cURL
Haxx ad
libcurl
Mailing Lists

curl's project page on SourceForge.net

Sponsors:
Haxx

cURL > Mailing List > Monthly Index > Single Mail

curl-library Mailing List Archives

Does curl REALLY ignore CURLOPT_SSL_VERIFYPEER / CURLOPT_SSL_VERIFYHOST?

From: paranoid paranoia <paranoid.paranoia_at_gmail.com>
Date: Tue, 27 Nov 2007 14:40:15 +0100

The following snippet in Curl_ossl_connect_step3 causes
aborted connection attempts even when curl is rather clearly
instructed to not bother checking the peer's certificate:

ssluse.c: (lines 1638-1641 in 7.6.14, 1624-1628 in today's snapshot)
//-----------------------------------------------------
  connssl->server_cert = SSL_get_peer_certificate(connssl->handle);
  if(!connssl->server_cert) {
    failf(data, "SSL: couldn't get peer certificate!");
    return CURLE_SSL_PEER_CERTIFICATE;
  }
//-----------------------------------------------------

This code is executed _no_matter_what_ even when
CURLOPT_SSL_VERIFYPEER, CURLOPT_SSL_VERIFYHOST,
and CURLOPT_CAINFO are *all* set to 0.

WHY?!??
Received on 2007-11-27

These mail archives are generated by hypermail.

donate! Page updated November 12, 2010.
web site info

File upload with ASP.NET