cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Proposed SSLCERTS documentation change

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Tue, 19 Feb 2013 00:08:14 +0100 (CET)

On Sun, 17 Feb 2013, Nick Zitzmann wrote:

> Comments? Corrections? Objections? Blessings for committing?

Please commit!

> I also couldn't help but notice that the current lib/curl_schannel.c code
> returns CURLE_SSL_CONNECT_ERROR instead of CURLE_SSL_CACERT if there was a
> certificate-related error during the TLS/SSL handshake. Why
> CURLE_SSL_CONNECT_ERROR? I thought CURLE_SSL_CACERT was the correct return
> value if there was a certificate problem with the site, but I could be
> wrong.

I'd say that you're right. CURLE_SSL_CACERT is the return code to use if the
problem is related to the CA cert. I'm not really sure that's always the case
in there though...? I'm not the expert on the schannel code nor API.

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Received on 2013-02-19

This message: [ Message body ]
Next message: Daniel Stenberg: "Re: proxy resolution failure"
Previous message: Tom K.: "Re: limits of independent curl connections"
In reply to: Nick Zitzmann: "Proposed SSLCERTS documentation change"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]