From 8fab76e8f3874936c4c9e3a2cc1dbdc10549b6f7 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 18 Jun 2014 14:38:24 +0200 Subject: opts: 16 more man pages --- docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3 | 77 ++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) create mode 100644 docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3 (limited to 'docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3') diff --git a/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3 b/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3 new file mode 100644 index 000000000..ca39a09ec --- /dev/null +++ b/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.3 @@ -0,0 +1,77 @@ +.\" ************************************************************************** +.\" * _ _ ____ _ +.\" * Project ___| | | | _ \| | +.\" * / __| | | | |_) | | +.\" * | (__| |_| | _ <| |___ +.\" * \___|\___/|_| \_\_____| +.\" * +.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * +.\" * This software is licensed as described in the file COPYING, which +.\" * you should have received as part of this distribution. The terms +.\" * are also available at http://curl.haxx.se/docs/copyright.html. +.\" * +.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell +.\" * copies of the Software, and permit persons to whom the Software is +.\" * furnished to do so, under the terms of the COPYING file. +.\" * +.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +.\" * KIND, either express or implied. +.\" * +.\" ************************************************************************** +.\" +.TH CURLOPT_SSL_VERIFYHOST 3 "17 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options" +.SH NAME +CURLOPT_SSL_VERIFYHOST \- verify the certificate's name against host +.SH SYNOPSIS +#include + +CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_VERIFYHOST, long verify); +.SH DESCRIPTION +Pass a long as parameter specifying what to \fIverify\fP. + +This option determines whether libcurl verifies that the server cert is for +the server it is known as. + +When negotiating TLS and SSL connections, the server sends a certificate +indicating its identity. + +When \fICURLOPT_SSL_VERIFYHOST(3)\fP is 2, that certificate must indicate that +the server is the server to which you meant to connect, or the connection +fails. Simply put, it means it has to have the same name in the certificate as +is in the URL you operate against. + +Curl considers the server the intended one when the Common Name field or a +Subject Alternate Name field in the certificate matches the host name in the +URL to which you told Curl to connect. + +When the \fIverify\fP value is 1, \fIcurl_easy_setopt\fP will return an error +and the option value will not be changed. It was previously (in 7.28.0 and +earlier) a debug option of some sorts, but it is no longer supported due to +frequently leading to programmer mistakes. Future versions will stop returning +an error for 1 and just treat 1 and 2 the same. + +When the \fIverify\fP value is 0, the connection succeeds regardless of the +names in the certificate. Use that ability with caution! + +The default value for this option is 2. + +This option controls checking the server's certificate's claimed identity. +The server could be lying. To control lying, see +\fICURLOPT_SSL_VERIFYPEER(3)\fP. If libcurl is built against NSS and +\fICURLOPT_SSL_VERIFYPEER(3)\fP is zero, \fICURLOPT_SSL_VERIFYHOST(3)\fP is +also set to zero and cannot be overridden. +.SH DEFAULT +2 +.SH PROTOCOLS +All TLS based protocols: HTTPS, FTPS, IMAPS, POP3, SMTPS etc. +.SH EXAMPLE +TODO +.SH AVAILABILITY +If built TLS enabled. +.SH RETURN VALUE +Returns CURLE_OK if TLS is supported, and CURLE_UNKNOWN_OPTION if not. + +If 1 is set as argument, \fICURLE_BAD_FUNCTION_ARGUMENT\fP is returned. +.SH "SEE ALSO" +.BR CURLOPT_SSL_VERIFYPEER "(3), " CURLOPT_CAINFO "(3), " -- cgit v1.2.3