merge with debian-sid 0.8.15.2

[apt.git] / methods / https.cc

diff --git a/methods/https.cc b/methods/https.cc
index aa6786aa86fa9ad92f82ebbdccbfa9495485422c..fc649d6c217f800aad3ba147e9a8ff1320394f38 100644 (file)
--- a/methods/https.cc
+++ b/methods/https.cc
@@ -143,13 +143,11 @@ bool HttpsMethod::Fetch(FetchItem *Itm)
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, peer_verify);
 
    // ... and hostname against cert CN or subjectAltName
-   int default_verify = 2;
    bool verify = _config->FindB("Acquire::https::Verify-Host",true);
    knob = "Acquire::https::"+remotehost+"::Verify-Host";
    verify = _config->FindB(knob.c_str(),verify);
-   if (!verify)
-      default_verify = 0;
-   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, verify);
+   int const default_verify = (verify == true) ? 2 : 0;
+   curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, default_verify);
 
    // Also enforce issuer of server certificate using its cert
    string issuercert = _config->Find("Acquire::https::IssuerCert","");