> > 4) Use CURLINFO_SSL_VERIFYRESULT. > > > > Because OpenSSL returns no validation error, the field for this verify > > result is available in the situation. When verifyhost() fails, return > > code is unchanged from CURLE_PEER_FAILED_VERIFICATION and put newly > > defined error code into data->set.ssl. certverifyresult which is > > available by curl_easy_getinfo with CURLINFO_SSL_VERIFYRESULT. This > > doesn't break existing application. > > > > We are ready to send a PR for solution 4, but before sending this, we > > want to hear the voice of community. > > This is the approach I personally prefer. Just make sure you document the > specific error codes and for what situations they are used, as detailed as > possible. This is the sort of thing that people soon might want for other SSL > backends as well and then we need detailed explanations to know how to > implement and use them there as well...
Got it. Thanks for the comment. I'll open a PR. ---- Basuke Suzuki Sony PlayStation ------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
