Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: Getting CURLE_OK with wrong pinned public key after using the correct.
From: Daniel Stenberg via curl-library <curl-library_at_cool.haxx.se>
Date: Fri, 13 Sep 2019 16:35:23 +0200 (CEST)
Date: Fri, 13 Sep 2019 16:35:23 +0200 (CEST)
On Fri, 13 Sep 2019, Sebastian Haglund via curl-library wrote:
> While adding public key pinning to a cURL c++ wrapper, I discovered that
> setting the wrong public key after using the correct still yields OK result
> (expected CURLE_SSL_PINNEDPUBKEYNOTMATCH). It seems to be related to
> re-using the curl multi stack after curl_multi_perform().
Ack. The connection reuse logic doesn't seem to compare the
CURLOPT_PINNEDPUBLICKEY arguments so a subsequent connection to the same host
that otherwise matches can be reused even if the pinning now differs.
I'll write up a PR for this and get back.
--
/ daniel.haxx.se | Get the best commercial curl support there is - from me
| Private help, bug fixes, support, ports, new features
| https://www.wolfssl.com/contact/
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2019-09-13