From 2e13b4c36fd7595ccba77213418b0c27aa41f280 Mon Sep 17 00:00:00 2001
From: stephanie sappho lenzo <sappho@sappho.io>
Date: Tue, 5 Dec 2023 13:21:22 -0500
Subject: use system ssl certs + accept any encoding, allows for automatic
 decompression

---
 extension/curlmanager.cpp | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'extension')

diff --git a/extension/curlmanager.cpp b/extension/curlmanager.cpp
index 6a64c10..3cf127b 100644
--- a/extension/curlmanager.cpp
+++ b/extension/curlmanager.cpp
@@ -714,6 +714,23 @@ void cURLManager::LoadcURLOption(cURLHandle *handle)
 
 	handle->opt_loaded = true;
 	
+    static bool curlSetSSL = false;
+    if (!curlSetSSL)
+    {
+        // use the system ssl certs
+        CURLsslset sslset = curl_global_sslset(CURLSSLBACKEND_OPENSSL, NULL, NULL);
+        if (sslset != CURLSSLSET_OK)
+        {
+            printf("curl_global_sslset failed: %i\n", sslset);
+            return;
+        }
+        curlSetSSL = true;
+    }
+
+
+    curl_easy_setopt(handle->curl, CURLOPT_SSL_OPTIONS, CURLSSLOPT_NATIVE_CA);
+    curl_easy_setopt(handle->curl, CURLOPT_ACCEPT_ENCODING, "");
+
 	curl_easy_setopt(handle->curl, CURLOPT_ERRORBUFFER, handle->errorBuffer);
 
 	curl_easy_setopt(handle->curl, CURLOPT_OPENSOCKETFUNCTION, curl_opensocket_function);
-- 
cgit v1.2.3