ucb/source/ucp/webdav-curl/CurlSession.cxx | 1 + 1 file changed, 1 insertion(+)
New commits: commit d53c6e5c32a0c3169dc7d104b52372175aa7a4df Author: Miklos Vajna <[email protected]> AuthorDate: Fri Jan 9 14:27:53 2026 +0100 Commit: Caolán McNamara <[email protected]> CommitDate: Fri Jan 9 15:42:34 2026 +0100 ucb curl: don't verify peer in the isExemptVerifyHost() case Try to insert a https:// image URL into Writer when the URL's host is meant to be not verified, 'curl -k' works with the URL but insertion in Writer still fails. Turns out this is an expired self-signed certificate (in a local test env). Mechanism for not verifying SSL certs in the curl session was added in commit 2a5c998d4cdfd54ba65b93318292dab542beaabd (allow an exemption to be made for a specific host, 2024-08-23), but that results in an image insertion failure. Fix the problem by adapting the ucb/ code to do what <https://github.com/curl/curl/blob/470e26ff6eb55e8d18d6fa44104834e9d1f71274/src/config2setopts.c#L375> does for 'curl -k', also clear the CURLOPT_SSL_VERIFYPEER option. With this, inserting https:// images from my local test server works again in Writer. Change-Id: I0c52f6c0c0dfd6ebf0b4081a8088b623935a96f7 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/196924 Reviewed-by: Caolán McNamara <[email protected]> Tested-by: Jenkins CollaboraOffice <[email protected]> Tested-by: Caolán McNamara <[email protected]> diff --git a/ucb/source/ucp/webdav-curl/CurlSession.cxx b/ucb/source/ucp/webdav-curl/CurlSession.cxx index 028ada4a5ad7..dd0158c9f8ed 100644 --- a/ucb/source/ucp/webdav-curl/CurlSession.cxx +++ b/ucb/source/ucp/webdav-curl/CurlSession.cxx @@ -826,6 +826,7 @@ CurlSession::CurlSession(uno::Reference<uno::XComponentContext> xContext, } if (HostFilter::isExemptVerifyHost(m_URI.GetHost())) { + rc = curl_easy_setopt(m_pCurl.get(), CURLOPT_SSL_VERIFYPEER, 0L); rc = curl_easy_setopt(m_pCurl.get(), CURLOPT_SSL_VERIFYHOST, 0L); assert(rc == CURLE_OK); }
