From f9c6633c62abc1477a1e3df9f5ba1af14ecec1b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tam=C3=A1s=20B=C3=A1lint=20Misius?= Date: Sat, 15 Aug 2020 19:06:56 +0200 Subject: [PATCH] Make certificate revocation checks non-mission-critical This will hopefully solve 612 errors on Windows. --- src/client/http/Request.cpp | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/client/http/Request.cpp b/src/client/http/Request.cpp index b1e235a07..88061ff80 100644 --- a/src/client/http/Request.cpp +++ b/src/client/http/Request.cpp @@ -199,6 +199,13 @@ namespace http #endif // TODO: Find out what TLS1.2 is supported on, might need to also allow TLS1.0 curl_easy_setopt(easy, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2); +#if defined(CURL_AT_LEAST_VERSION) && CURL_AT_LEAST_VERSION(7, 70, 0) + curl_easy_setopt(easy, CURLOPT_SSL_OPTIONS, CURLSSLOPT_REVOKE_BEST_EFFORT); +#elif defined(CURL_AT_LEAST_VERSION) && CURL_AT_LEAST_VERSION(7, 44, 0) + curl_easy_setopt(easy, CURLOPT_SSL_OPTIONS, CURLSSLOPT_NO_REVOKE); +#elif defined(WIN) +# error "That's unfortunate." +#endif curl_easy_setopt(easy, CURLOPT_MAXREDIRS, 10L); curl_easy_setopt(easy, CURLOPT_ERRORBUFFER, error_buffer);