On Tue, 4 Jun 2013, Janusz Harkot wrote:
Which libcurl version and SSL backend is this? (curl -V usually tells)
$ curl -V
curl 7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r
zlib/1.2.5
From what I can tell, that OpenSSL version supports SNI fine and libcurl has
supported it since 7.18.1.
here is a log (with GIT_CURL_VERBOSE=1)
https://gist.github.com/anonymous/8f6533a755ae5c710c75
Initial connection is correct (line 10 - shows that it reads correct
certificate), but then subsequent call to the server (line 68) shows that
the defat server certificate is used.
It looks like the second call was without hostname (?).
What makes you suggest that's what's happening? Sure, if it would've sent no
or the wrong host name it would probably have that effect.
Any chance you can snoop on the network and the SSL handshake to see who's to
blame? I can't but to think that is is a very common use case!
--
/ daniel.haxx.se
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html