Opened 9 years ago

Closed 9 years ago

#5562 closed Bug (fixed)

Discrepancy in curl SSL setup between tr-daemon and tr-remote

Reported by: mike.dld Owned by: jordan
Priority: Normal Milestone: 2.83
Component: Daemon Version: 2.82
Severity: Normal Keywords: patch


As reported in IRC,

<AxelK> I am using transmission 2.82 on linux <AxelK> tranmission-daemon + tranmission-remote or web interface <AxelK> connection via SSL using stunnel <AxelK> after a recent upgrade of curl/libcurl connecting over SSL via transmission-remote failed <AxelK> Disro is openSUSE and here is the respective report considering the update of curl <AxelK> <AxelK> With that I could track down the problem <AxelK> if you have a look at the sources <AxelK> you find <AxelK> grep CURLOPT_SSL_VERIFY -r * <AxelK> daemon/remote.c: curl_easy_setopt (curl, CURLOPT_SSL_VERIFYPEER, 0); /* since most certs will be self-signed, do not verify against CA */ <AxelK> libtransmission/web.c: curl_easy_setopt (e, CURLOPT_SSL_VERIFYHOST, 0L); <AxelK> libtransmission/web.c: curl_easy_setopt (e, CURLOPT_SSL_VERIFYPEER, 0L); <AxelK> so the web interface unsets both variables CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST <AxelK> while transmission-remote only sets CURLOPT_SSL_VERIFYPEER=0

Attached patch (authored by AxelK) fixes the issue.

Attachments (1)

5562-disable-verify-host.patch (702 bytes) - added by mike.dld 9 years ago.

Download all attachments as: .zip

Change History (5)

Changed 9 years ago by mike.dld

comment:1 Changed 9 years ago by mike.dld

  • Owner set to jordan

comment:2 Changed 9 years ago by mike.dld

  • Keywords patch added

comment:3 Changed 9 years ago by jordan

  • Milestone changed from None Set to 2.83
  • Status changed from new to assigned


comment:4 Changed 9 years ago by jordan

  • Resolution set to fixed
  • Status changed from assigned to closed

Added to trunk in r14227.

Note: See TracTickets for help on using tickets.