curl / Mailing Lists / curl-library / Single Mail

curl-library

RE: Fetching the detail of SSL Host verification failure

From: Basuke Suzuki via curl-library <curl-library_at_cool.haxx.se>
Date: Wed, 7 Nov 2018 18:14:46 +0000

> > Okay, what about this adjusted plan:
> >
> > Create a new info flag ("CURLINFO_SSL_VERIFIED" ?) that works the way
> > I described it, that can return certificate verification details in a
> > SSL backend agnostic way and we document that clearly and as preferred
> > over CURLINFO_SSL_VERIFYRESULT.
> >
> > What do you think? (It also needs a separate proxy version.)
>
> Let me make understanding clear who you proposed.
>
> - Add new CURLINFO_SSL_VERIFIED.
> - Basically similar to existing CURLINFO_SSL_VERIFYRESULT
> - Returns only CURLcode
> - New CURLcodes will be defined to describe detail situation.
> - All backend need to implement this by hand
> - If the backend only returns CURLcode already, just copy the value.
> - extra research is needed, but only NSS and OpenSSL need to fix the code.
> - Deprecate CURLINFO_SSL_VERIFYRESULT. No change since now for a while.
>
> Are these what you proposed?

Daniel, can I move forward with this idea?

-----
Basuke Suzuki
SONY PlayStation

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2018-11-07