MDL-40615 Repository: Updated Amazon S3 library

Fixed insecure use of CURLOPT_SSL_VERIFYHOST
2025-04-21 00:12:56 +02:00 · 2013-07-19 16:02:56 +08:00 · 2013-07-19 16:02:56 +08:00 · d72d541db5
commit d72d541db5
parent 6cef3dfe8e
2 changed files with 2 additions and 3 deletions
--- a/repository/s3/README_MOODLE.txt
+++ b/repository/s3/README_MOODLE.txt
@ -3,8 +3,7 @@
 Amazon S3 PHP Class

 Cloned from git://github.com/tpyo/amazon-s3-php-class.git
-Branch master
-On July 23rd 2012
+At commit 56770370c33a5310c5e07a9d22aef8c162f150ee

 https://github.com/tpyo/amazon-s3-php-class
 http://undesigned.org.za/2007/10/22/amazon-s3-php-class
--- a/repository/s3/S3.php
+++ b/repository/s3/S3.php
@ -1809,7 +1809,7 @@ final class S3Request
 		if (S3::$useSSL)
 		{
 			// SSL Validation can now be optional for those with broken OpenSSL installations
-			curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, S3::$useSSLValidation ? 1 : 0);
+			curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, S3::$useSSLValidation ? 2 : 0);
 			curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, S3::$useSSLValidation ? 1 : 0);

 			if (S3::$sslKey !== null) curl_setopt($curl, CURLOPT_SSLKEY, S3::$sslKey);