If I understand things correctly, the client should not be susceptible
to a man-in-the-middle attack:
curl_easy_setopt(curlEasy, CURLOPT_SSL_VERIFYHOST, 2L);
curl_easy_setopt(curlEasy, CURLOPT_SSL_VERIFYPEER, 1L);
----- Rom
-----Original Message-----
From: Oliver Bock [mailto:[email protected]]
Sent: Tuesday, April 15, 2014 11:40 AM
To: Rom Walton; TarotApprentice
Cc: [email protected]; boinc_alpha email list
Subject: Re: [boinc_dev] Heartbleed bug with OpenSSL
On 15/04/14 17:37 , Rom Walton wrote:
> In order to exploit the client wouldn't a project server using SSL
> have to be compromised?
Yes, or use a man-in-the-middle-attack...
Oliver
_______________________________________________
boinc_dev mailing list
[email protected]
http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev
To unsubscribe, visit the above URL and
(near bottom of page) enter your email address.
