Annotation of embedaddon/curl/docs/libcurl/opts/CURLOPT_PROXY_SSL_VERIFYHOST.3, revision 1.1.1.1
1.1 misho 1: .\" **************************************************************************
2: .\" * _ _ ____ _
3: .\" * Project ___| | | | _ \| |
4: .\" * / __| | | | |_) | |
5: .\" * | (__| |_| | _ <| |___
6: .\" * \___|\___/|_| \_\_____|
7: .\" *
8: .\" * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
9: .\" *
10: .\" * This software is licensed as described in the file COPYING, which
11: .\" * you should have received as part of this distribution. The terms
12: .\" * are also available at https://curl.haxx.se/docs/copyright.html.
13: .\" *
14: .\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15: .\" * copies of the Software, and permit persons to whom the Software is
16: .\" * furnished to do so, under the terms of the COPYING file.
17: .\" *
18: .\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19: .\" * KIND, either express or implied.
20: .\" *
21: .\" **************************************************************************
22: .\"
23: .TH CURLOPT_PROXY_SSL_VERIFYHOST 3 "August 20, 2019" "libcurl 7.70.0" "curl_easy_setopt options"
24:
25: .SH NAME
26: CURLOPT_PROXY_SSL_VERIFYHOST \- verify the proxy certificate's name against host
27: .SH SYNOPSIS
28: #include <curl/curl.h>
29:
30: CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_VERIFYHOST, long verify);
31: .SH DESCRIPTION
32: Pass a long set to 2L as asking curl to \fIverify\fP in the HTTPS proxy's
33: certificate name fields against the proxy name.
34:
35: This option determines whether libcurl verifies that the proxy cert contains
36: the correct name for the name it is known as.
37:
38: When \fICURLOPT_PROXY_SSL_VERIFYHOST(3)\fP is 2, the proxy certificate must
39: indicate that the server is the proxy to which you meant to connect to, or the
40: connection fails.
41:
42: Curl considers the proxy the intended one when the Common Name field or a
43: Subject Alternate Name field in the certificate matches the host name in the
44: proxy string which you told curl to use.
45:
46: If \fIverify\fP value is set to 1:
47:
48: In 7.28.0 and earlier: treated as a debug option of some sorts, not supported
49: anymore due to frequently leading to programmer mistakes.
50:
51: From 7.28.1 to 7.65.3: setting it to 1 made curl_easy_setopt() return an error
52: and leaving the flag untouched.
53:
54: From 7.66.0: treats 1 and 2 the same.
55:
56: When the \fIverify\fP value is 0L, the connection succeeds regardless of the
57: names used in the certificate. Use that ability with caution!
58:
59: See also \fICURLOPT_PROXY_SSL_VERIFYPEER(3)\fP to verify the digital signature
60: of the proxy certificate. If libcurl is built against NSS and
61: \fICURLOPT_PROXY_SSL_VERIFYPEER(3)\fP is zero,
62: \fICURLOPT_PROXY_SSL_VERIFYHOST(3)\fP is also set to zero and cannot be
63: overridden.
64: .SH DEFAULT
65: 2
66: .SH PROTOCOLS
67: All protocols when used over an HTTPS proxy.
68: .SH EXAMPLE
69: .nf
70: CURL *curl = curl_easy_init();
71: if(curl) {
72: curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
73:
74: /* Set the default value: strict name check please */
75: curl_easy_setopt(curl, CURLOPT_PROXY_SSL_VERIFYHOST, 2L);
76:
77: curl_easy_perform(curl);
78: }
79: .fi
80: .SH AVAILABILITY
81: Added in 7.52.0.
82:
83: If built TLS enabled.
84: .SH RETURN VALUE
85: Returns CURLE_OK if TLS is supported, and CURLE_UNKNOWN_OPTION if not.
86:
87: If 1 is set as argument, \fICURLE_BAD_FUNCTION_ARGUMENT\fP is returned.
88: .SH "SEE ALSO"
89: .BR CURLOPT_PROXY_SSL_VERIFYPEER "(3), " CURLOPT_PROXY_CAINFO "(3), "
90: .BR CURLOPT_SSL_VERIFYPEER "(3), " CURLOPT_CAINFO "(3), "
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>