moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-08-13 17:03:50 -04:00
Code Issues Releases Wiki Activity
0092b6bf8a
curl/docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.3
Daniel Stenberg deb9462ff2
wolfssl: refer to it as wolfSSL only 
Remove support for, references to and use of "cyaSSL" from the source
and docs. wolfSSL is the current name and there's no point in keeping
references to ancient history.

Assisted-by: Daniel Gustafsson

Closes #3903
2019-06-10 09:18:16 +02:00

125 lines
4.2 KiB
Groff
Raw Blame History

.\" **************************************************************************
.\" * _ _ ____ _
.\" * Project ___| | | | _ \| |
.\" * / __| | | | |_) | |
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
.\" * are also available at https://curl.haxx.se/docs/copyright.html.
.\" *
.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
.\" * copies of the Software, and permit persons to whom the Software is
.\" * furnished to do so, under the terms of the COPYING file.
.\" *
.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
.\" * KIND, either express or implied.
.\" *
.\" **************************************************************************
.\"
.TH CURLOPT_SSL_CTX_DATA 3 "19 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options"
.SH NAME
CURLOPT_SSL_CTX_DATA \- custom pointer passed to ssl_ctx callback
.SH SYNOPSIS
#include <curl/curl.h>
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_CTX_DATA, void *pointer);
.SH DESCRIPTION
Data \fIpointer\fP to pass to the ssl context callback set by the option
\fICURLOPT_SSL_CTX_FUNCTION(3)\fP, this is the pointer you'll get as third
parameter.
.SH DEFAULT
NULL
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
.nf
/* OpenSSL specific */
#include <openssl/ssl.h>
#include <curl/curl.h>
#include <stdio.h>
static CURLcode sslctx_function(CURL *curl, void *sslctx, void *parm)
{
X509_STORE *store;
X509 *cert=NULL;
BIO *bio;
char *mypem = (char *)parm;
/* get a BIO */
bio=BIO_new_mem_buf(mypem, -1);
/* use it to read the PEM formatted certificate from memory into an
* X509 structure that SSL can use
*/
PEM_read_bio_X509(bio, &cert, 0, NULL);
if(cert == NULL)
printf("PEM_read_bio_X509 failed...\\n");
/* get a pointer to the X509 certificate store (which may be empty) */
store=SSL_CTX_get_cert_store((SSL_CTX *)sslctx);
/* add our certificate to this store */
if(X509_STORE_add_cert(store, cert)==0)
printf("error adding certificate\\n");
/* decrease reference counts */
X509_free(cert);
BIO_free(bio);
/* all set to go */
return CURLE_OK;
}
int main(void)
{
CURL * ch;
CURLcode rv;
char *mypem = /* example CA cert PEM - shortened */
"-----BEGIN CERTIFICATE-----\\n"
"MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290\\n"
"IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB\\n"
"IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA\\n"
"Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO\\n"
"GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk\\n"
"zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW\\n"
"omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD\\n"
"-----END CERTIFICATE-----\\n";
rv=curl_global_init(CURL_GLOBAL_ALL);
ch=curl_easy_init();
rv=curl_easy_setopt(ch, CURLOPT_SSLCERTTYPE, "PEM");
rv=curl_easy_setopt(ch, CURLOPT_SSL_VERIFYPEER, 1L);
rv=curl_easy_setopt(ch, CURLOPT_URL, "https://www.example.com/");
/* Retrieve page using cacerts' certificate -> will succeed
* load the certificate by installing a function doing the necessary
* "modifications" to the SSL CONTEXT just before link init
*/
rv=curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function);
rv=curl_easy_setopt(ch, CURLOPT_SSL_CTX_DATA, mypem);
rv=curl_easy_perform(ch);
if(rv==CURLE_OK)
printf("*** transfer succeeded ***\\n");
else
printf("*** transfer failed ***\\n");
curl_easy_cleanup(ch);
curl_global_cleanup();
return rv;
}
.fi
.SH AVAILABILITY
Added in 7.11.0 for OpenSSL, in 7.42.0 for wolfSSL and in 7.54.0 for
mbedTLS. Other SSL backends are not supported.
.SH RETURN VALUE
CURLE_OK if supported; or an error such as:
CURLE_NOT_BUILT_IN - Not supported by the SSL backend
CURLE_UNKNOWN_OPTION
.SH "SEE ALSO"
.BR CURLOPT_SSL_CTX_FUNCTION "(3), " CURLOPT_SSLVERSION "(3), "
Reference in New Issue View Git Blame Copy Permalink