Hi folks, My question is at the very end, but let me describe my scenario first.
I'm writing a program (using libcurl's "multi" interface) that needs to have concurrent persistent HTTP connections to the same hostname *but* to different IPs (the hostname in question uses DNS-based load balancing, so IP diversity is important). Unfortunately, the obvious solution of disabling libcurl's DNS caching isn't sufficient: the local DNS resolver has a quirk s.t. under certain circumstances it will provide the same response to multiple requests issued within a very short amount of time, so I can't rely on it to produce diversity; and CURLOPT_RESOLVE wouldn't provide me enough control for this, since, if I understand correctly, the same entry would get used by multiple easy handles due to the sharing of the DNS cache associated with the multi handle. Pre-resolving the hostname and asking libcurl to connect to specific IPs works for regular HTTP, but causes issues for HTTPS, since the URL contains an IP instead of the hostname, and so the VERIFYHOST check fails. With this scenario in mind, here are my questions: (1) is there a (reasonably easy) way of tweaking what curl uses for verifying the hostname during the SSL/TLS handshake, s.t. I can connect to the IP, but verify using the hostname? (2) barring that, is there a way to hook into - how libcurl decides whether it needs to resolve the hostname for a given easy handle, and - how the resolving is actually done? Thanks for any advice/suggestions! -Vadim G. ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
