From a1b1122cc5d209681e7c1dc87691854c9e36c117 Mon Sep 17 00:00:00 2001
From: Martin Szulecki
Date: Wed, 6 Mar 2013 11:11:33 +0100
Subject: Disable SSL verification to allow downloads from untrusted https
 locations

---
 src/download.c | 6 ++++++
 src/tss.c      | 2 ++
 2 files changed, 8 insertions(+)

diff --git a/src/download.c b/src/download.c
index 717f2dc..aa4c61a 100644
--- a/src/download.c
+++ b/src/download.c
@@ -64,6 +64,9 @@ int download_to_buffer(const char* url, char** buf, uint32_t* length)
 	if (idevicerestore_debug)
 		curl_easy_setopt(handle, CURLOPT_VERBOSE, 1);
 
+	/* disable SSL verification to allow download from untrusted https locations */
+	curl_easy_setopt(handle, CURLOPT_SSL_VERIFYPEER, 0);
+
 	curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, (curl_write_callback)&download_write_buffer_callback);
 	curl_easy_setopt(handle, CURLOPT_WRITEDATA, &response);
 	curl_easy_setopt(handle, CURLOPT_USERAGENT, "InetURL/1.0");
@@ -122,6 +125,9 @@ int download_to_file(const char* url, const char* filename, int enable_progress)
 	if (idevicerestore_debug)
 		curl_easy_setopt(handle, CURLOPT_VERBOSE, 1);
 
+	/* disable SSL verification to allow download from untrusted https locations */
+	curl_easy_setopt(handle, CURLOPT_SSL_VERIFYPEER, 0);
+
 	curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, NULL);
 	curl_easy_setopt(handle, CURLOPT_WRITEDATA, f);
 
diff --git a/src/tss.c b/src/tss.c
index 2928a2e..8a9dcce 100644
--- a/src/tss.c
+++ b/src/tss.c
@@ -358,7 +358,9 @@ plist_t tss_send_request(plist_t tss_request, const char* server_url_string) {
 		response->content = malloc(1);
 		response->content[0] = '\0';
 
+		/* disable SSL verification to allow download from untrusted https locations */
 		curl_easy_setopt(handle, CURLOPT_SSL_VERIFYPEER, 0);
+
 		curl_easy_setopt(handle, CURLOPT_ERRORBUFFER, curl_error_message);
 		curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, (curl_write_callback)&tss_write_callback);
 		curl_easy_setopt(handle, CURLOPT_WRITEDATA, response);
-- 
cgit v1.1-32-gdbae