Howdy, I hope I've got the place for this question.
In the context of sending requests, I've seen a number of people using SSL_VERIFY_PEER in combination with SSL_VERIFY_FAIL_IF_NO_PEER_CERT e.g. (SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT). That seems strange, since according to the docs<http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html> , SSL_VERIFY_FAIL_IF_NO_PEER_CERT is ignored in client mode. Is there any reason for combining them, or are these people just doing it wrong? Also, from docs regarding client mode, could someone please explain what is meant by "If no server certificate is sent, because an anonymous cipher is used, SSL_VERIFY_PEER is ignored."? I don't understand why VERIFY_PEERwould ever be ignored. Basically, I'm trying to make sure that no matter what, I am never sending requests to the server without verification. Cheers
