Clarify CURLOPT_SSL_VERIFYHOST documentation #83

Closed
wants to merge 1 commit into
from

Projects

None yet

3 participants

@thoger
Contributor
thoger commented Nov 11, 2013
  • better describe what happens when 1 is specified as parameter
  • clarify what "is ignored" means for NSS builds

An attempt to make parts of this description non-ambiguous.

@thoger thoger Clarify CURLOPT_SSL_VERIFYHOST documentation
- better describe what happens when 1 is specified as parameter
- clarify what "is ignored" means for NSS builds
9e3c8f4
@kdudka

The proposed wording sounds ambiguous to me -- one could assume that a subsequent call of curl_easy_setopt(CURLOPT_SSL_VERIFYHOST, 2L) would re-enable the identity check. What about the following wording?

If libcurl is built against NSS and CURLOPT_SSL_VERIFYPEER is zero, then the value of CURLOPT_SSL_VERIFYHOST is ignored (the identity check is disabled).

Owner

I found "CURLOPT_SSL_VERIFYHOST is ignored" ambiguous, as it seemed it can be read as "whatever you set for CURLOPT_SSL_VERIFYHOST will be ignored and the default value will be used". Hence my attempt to make it explicit VERIFYHOST is forced to 0. Maybe "CURLOPT_SSL_VERIFYHOST is also set to 0 and can not be overridden" is what should be used.

@bagder
bagder commented on 9e3c8f4 Nov 12, 2013

I agree with you kdudka on that.

I have pushed the patch including the above proposed changes: d7d8a8f Thanks for the contribution!

@kdudka kdudka closed this Nov 12, 2013
@boutetnico boutetnico pushed a commit to ETrun/curl that referenced this pull request Nov 16, 2013
@bagder bagder KNOWN_BUGS: #83 unable to load non-default openssl engines a2e0ce8
@thoger thoger deleted the thoger:verifyhost-docs-fix branch Nov 25, 2013
@bagder bagder added a commit that referenced this pull request Jun 4, 2014
@bagder bagder KNOWN_BUGS: #83 was addressed with commit c50ce85 5468a21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment