Disable SSL peer verification in cURL. Also, explicitly set FOLLOWLOCATION to make sure that we can redirect properly. Both of these are needed to fix snort rule downloads.

author: jim-p <jimp@pfsense.org> 2010-07-26 17:35:39 -0400
committer: jim-p <jimp@pfsense.org> 2010-07-26 17:35:39 -0400
commit: 0f280d2adc9a4fccef532dcb810398238366617b (patch)
tree: 13dbc630a35c7d5b6df77e1fafafe650092893da /etc
parent: 4cb9abc3dc4b1faf42f4f8607772f9b652341209 (diff)
download: pfsense-0f280d2adc9a4fccef532dcb810398238366617b.zip
pfsense-0f280d2adc9a4fccef532dcb810398238366617b.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc
index 3d12fa9..14a2579 100644
--- a/etc/inc/pfsense-utils.inc
+++ b/etc/inc/pfsense-utils.inc
@@ -1542,6 +1542,9 @@ function download_file_with_progress_bar($url_file, $destination_file, $readbody
         $ch = curl_init();
         curl_setopt($ch, CURLOPT_URL, $url_file);
         curl_setopt($ch, CURLOPT_HEADERFUNCTION, 'read_header');
+        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+        /* Don't verify SSL peers since we don't have the certificates to do so. */
+        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
         curl_setopt($ch, CURLOPT_WRITEFUNCTION, $readbody);
         curl_setopt($ch, CURLOPT_NOPROGRESS, '1');
         curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, '5');
author	jim-p <jimp@pfsense.org>	2010-07-26 17:35:39 -0400
committer	jim-p <jimp@pfsense.org>	2010-07-26 17:35:39 -0400
commit	0f280d2adc9a4fccef532dcb810398238366617b (patch)
tree	13dbc630a35c7d5b6df77e1fafafe650092893da /etc
parent	4cb9abc3dc4b1faf42f4f8607772f9b652341209 (diff)
download	pfsense-0f280d2adc9a4fccef532dcb810398238366617b.zip pfsense-0f280d2adc9a4fccef532dcb810398238366617b.tar.gz