Mailing Lists
|
|
cURL Mailing List Monthly Index Single Mail
curl-tracker Archives
[curl:bugs] #1290 Client code, ADH, servercert, and NULL certifcate
From: Daniel Stenberg <bagder_at_users.sf.net>
Date: Sat, 19 Oct 2013 21:05:19 +0000
Look at the code again:
If the user lets libcurl do that call and it doesn't care about checking the cert or the host name in the cert, then the return code is ignored. Isn't that how you'd go ahead? I mean, ADH pretty much means that you ignore checking the server cert doesn't it?
--- ** [bugs:#1290] Client code, ADH, servercert, and NULL certifcate** **Status:** open **Created:** Sun Oct 13, 2013 09:12 AM UTC by Jeffrey Walton **Last Updated:** Sun Oct 13, 2013 08:48 PM UTC **Owner:** Daniel Stenberg // From ssluse.c, around line 2127 connssl->server_cert = SSL_get_peer_certificate(connssl->handle); if(!connssl->server_cert) { if(strict) failf(data, "SSL: couldn't get peer certificate!"); return CURLE_PEER_FAILED_VERIFICATION; } In client code, `SSL_get_peer_certificate` will return `NULL` in the case of ADH *if* the server does not have a certificate to offer. If the user asked for ADH, then the return value might be misleading or even incorrect. --- Sent from sourceforge.net because curl-tracker@cool.haxx.se is subscribed to https://sourceforge.net/p/curl/bugs/ To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/curl/admin/bugs/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.Received on 2013-10-19 These mail archives are generated by hypermail. |
Page updated May 06, 2013.
web site info