On 7/25/24 10:48 AM, Stefan Eissing wrote:
Am 25.07.2024 um 17:07 schrieb Robert Brose via
curl-library<curl-library@lists.haxx.se>:
Upgrading some libraries going from curl 8.4.0 with gnutls 3.7.10 (stable at
the time) and nettle 3.9 (stable at the time) to
curl 8.8.0 (stable when I started updating) with gnutls 3.7.11 (current stable)
and nettle 3.10 (current stable). Building on 64 bit debian bullseye.
I specify curl_easy_setopt(m_cURLFile->handle.curl, CURLOPT_SSLVERSION,
CURL_SSLVERSION_TLSv1)
My code hasn't changed between the working combo of curl 8.4.0/gnutls
3.7.10/nettle 3.9
but https connections no longer work unless I disable VERIFYPEER and
VERIFYHOST, they fail with error 43 otherwise. I specify the debian
ca-certificates.crt in the build as always.
Is there an issue with the combinations of curl versions and gnutls/nettle
versions? Is there a place I can find the minimum required versions of these
libraries?
Just build the curl 8.8.0 with a gnutls 3.7.10 freshly on macOS and see no
problem with a command like
./src/curl -v --trace-config sslhttps://curl.se
Thanks, I gave that a try and it didn't show any debug info with the
VERIFYPEER and VERIFYHOST options enabled. It did however with them
disabled. Noticing a couple of references to gnutls in the changelog of
8.9.0 I switched to 8.9.0 and now it works so I assume gnutls is broken
in 8.8.0. Best, Bob--
Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
Etiquette: https://curl.se/mail/etiquette.html
