Edit report at https://bugs.php.net/bug.php?id=63352&edit=1
ID: 63352
Comment by: geiss...@php.net
Reported by: geiss...@php.net
Summary: Can't enable hostname validation when using curl
stream wrappers
Status: Open
Type: Bug
Package: cURL related
PHP Version: 5.4.8
Block user comment: N
Private report: N
New Comment:
Of course this is a minor issue as the certificates store can't even be set, so
this is just for the record.
Previous Comments:
------------------------------------------------------------------------
[2012-10-25 00:54:16] geiss...@php.net
Description:
------------
When PHP is built with --with-curlwrappers, the context option
"curl_verify_ssl_host" sets curl's CURLOPT_SSL_VERIFYHOST option to 1, but
there
is no way to set it to 2.
Given that the option is a boolean, it should probably be setting the
VERIFYHOST
value to 2. There is no way to validate that the certificate belongs to the
host
otherwise.
This applies to the ftps and https stream wrappers.
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=63352&edit=1
