355f962305cf7fc880e8c5a4280aa4eee14b (patch)
tree116497c193d347d408298660e4345c1478926b43
parent0f88302428defb4449bbf650330f417414f2a2b7 (diff)
downloadfedora-infrastructure-a1cf355f962305cf7fc880e8c5a4280aa4eee14b.zip
fedora-infrastructure-a1cf355f962305cf7fc880e8c5a4280aa4eee14b.tar.gz
fedora-infrastructure-a1cf355f962305cf7fc880e8c5a4280aa4eee14b.tar.xz
Coment VERIFYHOST/VERIFYPEER so curl will default to verifying the server's
certificate.
-rw-r--r--scripts/Auth_FAS_MediaWiki/Auth_FAS.php9
1 files changed, 5 insertions, 4 deletions
diff --git a/scripts/Auth_FAS_MediaWiki/Auth_FAS.php b/scripts/Auth_FAS_MediaWiki/Auth_FAS.php
index 609c3de..739a7b7 100644
--- a/scripts/Auth_FAS_MediaWiki/Auth_FAS.php
+++ b/scripts/Auth_FAS_MediaWiki/Auth_FAS.php
@@ -15,10 +15,11 @@
curl_setopt($ch, CURLOPT_POSTFIELDS, "username=".urlencode($username)."&user_name=".urlencode($username)."&password=".urlencode($password)."&login=Login");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_VERBOSE, 0);
- # I hate chained certificates
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
- # This is only required because of the wildcard cert on pt10
- curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
+ # The following two lines need to be enabled when using a test FAS
+ # with an invalid cert. Otherwise they should be commented (or
+ # set to True) for security.
+ #curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
+ #curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
$response = json_decode(curl_exec($ch), true);
curl_close ($ch);