valid point, but from what you can find on the web, the only solution provided everywhere was to disable certificate checkingā¦ so maybe that's not me, but this is first time someone spent some time to check whats going on :)
at least there will be something, maybe this will help someoneā¦ thanks Daniel! best! Janusz On Tuesday, 4 June 2013 at 23:18, Daniel Stenberg wrote: > On Tue, 4 Jun 2013, Janusz Harkot wrote: > > > > What makes you suggest that's what's happening? Sure, if it would've sent > > > no > > > or the wrong host name it would probably have that effect. > > > > > > > > line: > > > > [36] * Re-using existing connection! (#0) with host (nil) > > Ah that. Yes, that's a stupid line to show (that bug has been fixed since). > But if you look further down your log you see that the connection which is > re-used according to that log line gets closed anyway. > > > it looks like it is working > > Awesome! > > > So, the question is still why it is not working with openssl 0.9.8r - this > > version supports SNI by default. This looks like an error in openssl > > (maybe: > > Only allow one SGC handshake restart for SSL/TLS.) > > > > Right. As you can see in the libcurl code it activates SNI for OpenSSL the > exact same way independently of what version that's used. > > > Now is the question, shall this be handled by curl or left alone? (handling > > > > older version of openssl, and force new ssl session?) > > > > I'm not even completely convinced this is "just" an old-OpenSSL-problem. If > that version you're using is the one Apple has provided, there's the risk > that > the problem is rather caused by their changes! > > I'm reluctant to globally switch off session-id caching for OpenSSL 0.9.8 > users since that feature has been used for over 8 years in the code and > you're > the first to have a problem with it! =-/ > > -- > > / daniel.haxx.se (http://daniel.haxx.se) > -- > To unsubscribe from this list: send the line "unsubscribe git" in > the body of a message to [email protected] > (mailto:[email protected]) > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
