From a826343f6c45faedfc7ab0a51a47ebc607337eb8 Mon Sep 17 00:00:00 2001 From: Bart Van Der Meerssche Date: Sat, 5 Mar 2011 00:07:56 +0100 Subject: [PATCH] [luci] allow httpclient to perform peer certificate validation --- .../package/luci/libs/httpclient/luasrc/httpclient.lua | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/mote/v2/openwrt/package/luci/libs/httpclient/luasrc/httpclient.lua b/mote/v2/openwrt/package/luci/libs/httpclient/luasrc/httpclient.lua index 69abddf..0a0e78c 100644 --- a/mote/v2/openwrt/package/luci/libs/httpclient/luasrc/httpclient.lua +++ b/mote/v2/openwrt/package/luci/libs/httpclient/luasrc/httpclient.lua @@ -138,6 +138,13 @@ function request_raw(uri, options) if pr == "https" then local tls = options.tls_context or nixio.tls() + local tls_context_set_verify = options.tls_context_set_verify or "none" + + if tls_context_set_verify == "peer" then + tls:set_verify("peer") + tls:set_verify_locations("/etc/ssl/certs/flukso.ca.crt") + end + sock = tls:create(sock) local stat, code, error = sock:connect() if not stat then