Control: forwarded -1 http://curl.haxx.se/mail/lib-2014-04/0145.html Control: tags -1 fixed-upstream
On mar, apr 29, 2014 at 11:07:35 +0200, Colin Leroy wrote: > Package: libcurl3-gnutls > Version: 7.36.0-2 > Severity: normal > Tags: upstream > > Dear Maintainer, > Libcurl-gnutls tries to verify things in certificates even when instructed > not to do so using > > curl_easy_setopt(curl_context, CURLOPT_SSL_VERIFYPEER, 0); > curl_easy_setopt(curl_context, CURLOPT_SSL_VERIFYHOST, 0); > > Example backtrace from Claws-Mail's RSSyl plugin trying to subscribe to feed > https://www.claws-mail.org/feed/ > > You can see in frame #1 that chainp is NULL (and it's been tested before > for nullity) but libcurl still tries to import a certificate from it. Indeed. For reference, this was fixed in upstream's commit 386ed2d [0]. Cheers [0] https://github.com/bagder/curl/commit/386ed2d
signature.asc
Description: Digital signature
