cURL / Mailing Lists / curl-users / Single Mail

curl-users

[PATCH]add --dont-verify-CN option to the command line tool

From: Torsten Foertsch <torsten.foertsch_at_gmx.net>
Date: Mon, 2 Jun 2003 21:45:50 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

the patch below adds a --dont-verify-CN option to the command line curl.

Normally curl verifies the common name part of the peer certificate to match
the requested host name. This prevents connections to SSL hosts by IP address
or by a name that differs from the certificate's Common Name.

The -k option can be provided to turn off entirely peer certificate
verification but there was no way to let curl check the peer certificate
against a signer and skip only the common name check.

The new option --dont-verify-CN provides a way.

The patch is made with 7.10.5.

Torsten
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE+26lxwicyCTir8T4RAtVGAJ4ivF85OOqaNb71ZvmeOztCnlxIOwCeNg2H
n/995e/Xt1Y8MiemUZZPzig=
=tyQU
-----END PGP SIGNATURE-----

-------------------------------------------------------
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5

text/x-diff attachment: curl.patch

Received on 2003-06-02

This message: [ Message body ]
Next message: Roth, Kevin P.: "Cygwin -> PerlIO fixed (?)"
Previous message: Torsten Foertsch: "How to get a statically linked curl"
Next in thread: G�tz Babin-Ebell: "Re: [PATCH]add --dont-verify-CN option to the command line tool"
Reply: G�tz Babin-Ebell: "Re: [PATCH]add --dont-verify-CN option to the command line tool"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]