[openssl-dev] Problems with cert authentication under Turkish locale
Sebastian Kloska
sebastian.kloska at snafu.de
Tue Nov 1 15:28:18 UTC 2016
Hi,
We have problems authenticating a a CERT while LC_CTYPE is set to
tr_TR.UTF-8
The issue is triggered in libcurl but it seems to come out of libssl. It
seems to be
related to http://mattryall.net/blog/2009/02/the-infamous-turkish-locale-bug
Sample code below. We link against libssl 1.0.1s. Is this a known issue
? Would
it help to switch to a newer Version ?
Any help is highly apprecjaited....
<snip>
#include <string>
#include <iostream>
#include <stdio.h>
#include <curl/curl.h>
void doCurlCall()
{
std::cout << "Running with LC_CTYPE: " << setlocale(LC_CTYPE, NULL)
<< std::endl;
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_URL, "https://www.hotmail.com");
curl_easy_setopt(curl, CURLOPT_CAPATH, "/opt/etc/ssl/certs/");
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1);
CURLcode res = curl_easy_perform(curl);
if(res == CURLE_OK)
{
std::cout << std::endl << "curl_easy_perform() succeeded" <<
std::endl;
}
else
{
std::cout << std::endl << "curl_easy_perform() failed: " <<
curl_easy_strerror(res) << std::endl;
}
curl_easy_cleanup(curl);
}
int main(int /*argc*/, char ** /*argv*/)
{
setlocale(LC_CTYPE, "tr_TR.UTF-8");
curl_global_init(CURL_GLOBAL_DEFAULT);
// This call will fail with curl error:
// Peer certificate cannot be authenticated with given CA certificates
doCurlCall();
setlocale(LC_CTYPE, "C");
// This call will pass
doCurlCall();
curl_global_cleanup();
return 0;
}
</snip>
--
**********************************
Dr. Sebastian Kloska
Hohenstaufenstr. 67
10781 Berlin
Handy: +49-176-24621622
web: www.oncaphillis.net
e-mail: sebastian.kloska at snafu.de
**********************************
More information about the openssl-dev
mailing list