New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

openssl: don't fail if no server cert is presented and strict checking is disabled #392

Closed
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
1 participant
@ghedo
Member

ghedo commented Aug 21, 2015

If strict certificate checking is disabled (CURLOPT_SSL_VERIFYPEER and/or
CURLOPT_SSL_VERIFYHOST are disabled) do not fail if the server doesn't
present a certificate at all.

Also see discussion at iboukris@84a400f#commitcomment-12826078

openssl: don't fail if no server cert is presented and strict checkin…
…g is disabled

If strict certificate checking is disabled (CURLOPT_SSL_VERIFYPEER and/or
CURLOPT_SSL_VERIFYHOST are disabled) do not fail if the server doesn't
present a certificate at all.

@bagder bagder closed this in 8363656 Aug 21, 2015

jgsogo added a commit to jgsogo/curl that referenced this pull request Oct 19, 2015

openssl: handle lack of server cert when strict checking disabled
If strict certificate checking is disabled (CURLOPT_SSL_VERIFYPEER
and CURLOPT_SSL_VERIFYHOST are disabled) do not fail if the server
doesn't present a certificate at all.

Closes curl#392
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment