1 files changed, 12 insertions, 19 deletions

diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp
index f8a7eb0417..7c6660e28b 100644
--- a/indra/llmessage/llcurl.cpp
+++ b/indra/llmessage/llcurl.cpp
@@ -90,10 +90,6 @@ S32 gCurlMultiCount = 0;
 std::vector<LLMutex*> LLCurl::sSSLMutex;
 std::string LLCurl::sCAPath;
 std::string LLCurl::sCAFile;
-// Verify SSL certificates by default (matches libcurl default). The ability
-// to alter this flag is only to allow us to suppress verification if it's
-// broken for some reason.
-bool LLCurl::sSSLVerify = true;
 
 //static
 void LLCurl::setCAPath(const std::string& path)
@@ -108,18 +104,6 @@ void LLCurl::setCAFile(const std::string& file)
 }
 
 //static
-void LLCurl::setSSLVerify(bool verify)
-{
-	sSSLVerify = verify;
-}
-
-//static
-bool LLCurl::getSSLVerify()
-{
-	return sSSLVerify;
-}
-
-//static
 std::string LLCurl::getVersionString()
 {
 	return std::string(curl_version());
@@ -544,7 +528,7 @@ void LLCurl::Easy::prepRequest(const std::string& url,
 	setErrorBuffer();
 	setCA();
 
-	setopt(CURLOPT_SSL_VERIFYPEER, LLCurl::getSSLVerify());
+	setopt(CURLOPT_SSL_VERIFYPEER, true);
 	//setopt(CURLOPT_SSL_VERIFYHOST, LLCurl::getSSLVerify()? 2 : 0);
 	
 	//don't verify host name so urls with scrubbed host names will work (improves DNS performance)
@@ -1015,6 +999,15 @@ void LLCurlEasyRequest::setReadCallback(curl_read_callback callback, void* userd
 	}
 }
 
+void LLCurlEasyRequest::setSSLCtxCallback(curl_ssl_ctx_callback callback, void* userdata)
+{
+	if (mEasy)
+	{
+		mEasy->setopt(CURLOPT_SSL_CTX_FUNCTION, (void*)callback);
+		mEasy->setopt(CURLOPT_SSL_CTX_DATA, userdata);
+	}
+}
+
 void LLCurlEasyRequest::slist_append(const char* str)
 {
 	if (mEasy)
@@ -1180,6 +1173,6 @@ void LLCurl::cleanupClass()
 	{
 		llerrs << "CURL easy handles not cleaned up on shutdown!" << llendl;
 	}
-
-	curl_global_cleanup();
 }
+
+