cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: axTLS patch set

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Wed, 15 Dec 2010 14:48:51 +0100 (CET)

On Mon, 13 Dec 2010, Hu, Eric wrote:

> I found two very annoying traits of axTLS cert handling that don't matter
> for our application, but will probably impact everyone else.

Oh yes, they are very annying. My cacert bundle does however start with the
correct 10 bytes so that's not exactly my problem.

I didn't debug my case very much yet, but attached here you will find two
additional curl patches that I've made that allow:

A) TLS connections using the "default" version which I think is "whatever
works" and makes axTLS work without explictily having been told to use
TLSv1

B) I made the command line -k work, which basically is the
CURLOPT_SSL_VERIFYPEER option that can tell libcurl to skip the cert
verfication against the cacert.

-- 
  / daniel.haxx.se

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html

TEXT/x-diff attachment: 0001-axTLS-allow-default-SSL-version-as-well.patch

TEXT/x-diff attachment: 0002-axtls_connect-allow-connect-without-peer-verificatio.patch

Received on 2010-12-15

This message: [ Message body ]
Next message: Daniel Stenberg: "ANNOUNCE: curl and libcurl 7.21.3"
Previous message: David Woodhouse: "Re: [patch] possible SMTP example"
In reply to: Hu, Eric: "RE: axTLS patch set"
Next in thread: Daniel Stenberg: "RE: axTLS patch set"
Reply: Daniel Stenberg: "RE: axTLS patch set"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]