cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: [PATCH] gtls: stop using deprecated GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT option

From: Alessandro Ghedini <alessandro_at_ghedini.me>
Date: Mon, 9 Mar 2015 11:33:13 +0100

On dom, mar 08, 2015 at 10:44:43 +0100, Dan Fandrich wrote:
> On Sun, Mar 08, 2015 at 08:39:18PM +0100, Alessandro Ghedini wrote:
> > On newer GnuTLS versions it's defined to 0, so it's basically a no-op.
>
> But libcurl is currently documented as working GnuTLS versions as old as 1.2.
> What happens on that version if this is removed?

Oh, right, I didn't think of that. I guess you can disregard my patch then,
since it would disable v1 CA certs support on GnuTLS versions older than 2.7.5
or so.

Cheers

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html

application/pgp-signature attachment: Digital signature

Received on 2015-03-09

This message: [ Message body ]
Next message: Patrick Monnerat: "RE: FTP Error 425"
Previous message: Daniel Stenberg: "Re: about https proxy queston"
In reply to: Dan Fandrich: "Re: [PATCH] gtls: stop using deprecated GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT option"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]