From: William Lallemand <wlallemand@haproxy.org>
Date: Tue, 24 Aug 2021 15:15:58 +0000 (+0200)
Subject: MINOR: httpclient: set verify none on the https server
X-Git-Tag: v2.5-dev5~37
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cfcbe9ebd9ba9b8343af1b9a08e50abfd3599e15;p=thirdparty%2Fhaproxy.git

MINOR: httpclient: set verify none on the https server

There is currently no way to specify the CA to verify from the
httpclient API. Sets the verify to none so we can still do https
request.
---

diff --git a/src/http_client.c b/src/http_client.c
index 478a3da07f..7c0ac08366 100644
--- a/src/http_client.c
+++ b/src/http_client.c
@@ -707,6 +707,8 @@ static int httpclient_init()
 	if (!httpclient_srv_ssl->id)
 		goto err;
 
+	httpclient_srv_ssl->ssl_ctx.verify = SSL_SOCK_VERIFY_NONE;
+
 	/* add the proxy in the proxy list only if everything successed */
 	httpclient_proxy->next = proxies_list;
 	proxies_list = httpclient_proxy;