On Sun, Feb 05, 2012 at 12:40:14PM +0100, Daniel Stenberg wrote:
> On Thu, 2 Feb 2012, Daniel Stenberg wrote:
>
> >As a longer term fix I could see us accepting a patch that allows
> >a user to explicitly ask for diabling of this work-around.
>
> I've received and read several more cases where people experience
> this problem. I suggest we introduce a new setopt option (and
> corresponding command line option) that simply switches off this
> work-around for those SSL libraries that use it.
> CURLOPT_SSL_ALLOW_INSECURE or something like that. Possibly even
> more specific like CURLOPT_SSL_NO_EMPTY_FRAGMENTS...
>
> Opinions?

That is the same solution I have thought in response to Debian bug
#658276 [0]. I was not sure about the option naming, but
CURLOPT_SSL_NO_EMPTY_FRAGMENTS (and maybe --ssl-no-empty-fragments) seems
the best to me.

Cheers

[0] http://bugs.debian.org/658276

-- 
perl -E'$_=q;$/= @{[@_]};and s;\S+;<inidehG ordnasselA>;eg;say~~reverse'
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html