From 2b6b333f6b547538c5329de786b1ec7d8749759a Mon Sep 17 00:00:00 2001
From: Dion Hulse <dd32@git.wordpress.org>
Date: Thu, 7 Apr 2011 08:38:36 +0000
Subject: [PATCH] Verify certificate matches both the common name and the
 provided hostname. WP_HTTP_Curl requires CURLOPT_SSL_VERIFYHOST be either 2
 or false. Props sivel. Fixes #16904

git-svn-id: https://develop.svn.wordpress.org/trunk@17616 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-includes/class-http.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/wp-includes/class-http.php b/wp-includes/class-http.php
index 683552d5f0..2ae0245b1e 100644
--- a/wp-includes/class-http.php
+++ b/wp-includes/class-http.php
@@ -1190,7 +1190,7 @@ class WP_Http_Curl {
 
 		curl_setopt( $handle, CURLOPT_URL, $url);
 		curl_setopt( $handle, CURLOPT_RETURNTRANSFER, true );
-		curl_setopt( $handle, CURLOPT_SSL_VERIFYHOST, $ssl_verify );
+		curl_setopt( $handle, CURLOPT_SSL_VERIFYHOST, ( $ssl_verify === true ) ? 2 : false );
 		curl_setopt( $handle, CURLOPT_SSL_VERIFYPEER, $ssl_verify );
 		curl_setopt( $handle, CURLOPT_USERAGENT, $r['user-agent'] );
 		curl_setopt( $handle, CURLOPT_MAXREDIRS, $r['redirection'] );