cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: axTLS patch set

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Wed, 15 Dec 2010 14:48:51 +0100 (CET)

On Mon, 13 Dec 2010, Hu, Eric wrote:

> I found two very annoying traits of axTLS cert handling that don't matter
> for our application, but will probably impact everyone else.

Oh yes, they are very annying. My cacert bundle does however start with the
correct 10 bytes so that's not exactly my problem.

I didn't debug my case very much yet, but attached here you will find two
additional curl patches that I've made that allow:

A) TLS connections using the "default" version which I think is "whatever
    works" and makes axTLS work without explictily having been told to use
    TLSv1

B) I made the command line -k work, which basically is the
    CURLOPT_SSL_VERIFYPEER option that can tell libcurl to skip the cert
    verfication against the cacert.

-- 
  / daniel.haxx.se



-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html

Received on 2010-12-15