cURL / Mailing Lists / curl-library / Single Mail

curl-library

CURLOPT_SSL_VERIFYHOST won't fail unless CURLOPT_SSL_VERIFYPEER is enabled

From: Jef Gearhart <jef_at_tpssys.com>
Date: Tue, 08 Jul 2008 11:48:10 -0500

Maybe this was intentional? If I try to use CURLOPT_SSL_VERIFYHOST (set
to 2), but disable CURLOPT_SSL_VERIFYPEER, the connection succeeds, even
though the Common name doesn't match the host name I connected to.

I can see clearly in the code why this is so, but before I elaborate on
that.. Is this intentional?

Thanks
Received on 2008-07-08

This message: [ Message body ]
Next message: Arnaud Ebalard: "Re: CURLOPT_SSL_VERIFYHOST won't fail unless CURLOPT_SSL_VERIFYPEER is enabled"
Previous message: Dan Fandrich: "Re: CURLOPT_SCOPE"
Next in thread: Arnaud Ebalard: "Re: CURLOPT_SSL_VERIFYHOST won't fail unless CURLOPT_SSL_VERIFYPEER is enabled"
Reply: Arnaud Ebalard: "Re: CURLOPT_SSL_VERIFYHOST won't fail unless CURLOPT_SSL_VERIFYPEER is enabled"
Reply: Daniel Stenberg: "Re: CURLOPT_SSL_VERIFYHOST won't fail unless CURLOPT_SSL_VERIFYPEER is enabled"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]