This behaviour is part of curl (proper) and is set via compile time flags. And a... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		threeseed on March 9, 2024 \| parent \| context \| favorite \| on: Apple curl security incident 12604 This behaviour is part of curl (proper) and is set via compile time flags. And at least according to curl's code is set by default when it is built against OpenSSL: https://github.com/curl/curl/blob/1ccf1cd9936dfa382fe1f061b6...

Retr0id on March 9, 2024 [–]

It's not set by default. (and even when it is set, does it modify the behaviour of the --cacert option?)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact