From bb512f60c395ecfbcd651c982601ed25a5157a66 Mon Sep 17 00:00:00 2001
From: Tomaz Muraus <tomaz@tomaz.me>
Date: Sun, 17 Nov 2013 17:11:25 +0100
Subject: [PATCH] Make sure server SSL certificate is also validated when using
 older versions of cuRL by setting CURLOPT_SSL_VERIFYPEER to 1.

For explicitness sake, also explicity set CURLOPT_SSL_VERIFYHOST option
to a default value of 2.
---
 push.cpp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/push.cpp b/push.cpp
index cb177d2..9692e08 100644
--- a/push.cpp
+++ b/push.cpp
@@ -1508,6 +1508,9 @@ CURLcode make_curl_request(const CString& service_host, const CString& service_u
 		curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
 	}
 
+	curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L);
+	curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 2L);
+
 	curl_easy_setopt(curl, CURLOPT_URL, url.data());
 	curl_easy_setopt(curl, CURLOPT_PORT, port);
 	curl_easy_setopt(curl, CURLOPT_USERAGENT, "ZNC Push");