cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: cert verification problem on curl handle re-use

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Tue, 22 Jan 2013 22:45:23 +0100 (CET)

On Mon, 21 Jan 2013, Mischa Salle wrote:

> OpenSSL is really pain if 'someone' is trying to clean-up stuff in
> mid-program. Is curl_easy_reset() doing any OpenSSL cleanup? It shouldn't,
> right?

Nope.

> All tries were with exactly the same URL. The same website is listening both
> on 80 and 443. The OpenSSL on RH5 is also an old base version, 0.9.8e but
> RedHat and CentOS are bringing out frequent security patches (latest from
> May).

If you truly want to find the problem or perhaps the subsequent fix in curl,
then I'd recommend building a more modern version from source and see if it
works with the same OpenSSL version. Then bisect your way back to the
breakage.

Personally I'm not able to bother about bugs in very old curl releases.

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2013-01-22