diff options
author | Elliott Hughes <enh@google.com> | 2017-09-20 17:00:17 -0700 |
---|---|---|
committer | Elliott Hughes <enh@google.com> | 2017-09-21 09:38:15 -0700 |
commit | 82be86df6ec7baa34d6169c053fd1dfe56fa858e (patch) | |
tree | afd04b931f1f59dfe81b0daa450306ff0204319b /docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3 | |
parent | bfa505f61d33429f40bf843b7871fc793dd017d4 (diff) | |
download | android_external_curl-82be86df6ec7baa34d6169c053fd1dfe56fa858e.tar.gz android_external_curl-82be86df6ec7baa34d6169c053fd1dfe56fa858e.tar.bz2 android_external_curl-82be86df6ec7baa34d6169c053fd1dfe56fa858e.zip |
Update libcurl from 7.54.1 to 7.55.1.
Bug: http://b/64610131
Test: builds, boots, `vendor/google/tools/fake-ota on streaming` works
Change-Id: I7ecaf9c83e9496ac4a379507791bec637deaa4cb
Diffstat (limited to 'docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3')
-rw-r--r-- | docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3 | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3 b/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3 index 1591473..aa8fd72 100644 --- a/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3 +++ b/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3 @@ -20,7 +20,8 @@ .\" * .\" ************************************************************************** .\" -.TH CURLOPT_SSL_VERIFYHOST 3 "17 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options" +.TH CURLOPT_SSL_VERIFYHOST 3 "February 02, 2017" "libcurl 7.55.1" "curl_easy_setopt options" + .SH NAME CURLOPT_SSL_VERIFYHOST \- verify the certificate's name against host .SH SYNOPSIS @@ -58,9 +59,16 @@ The default value for this option is 2. This option controls checking the server's certificate's claimed identity. The server could be lying. To control lying, see -\fICURLOPT_SSL_VERIFYPEER(3)\fP. If libcurl is built against NSS and -\fICURLOPT_SSL_VERIFYPEER(3)\fP is zero, \fICURLOPT_SSL_VERIFYHOST(3)\fP is -also set to zero and cannot be overridden. +\fICURLOPT_SSL_VERIFYPEER(3)\fP. +.SH LIMITATIONS +DarwinSSL: If \fIverify\fP value is 0, then SNI is also disabled. SNI is a TLS +extension that sends the hostname to the server. The server may use that +information to do such things as sending back a specific certificate for the +hostname, or forwarding the request to a specific origin server. Some hostnames +may be inaccessible if SNI is not sent. + +NSS: If \fICURLOPT_SSL_VERIFYPEER(3)\fP is zero, +\fICURLOPT_SSL_VERIFYHOST(3)\fP is also set to zero and cannot be overridden. .SH DEFAULT 2 .SH PROTOCOLS |