`insecure` option searched in `ssl_options`

[mentao-o]

Description

The insecure option is listed among the Others options according to the request/5 documentation and isn't part of to the ssl_options.

When no ssl_options is provided as a request option the whole Options argument is passed to ssl_opts/1 and works like described above.

However, when ssl_options is provided hackney uses a different approach and only the ssl_options is passed to ssl_opts/1 instead of the whole Options argument, thus it searches for the insecure option in the ssl_options.

Related code parts

ssl_opts(Host, Options) ->
  case proplists:get_value(ssl_options, Options) of
    undefined ->
      ssl_opts_1(Host, Options);
    [] ->
      ssl_opts_1(Host, Options);
    SSLOpts ->
      merge_ssl_opts(Host, SSLOpts)  % NOTE: Only `ssl_options` is passed
  end.

ssl_opts_1(Host, Options) ->
  Insecure =  proplists:get_value(insecure, Options, false),
  case Insecure of
    true ->
      [{verify, verify_none} | ssl_opts_2()];
    false ->
      hackney_ssl:check_hostname_opts(Host) ++ ssl_opts_2()
  end.

merge_ssl_opts(Host, OverrideOpts) ->
  VerifyHost = case proplists:get_value(server_name_indication, OverrideOpts, disable) of
    disable -> Host;
    SNI -> SNI
  end,
  DefaultOpts = ssl_opts_1(VerifyHost, OverrideOpts),  % NOTE: `OverrideOpts` is only `ssl_options`, which shouldn't contain the `insecure` option
  MergedOpts = orddict:merge(fun(_K, _V1, V) -> V end,
                             orddict:from_list(DefaultOpts),
                             orddict:from_list(OverrideOpts)),
  %% If cacertfile was provided in override opts remove cacerts
  case lists:keymember(cacertfile, 1, MergedOpts) of
    true ->
      lists:keydelete(cacerts, 1, MergedOpts);
    false ->
      MergedOpts
  end.