cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Does curl REALLY ignore CURLOPT_SSL_VERIFYPEER / CURLOPT_SSL_VERIFYHOST?

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Tue, 4 Dec 2007 10:08:53 +0100 (CET)

On Tue, 4 Dec 2007, paranoid paranoia wrote:

>> What do you say about this?
>
> I haven't got a chance to try it, since the patch curiously fails to apply
> against every single version of curl I tried (7.16.4, 7.17.1,
> 7.17.2-20071202),

It applied on the dec 2 version, but I committed it on dec 3 so you can try it
out in a current snapshot!

> I'm not sure why anyone who doesn't care to get the peer verified would care
> to see the diagnostic info about the peer's certificate (even if one
> existed), but it certainly doesn't hurt to have the option to see what's
> going on.

Mostly because that's how people have been able to view the cert before, and
I didn't want to remove that way of using curl.

-- 
  Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
Received on 2007-12-04