From: gggeek <giunta.gaetano@gmail.com>
Date: Sun, 7 Dec 2014 20:35:01 +0000 (+0000)
Subject: no need to call anymore $client->setSSLVerifyHost(2) to silence a curl warning when... 
X-Git-Tag: 4.0.0-alpha~7
X-Git-Url: http://git.onelab.eu/?p=plcapi.git;a=commitdiff_plain;h=4d3f0dd566fa18a47ffc4e7e46e6c51785f56013

no need to call anymore $client->setSSLVerifyHost(2) to silence a curl warning when using https with recent curl builds
---

diff --git a/ChangeLog b/ChangeLog
index 18e2b56..cd95a9f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+NB: All recent commits are available online.
+This file will not be updated further.
+See https://github.com/gggeek/phpxmlrpc/commits/master
+
+
 2014-02-3 - G. Giunta (giunta.gaetano@gmail.com)
 
 	* bumped up requirements to php 5.1.0
@@ -1374,7 +1379,7 @@
 	* xmlrpc.inc: added setSSLVerifyPeer and setSSLVerifyHost; as
 	of curl 7.10, various certificate checks are done (by default).
 	The default for CURLOPT_SSL_VERIFYHOST is to ensure the common
-	name on the cert matches the provided hostname.  This breaks a
+	name on the cert matches the provided hostname. This breaks a
 	lot of stuff, so allow users to override it.
 	* doc/xmlrpc_php.sgml: updated documentation accordingly.
 
diff --git a/NEWS b/NEWS
index 1e71f97..195b6a3 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,8 @@ XML-RPC for PHP version 3.0.1 - 201X/Y/Z
 
 Taking baby steps to modern-world php, this release is now tested using Travis ( https://travis-ci.org/ ).
 
+Improved: no need to call anymore $client->setSSLVerifyHost(2) to silence a curl warning when using https with recent curl builds
+
 
 XML-RPC for PHP version 3.0.0 - 2014/6/15
 
diff --git a/lib/xmlrpc.inc b/lib/xmlrpc.inc
index ea775f8..e5be7f7 100644
--- a/lib/xmlrpc.inc
+++ b/lib/xmlrpc.inc
@@ -1621,6 +1621,13 @@
 				{
 					curl_setopt($curl, CURLOPT_SSLKEYPASSWD, $keypass);
 				}
+
+                // Upgrade transparently to more stringent check for versions of php which do not support otherwise.
+                // Doing it in constructor would be cleaner; doing it here saves us a couple of function calls
+                if($this->verifyhost == 1 && $info = curl_version() && version_compare($info['version'], '7.28.1') >= 0)
+                {
+                    $this->verifyhost = 2;
+                }
 				// whether to verify cert's common name (CN); 0 for no, 1 to verify that it exists, and 2 to verify that it matches the hostname used
 				curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, $this->verifyhost);
 			}