From 114516bcb444eaeac434d4aea38437d3fd4ea201 Mon Sep 17 00:00:00 2001
From: notxarb <braxton@pagodabox.com>
Date: Mon, 1 May 2017 03:38:41 -0600
Subject: [PATCH] Bugfix/curlopt capath (#1684)

---
 src/Handler/CurlFactory.php       | 10 +++++++++-
 tests/Handler/CurlFactoryTest.php |  9 +++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/src/Handler/CurlFactory.php b/src/Handler/CurlFactory.php
index c9b171ba..45d1c4f4 100644
--- a/src/Handler/CurlFactory.php
+++ b/src/Handler/CurlFactory.php
@@ -326,12 +326,20 @@ class CurlFactory implements CurlFactoryInterface
                 $conf[CURLOPT_SSL_VERIFYHOST] = 2;
                 $conf[CURLOPT_SSL_VERIFYPEER] = true;
                 if (is_string($options['verify'])) {
-                    $conf[CURLOPT_CAINFO] = $options['verify'];
+                    // Throw an error if the file/folder/link path is not valid or doesn't exist.
                     if (!file_exists($options['verify'])) {
                         throw new \InvalidArgumentException(
                             "SSL CA bundle not found: {$options['verify']}"
                         );
                     }
+                    // If it's a directory or a link to a directory use CURLOPT_CAPATH.
+                    // If not, it's probably a file, or a link to a file, so use CURLOPT_CAINFO.
+                    if (is_dir($options['verify']) || 
+                        (is_link($options['verify']) && is_dir(readlink($options['verify'])))) {
+                        $conf[CURLOPT_CAPATH] = $options['verify'];
+                    } else {
+                        $conf[CURLOPT_CAINFO] = $options['verify'];
+                    }
                 }
             }
         }
diff --git a/tests/Handler/CurlFactoryTest.php b/tests/Handler/CurlFactoryTest.php
index eb598486..9e3e250c 100644
--- a/tests/Handler/CurlFactoryTest.php
+++ b/tests/Handler/CurlFactoryTest.php
@@ -125,6 +125,15 @@ class CurlFactoryTest extends \PHPUnit_Framework_TestCase
         $this->assertEquals(true, $_SERVER['_curl'][CURLOPT_SSL_VERIFYPEER]);
     }
 
+    public function testCanSetVerifyToDir()
+    {
+        $f = new Handler\CurlFactory(3);
+        $f->create(new Psr7\Request('GET', 'http://foo.com'), ['verify' => __DIR__]);
+        $this->assertEquals(__DIR__, $_SERVER['_curl'][CURLOPT_CAPATH]);
+        $this->assertEquals(2, $_SERVER['_curl'][CURLOPT_SSL_VERIFYHOST]);
+        $this->assertEquals(true, $_SERVER['_curl'][CURLOPT_SSL_VERIFYPEER]);
+    }
+
     public function testAddsVerifyAsTrue()
     {
         $f = new Handler\CurlFactory(3);