-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 29-10-12 21:43, Alessandro Ghedini wrote: > Anyway, I just run a quick grep on all the sources of the packages that > build depend on libcurl and those that explicitly set > CURLOPT_SSL_VERIFYPEER are very few, even less those that set it to 1 > (possibily 5-6). This said I still have to check those that use > php5-curl, pycurl, ... (but there aren't many). > > So, overall I think the impact of the change could be much lower than I > thought and the testing/fixing part won't take very much (I hope).
Did you check if these application deviated from the libcurl defaults? I'm interested which deviated from the default libcurl package into either specifically GnuTLS or OpenSSL. -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlCO87YACgkQawxpIncqyrgDCQCdEK8jyjndoUjNOkIv7iYKzx2X 2sgAn22KgWEtbnc99m2WHzuT7BR04dF8 =vFe2 -----END PGP SIGNATURE----- ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
