Don't set `CURLOPT_CAINFO` when `sslverify` is false when sending HTTP API requests through cURL. This avoids sending redundant information to cURL, and avoids a bug in Apple's SecureTransport library which causes a request to fail when a CA bundle is set but certificate verification is disabled.
This fixes issues with local HTTPS requests (eg. WP Cron) on OS X where cURL is using SecureTransport instead of OpenSSL. Fixes #33978 Built from https://develop.svn.wordpress.org/trunk@34639 git-svn-id: http://core.svn.wordpress.org/trunk@34603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
cbdd8e5494
commit
702e4e8ea7
|
@ -133,7 +133,11 @@ class WP_Http_Curl {
|
||||||
curl_setopt( $handle, CURLOPT_RETURNTRANSFER, true );
|
curl_setopt( $handle, CURLOPT_RETURNTRANSFER, true );
|
||||||
curl_setopt( $handle, CURLOPT_SSL_VERIFYHOST, ( $ssl_verify === true ) ? 2 : false );
|
curl_setopt( $handle, CURLOPT_SSL_VERIFYHOST, ( $ssl_verify === true ) ? 2 : false );
|
||||||
curl_setopt( $handle, CURLOPT_SSL_VERIFYPEER, $ssl_verify );
|
curl_setopt( $handle, CURLOPT_SSL_VERIFYPEER, $ssl_verify );
|
||||||
curl_setopt( $handle, CURLOPT_CAINFO, $r['sslcertificates'] );
|
|
||||||
|
if ( $ssl_verify ) {
|
||||||
|
curl_setopt( $handle, CURLOPT_CAINFO, $r['sslcertificates'] );
|
||||||
|
}
|
||||||
|
|
||||||
curl_setopt( $handle, CURLOPT_USERAGENT, $r['user-agent'] );
|
curl_setopt( $handle, CURLOPT_USERAGENT, $r['user-agent'] );
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
*
|
*
|
||||||
* @global string $wp_version
|
* @global string $wp_version
|
||||||
*/
|
*/
|
||||||
$wp_version = '4.4-alpha-34638';
|
$wp_version = '4.4-alpha-34639';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||||
|
|
Loading…
Reference in New Issue