cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Passing memory blocks instead of file names to curl_easy_setopt

From: Mayur Srinivasan <msrini1_at_gmail.com>
Date: Mon, 2 Aug 2010 16:08:13 -0700

Hi,
Thanks for the reply. Yes, I'm trying to pass in binary data.

As suggested, I've also explored the CURLOPT_SSL_CTX_FUNCTION option, and
managed to get the root certificate read using the PEM_read_bio_X509 API, as
explained in the example:
http://curl.haxx.se/libcurl/c/cacertinmem.html

However, I'm not sure how to read in the client key and certificate using
the *_read_bio_* APIs. Any example to illustrate it would be helpful.

Thanks
MS

On Mon, Aug 2, 2010 at 3:48 PM, Kamil Dudka <kdudka_at_redhat.com> wrote:

> On Tuesday 03 August 2010 00:30:47 Mayur Srinivasan wrote:
> > Is there a way to setup libcurl to use the root certificate, the client
> > certificate and the client key from memory buffers rather than files?
> > For example:
> > Instead of using file names, I'd like to pass in memory blocks:
> > curl_easy_setopt(m_curl_handle, CURLOPT_SSLCERT, m_pClientCert);
>
> What does actually contain m_pClientCert? Is it text or binary data? If
> it
> is text, it will be trated as file name (or nickname in case of NSS). If
> it
> is binary data, it may crash badly.
>
> > curl_easy_setopt(m_curl_handle, CURLOPT_SSLKEY, m_pClientKey);
> > curl_easy_setopt(m_curl_handle, CURLOPT_CAINFO, m_pClientRootCert);
> >
> > I tried this, I get the error: unable to use client certificate (no key
> > found or wrong pass phrase?)
> > The same APIs work if I use file names.
>
> The documentation sounds clear to me:
>
> http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTSSLCERT
>
> I don't think there is a way to do waht you need through libcurl's API
> enough generically. You can of course try to use the underlying SSL
> library
> directly for that purposes, but your code will depend on the particular
> library and break as soon as libcurl is built on top of different SSL
> library. If you want to play with that, try the following option:
>
> http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTSSLCTXFUNCTION
>
> Kamil
>

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2010-08-03