-
-
Notifications
You must be signed in to change notification settings - Fork 6.7k
use openssl's built in verify path as fallback #569
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
Trying to verify a peer without having any root CA certificates registered won't work. So use openssl's built in default as fallback.
Trying to verify a peer without having any root CA certificates registered won't work. So use gnutls' built in default as fallback.
I have no idea what that windows failure is about |
@lnussel error C2020: 'connecting_state': 'struct' member redefinition You mean the:
Seems like both |
but that is unrelated to my change, right? |
@lnussel but that is unrelated to my change, right? Probably. According to the AppVeyour, some error in the Windows setup 5 days ago. Before your change? |
I hear lots of other projects having problems with using openssl's default paths anyway since they are often not set correctly. Can you help us understand when exactly this feature will make an actual difference/improvement to users of libcurl? |
well, if 3rd parties bundle curl and want to build it in a way to be as independent as possible from weird issues in random operating systems then this change is not useful indeed. It is useful for Linux distributions though that know that their openssl resp gnutls is configured properly. That's why I added the explicit configure switch as requested. |
Agreed. I mean to merge this immediately after the pending patch release. |
thanks! |
adds the configure option as requested in #175