From 5cb6d6e53780055e816df3092207a193203ea59d Mon Sep 17 00:00:00 2001
From: Michael Vogel <icarus@dabo.de>
Date: Sun, 1 Mar 2015 10:53:49 +0100
Subject: [PATCH 1/2] We have to disable the SSL checks, otherwise the
 communication will fail for servers with self-signed certificates

---
 include/network.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/include/network.php b/include/network.php
index ab7a9c6297..14497f01a2 100644
--- a/include/network.php
+++ b/include/network.php
@@ -34,6 +34,11 @@ function fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0, $accept_
 		));
 	}
 
+	// There are many servers out there that don't have valid certificates
+	// We have to disable the checks :-(
+	@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,false);
+	@curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,false);
+
 	@curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
 	@curl_setopt($ch, CURLOPT_USERAGENT, $a->get_useragent());
 

From 9e55dbf1db9adcc9a461c0cd588de05ceb03345d Mon Sep 17 00:00:00 2001
From: Michael Vogel <icarus@dabo.de>
Date: Mon, 2 Mar 2015 00:32:46 +0100
Subject: [PATCH 2/2] There is already a setting for that ...

---
 include/network.php | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/include/network.php b/include/network.php
index 14497f01a2..911d9784a5 100644
--- a/include/network.php
+++ b/include/network.php
@@ -34,11 +34,6 @@ function fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0, $accept_
 		));
 	}
 
-	// There are many servers out there that don't have valid certificates
-	// We have to disable the checks :-(
-	@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,false);
-	@curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,false);
-
 	@curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
 	@curl_setopt($ch, CURLOPT_USERAGENT, $a->get_useragent());
 
@@ -55,6 +50,7 @@ function fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0, $accept_
 
 	$check_cert = get_config('system','verifyssl');
 	@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false));
+	@curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, (($check_cert) ? 2 : false));
 
 	$prx = get_config('system','proxy');
 	if(strlen($prx)) {
@@ -163,6 +159,7 @@ function post_url($url,$params, $headers = null, &$redirects = 0, $timeout = 0)
 
 	$check_cert = get_config('system','verifyssl');
 	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false));
+	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, (($check_cert) ? 2 : false));
 	$prx = get_config('system','proxy');
 	if(strlen($prx)) {
 		curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);