From a142372750384d74a5ec4d013458a9c757ca15f6 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 23 Aug 2005 08:51:38 +0000 Subject: [PATCH] known bug #26, pretty fatal for anyone who wants to use proper SSL and GnuTLS --- docs/KNOWN_BUGS | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS index d19fdf3..4ccc257 100644 --- a/docs/KNOWN_BUGS +++ b/docs/KNOWN_BUGS @@ -3,6 +3,12 @@ join in and help us correct one or more of these! Also be sure to check the changelog of the current development status, as one or more of these problems may have been fixed since this was written! +26. With libcurl built to use GnuTLS instead of OpenSSL, it fails to verify + the server's certificate with the use of a local CA cert bundle for servers + where the OpenSSL version of libcurl succeeds fine. This is possibly due to + a bug in libcurl. Details found in the posting as sent to the GnuTLS list: + http://lists.gnu.org/archive/html/help-gnutls/2005-08/msg00024.html + 25. When doing a CONNECT request with curl it doesn't properly handle if the proxy closes the connection within the authentication "negotiation phase". Like if you do HTTPS or similar over a proxy and you use perhaps -- 2.7.4