Add flag FLAGS_disable_peer_verification

To allow disable peer verification.

Issue #623.

Change-Id: I0781d10dea3ef6c92f0139aa1fa4949449c5da36
This commit is contained in:
KongQun Yang 2018-08-22 16:50:02 -07:00
parent 2c51dcc601
commit 78941394dd
1 changed files with 9 additions and 0 deletions

View File

@ -7,12 +7,18 @@
#include "packager/media/base/http_key_fetcher.h" #include "packager/media/base/http_key_fetcher.h"
#include <curl/curl.h> #include <curl/curl.h>
#include <gflags/gflags.h>
#include "packager/base/logging.h" #include "packager/base/logging.h"
#include "packager/base/strings/string_number_conversions.h" #include "packager/base/strings/string_number_conversions.h"
#include "packager/base/strings/stringprintf.h" #include "packager/base/strings/stringprintf.h"
#include "packager/base/synchronization/lock.h" #include "packager/base/synchronization/lock.h"
DEFINE_bool(disable_peer_verification,
false,
"Disable peer verification. This is needed to talk to servers "
"without valid certificates.");
namespace shaka { namespace shaka {
namespace { namespace {
@ -174,6 +180,9 @@ Status HttpKeyFetcher::FetchInternal(HttpMethod method,
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, AppendToString); curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, AppendToString);
curl_easy_setopt(curl, CURLOPT_WRITEDATA, response); curl_easy_setopt(curl, CURLOPT_WRITEDATA, response);
if (FLAGS_disable_peer_verification)
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
if (!client_cert_private_key_file_.empty() && !client_cert_file_.empty()) { if (!client_cert_private_key_file_.empty() && !client_cert_file_.empty()) {
// Some PlayReady packaging servers only allow connects via HTTPS with // Some PlayReady packaging servers only allow connects via HTTPS with
// client certificates. // client certificates.