Provided by: libcurl4-doc_7.55.1-1ubuntu2_all bug

NAME

       CURLOPT_PROXY_SSL_VERIFYHOST - verify the proxy certificate's name against host

SYNOPSIS

       #include <curl/curl.h>

       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_VERIFYHOST, long verify);

DESCRIPTION

       Pass  a  long  set  to  2L  as asking curl to verify in the HTTPS proxy's certificate name
       fields against the proxy name.

       This option determines whether libcurl verifies that the proxy cert contains  the  correct
       name for the name it is known as.

       When  CURLOPT_PROXY_SSL_VERIFYHOST(3)  is  2, the proxy certificate must indicate that the
       server is the proxy to which you meant to connect to, or the connection fails.

       Curl considers the proxy the intended  one  when  the  Common  Name  field  or  a  Subject
       Alternate  Name  field  in the certificate matches the host name in the proxy string which
       you told curl to use.

       When the verify value is 1L, curl_easy_setopt will return an error and  the  option  value
       will not be changed due to old legacy reasons.

       When  the  verify value is 0L, the connection succeeds regardless of the names used in the
       certificate. Use that ability with caution!

       See also CURLOPT_PROXY_SSL_VERIFYPEER(3) to verify the  digital  signature  of  the  proxy
       certificate.  If libcurl is built against NSS and CURLOPT_PROXY_SSL_VERIFYPEER(3) is zero,
       CURLOPT_PROXY_SSL_VERIFYHOST(3) is also set to zero and cannot be overridden.

DEFAULT

       2

PROTOCOLS

       All protocols when used over a HTTPS proxy.

EXAMPLE

       CURL *curl = curl_easy_init();
       if(curl) {
         curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");

         /* Set the default value: strict name check please */
         curl_easy_setopt(curl, CURLOPT_PROXY_SSL_VERIFYHOST, 2L);

         curl_easy_perform(curl);
       }

AVAILABILITY

       Added in 7.52.0.

       If built TLS enabled.

RETURN VALUE

       Returns CURLE_OK if TLS is supported, and CURLE_UNKNOWN_OPTION if not.

       If 1 is set as argument, CURLE_BAD_FUNCTION_ARGUMENT is returned.

SEE ALSO

       CURLOPT_PROXY_SSL_VERIFYPEER(3),  CURLOPT_PROXY_CAINFO(3),  ,   CURLOPT_SSL_VERIFYPEER(3),
       CURLOPT_CAINFO(3), ,