From 96a4cad46ac1e75221784e7d2b31f4445209e598 Mon Sep 17 00:00:00 2001
From: Orgad Shaneh <orgad.shaneh@audiocodes.com>
Date: Sun, 19 May 2024 11:58:44 +0300
Subject: [PATCH] tool_operate: avoid explicitly setting verifypeer to 1

Also for the proxy verison. It is the default, just like verifyhost,
since a long time.

Closes #13704
---
 src/tool_operate.c | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/src/tool_operate.c b/src/tool_operate.c
index d81d59f280..535712d123 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -1731,15 +1731,12 @@ static CURLcode single_transfer(struct GlobalConfig *global,
           my_setopt_str(curl, CURLOPT_SSLKEYTYPE, config->key_type);
           my_setopt_str(curl, CURLOPT_PROXY_SSLKEYTYPE,
                         config->proxy_key_type);
+
+          /* libcurl default is strict verifyhost -> 1L, verifypeer -> 1L */
           if(config->insecure_ok) {
             my_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
             my_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
           }
-          else {
-            my_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L);
-            /* libcurl default is strict verifyhost -> 2L   */
-            /* my_setopt(curl, CURLOPT_SSL_VERIFYHOST, 2L); */
-          }
 
           if(config->doh_insecure_ok) {
             my_setopt(curl, CURLOPT_DOH_SSL_VERIFYPEER, 0L);
@@ -1750,9 +1747,6 @@ static CURLcode single_transfer(struct GlobalConfig *global,
             my_setopt(curl, CURLOPT_PROXY_SSL_VERIFYPEER, 0L);
             my_setopt(curl, CURLOPT_PROXY_SSL_VERIFYHOST, 0L);
           }
-          else {
-            my_setopt(curl, CURLOPT_PROXY_SSL_VERIFYPEER, 1L);
-          }
 
           if(config->verifystatus)
             my_setopt(curl, CURLOPT_SSL_VERIFYSTATUS, 1L);
-- 
2.47.3