diff options
| author | Olav Morken <olav.morken@uninett.no> | 2012-05-15 11:33:13 +0000 |
|---|---|---|
| committer | Olav Morken <olav.morken@uninett.no> | 2012-05-15 11:33:13 +0000 |
| commit | 744fa4fae6b132fdbca301bd16c90680ec3dd102 (patch) | |
| tree | c2100a54d9a3ef30a5e61354a6b1ff4971e5432c /modules/aselect/lib/Auth/Source/aselect.php | |
| parent | ce9bc78e67b3ff5a613a3bb3221960193d954572 (diff) | |
| download | simplesamlphp-origin/simplesamlphp-1.8.zip simplesamlphp-origin/simplesamlphp-1.8.tar.gz simplesamlphp-origin/simplesamlphp-1.8.tar.bz2 | |
aselect: Enable verification of SSL certificate on A-Select endpoint.origin/simplesamlphp-1.8
Without the certificate check, we leave ourselves vulnerable to
man-in-the-middle between the simpleSAMLphp installation and the
A-Select server.
Thanks to Thijs Kinkhorst for reporting this vulnerability!
git-svn-id: https://simplesamlphp.googlecode.com/svn/branches/simplesamlphp-1.8@3098 44740490-163a-0410-bde0-09ae8108e29a
Diffstat (limited to 'modules/aselect/lib/Auth/Source/aselect.php')
| -rw-r--r-- | modules/aselect/lib/Auth/Source/aselect.php | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/modules/aselect/lib/Auth/Source/aselect.php b/modules/aselect/lib/Auth/Source/aselect.php index 2cba464..ba1743b 100644 --- a/modules/aselect/lib/Auth/Source/aselect.php +++ b/modules/aselect/lib/Auth/Source/aselect.php @@ -66,7 +66,6 @@ class sspmod_aselect_Auth_Source_aselect extends SimpleSAML_Auth_Source { // helper function for sending a non-browser request to a remote server function as_call($url) { $ch = curl_init(); - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_URL, $url); $result = curl_exec($ch); |