Make WordPress Core


Ignore:
Timestamp:
09/27/2015 09:37:00 PM (6 years ago)
Author:
johnbillion
Message:

Don't set CURLOPT_CAINFO when sslverify is false when sending HTTP API requests through cURL. This avoids sending redundant information to cURL, and avoids a bug in Apple's SecureTransport library which causes a request to fail when a CA bundle is set but certificate verification is disabled.

This fixes issues with local HTTPS requests (eg. WP Cron) on OS X where cURL is using SecureTransport instead of OpenSSL.

Fixes #33978

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/class-wp-http-curl.php

    r34585 r34639  
    134134        curl_setopt( $handle, CURLOPT_SSL_VERIFYHOST, ( $ssl_verify === true ) ? 2 : false );
    135135        curl_setopt( $handle, CURLOPT_SSL_VERIFYPEER, $ssl_verify );
    136         curl_setopt( $handle, CURLOPT_CAINFO, $r['sslcertificates'] );
     136
     137        if ( $ssl_verify ) {
     138            curl_setopt( $handle, CURLOPT_CAINFO, $r['sslcertificates'] );
     139        }
     140
    137141        curl_setopt( $handle, CURLOPT_USERAGENT, $r['user-agent'] );
    138142
Note: See TracChangeset for help on using the changeset viewer.