cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: v7.33.0 dll is giving an SSL error where previous versions did not

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Wed, 6 Nov 2013 11:37:57 +0100 (CET)

On Tue, 5 Nov 2013, Mike Mio wrote:

> Due to an excessively cursory reading of the docs line "If libcurl is built
> against NSS and CURLOPT_SSL_VERIFYPEER is zero, CURLOPT_SSL_VERIFYHOST is
> ignored.", CURLOPT_SSL_VERIFYHOST was not set (to 0)
>
> That worked just fine until v.7.33.0

Are you really using NSS?

> The different between v7.33.0 and previous versions was this:

That's code handling the OpenSSL backend, and yes the CURLOPT_SSL_VERIFYPEER
and CURLOPT_SSL_VERIFYHOST options were fixed to both have an affect as
documented. They're actually somewhat independent of each other but both
should be enabled for proper security (and they are both enabled by default).

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2013-11-06