Download
Browse source Changelog
Documentation
Project   Help us   Known bugs   TODO Protocols   CA bundle   HTTP Cookies   HTTP/2   SSL Certs Releases   Security   Version numbers   Vulnerabilities curl tool   man page   Tutorial   HTTP scripting Who and Why
libcurl
ABI API Competitors Examples Features Mailing list Related libs Using libcurl Tutorial Testimonials
Get Help
curl-library curl-users curl-announce curl-commits Book: Everything curl Report a bug Mail Etiquette
Development
Autobuilds Code Style Contribute Deprecate Internals Release Notes Release Procedure Roadmap Run Tests Security Process Specifications Test curl
News
Changelog Release table
curl / Mailing Lists / curl-library / Single Mail

curl-library

Possible mistake in the documentation for CURLOPT_SSL_VERIFYHOST

From: Martin Galvan via curl-library <curl-library_at_cool.haxx.se>
Date: Tue, 30 Oct 2018 12:53:01 -0300

Hi all,

I was looking at the WinSSL code which processes
CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST, and noticed that,
if CURLOPT_SSL_VERIFYPEER isn't enabled, the host name checking won't
be performed:

https://github.com/curl/curl/blob/master/lib/vtls/schannel_verify.c#L539
https://github.com/curl/curl/blob/master/lib/vtls/schannel.c#L1117

The docs indicate that this behavior is only present for NSS. Is this
omission a mistake?
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2018-10-30