curl / Mailing Lists / curl-library / Single Mail

curl-library

Possible mistake in the documentation for CURLOPT_SSL_VERIFYHOST

From: Martin Galvan via curl-library <curl-library_at_cool.haxx.se>
Date: Tue, 30 Oct 2018 12:53:01 -0300

Hi all,

I was looking at the WinSSL code which processes
CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST, and noticed that,
if CURLOPT_SSL_VERIFYPEER isn't enabled, the host name checking won't
be performed:

https://github.com/curl/curl/blob/master/lib/vtls/schannel_verify.c#L539
https://github.com/curl/curl/blob/master/lib/vtls/schannel.c#L1117

The docs indicate that this behavior is only present for NSS. Is this
omission a mistake?
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2018-10-30