From 9e55dbf1db9adcc9a461c0cd588de05ceb03345d Mon Sep 17 00:00:00 2001
From: Michael Vogel <icarus@dabo.de>
Date: Mon, 2 Mar 2015 00:32:46 +0100
Subject: [PATCH] There is already a setting for that ...

---
 include/network.php | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/include/network.php b/include/network.php
index 14497f01a2..911d9784a5 100644
--- a/include/network.php
+++ b/include/network.php
@@ -34,11 +34,6 @@ function fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0, $accept_
 		));
 	}
 
-	// There are many servers out there that don't have valid certificates
-	// We have to disable the checks :-(
-	@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,false);
-	@curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,false);
-
 	@curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
 	@curl_setopt($ch, CURLOPT_USERAGENT, $a->get_useragent());
 
@@ -55,6 +50,7 @@ function fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0, $accept_
 
 	$check_cert = get_config('system','verifyssl');
 	@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false));
+	@curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, (($check_cert) ? 2 : false));
 
 	$prx = get_config('system','proxy');
 	if(strlen($prx)) {
@@ -163,6 +159,7 @@ function post_url($url,$params, $headers = null, &$redirects = 0, $timeout = 0)
 
 	$check_cert = get_config('system','verifyssl');
 	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false));
+	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, (($check_cert) ? 2 : false));
 	$prx = get_config('system','proxy');
 	if(strlen($prx)) {
 		curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);