From c1e70ae5e61872a949b72ef17af8943cd91f1bb9 Mon Sep 17 00:00:00 2001
From: dd32 <dd32@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Thu, 7 Apr 2011 08:38:36 +0000
Subject: [PATCH] Verify certificate matches both the common name and the
 provided hostname. WP_HTTP_Curl requires CURLOPT_SSL_VERIFYHOST be either 2
 or false. Props sivel. Fixes #16904

git-svn-id: http://svn.automattic.com/wordpress/trunk@17616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/class-http.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/wp-includes/class-http.php b/wp-includes/class-http.php
index 683552d5f..2ae0245b1 100644
--- a/wp-includes/class-http.php
+++ b/wp-includes/class-http.php
@@ -1190,7 +1190,7 @@ class WP_Http_Curl {
 
 		curl_setopt( $handle, CURLOPT_URL, $url);
 		curl_setopt( $handle, CURLOPT_RETURNTRANSFER, true );
-		curl_setopt( $handle, CURLOPT_SSL_VERIFYHOST, $ssl_verify );
+		curl_setopt( $handle, CURLOPT_SSL_VERIFYHOST, ( $ssl_verify === true ) ? 2 : false );
 		curl_setopt( $handle, CURLOPT_SSL_VERIFYPEER, $ssl_verify );
 		curl_setopt( $handle, CURLOPT_USERAGENT, $r['user-agent'] );
 		curl_setopt( $handle, CURLOPT_MAXREDIRS, $r['redirection'] );