We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Used --pinnedpubkey with curl built with a TLS backend without support for it. But it doesn't complain on bad keys.
--pinnedpubkey
It needs to warn or error out when the option is used without support in libcurl so that the problem is not silently ignored.
Ray's initial patch for this
Also see this additional gskit patch
I'm assigning you Jay since you were on track on this before. Let me know if you're not fine with that, then I can take over instead.
cc: @moparisthebest
The text was updated successfully, but these errors were encountered:
I'll paste and update this from my mailing list email as well:
these backends implementations are unsupported:
axtls.c - looks unlikely to ever be supported after glance at docs darwinssl.c - stalled schannel.c - Ray said someone was working on this? who/where?
and these have partial support:
cyassl.c only support #ifdef KEEP_PEER_CERT gskit.c only support pem/der, needs curlssl_sha256sum defined for hash support
of course that leaves these with full support:
gtls.c mbedtls.c nss.c openssl.c polarssl.c
Sorry, something went wrong.
tls: make setting pinnedkey option fail if not supported
283babf
to make it obvious to users trying to use the feature with TLS backends not supporting it. Discussed in #781 Reported-by: Travis Burtrum
Committed a fix for this in commit 283babf. Please try it out and see if there's anything missing now.
bagder
No branches or pull requests
I did this
Used
--pinnedpubkey
with curl built with a TLS backend without support for it. But it doesn't complain on bad keys.I expected the following
It needs to warn or error out when the option is used without support in libcurl so that the problem is not silently ignored.
Ray's initial patch for this
Also see this additional gskit patch
I'm assigning you Jay since you were on track on this before. Let me know if you're not fine with that, then I can take over instead.
cc: @moparisthebest
The text was updated successfully, but these errors were encountered: