moparisthebest
/
curl
mirror of https://github.com/moparisthebest/curl
1
0
Fork 0
Code Issues Releases Wiki Activity

OpenSSL: acknowledge CURLOPT_SSL_VERIFYHOST without VERIFYPEER 

Setting only CURLOPT_SSL_VERIFYHOST without CURLOPT_SSL_VERIFYPEER set
should still verify that the host name fields in the server certificate
is fine or return failure.

Bug: http://curl.haxx.se/mail/lib-2013-10/0002.html
Reported-by: Ishan SinghLevett
This commit is contained in:
Daniel Stenberg 2013-10-02 15:31:10 +02:00
parent a22c478ed7
commit 3c3622b662
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/ssluse.c
View File

@ -2351,7 +2351,7 @@ ossl_connect_step3(struct connectdata *conn,
* operations.
*/
if(!data->set.ssl.verifypeer)
if(!data->set.ssl.verifypeer && !data->set.ssl.verifyhost)
(void)servercert(conn, connssl, FALSE);
else
retcode = servercert(conn, connssl, TRUE);