diff options
author | jim-p <jimp@pfsense.org> | 2010-07-26 17:35:39 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2010-07-26 17:35:39 -0400 |
commit | 0f280d2adc9a4fccef532dcb810398238366617b (patch) | |
tree | 13dbc630a35c7d5b6df77e1fafafe650092893da | |
parent | 4cb9abc3dc4b1faf42f4f8607772f9b652341209 (diff) | |
download | pfsense-0f280d2adc9a4fccef532dcb810398238366617b.zip pfsense-0f280d2adc9a4fccef532dcb810398238366617b.tar.gz |
Disable SSL peer verification in cURL. Also, explicitly set FOLLOWLOCATION to make sure that we can redirect properly. Both of these are needed to fix snort rule downloads.
-rw-r--r-- | etc/inc/pfsense-utils.inc | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index 3d12fa9..14a2579 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -1542,6 +1542,9 @@ function download_file_with_progress_bar($url_file, $destination_file, $readbody $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url_file); curl_setopt($ch, CURLOPT_HEADERFUNCTION, 'read_header'); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); + /* Don't verify SSL peers since we don't have the certificates to do so. */ + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_WRITEFUNCTION, $readbody); curl_setopt($ch, CURLOPT_NOPROGRESS, '1'); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, '5'); |