Edit report at https://bugs.php.net/bug.php?id=63352&edit=1
ID: 63352
Updated by: pierr...@php.net
Reported by: geiss...@php.net
Summary: Can't enable hostname validation when using curl
stream wrappers
-Status: Open
+Status: Closed
Type: Bug
Package: cURL related
PHP Version: 5.4.8
Block user comment: N
Private report: N
New Comment:
Automatic comment on behalf of pierrick
Revision:
http://git.php.net/?p=php-src.git;a=commit;h=af10e698a24e0e624920ea4c4b72a2bc3c647cef
Log: Fixed bug #63352 (Can't enable hostname validation when using curl stream
wrappers)
Previous Comments:
------------------------------------------------------------------------
[2012-10-25 00:58:38] geiss...@php.net
Of course this is a minor issue as the certificates store can't even be set, so
this is just for the record.
------------------------------------------------------------------------
[2012-10-25 00:54:16] geiss...@php.net
Description:
------------
When PHP is built with --with-curlwrappers, the context option
"curl_verify_ssl_host" sets curl's CURLOPT_SSL_VERIFYHOST option to 1, but
there
is no way to set it to 2.
Given that the option is a boolean, it should probably be setting the
VERIFYHOST
value to 2. There is no way to validate that the certificate belongs to the
host
otherwise.
This applies to the ftps and https stream wrappers.
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=63352&edit=1
