cURL / Mailing Lists / curl-library / Single Mail

curl-library

Server certificate validation

From: Bram Whillock <bram_at_digitalfountain.com>
Date: Mon, 1 Jul 2002 17:08:43 -0700

It seems that the curl library provides functionality only to verify a peer
certificate via some pre-existing CA directives, but doesn't provide
functionality to do any extended handling of the certificate the server
returns to the client during the ssl handshake. I need to have the ability
to do prompt the user to save new certificates, as well as to tell when a
known certificate may have changed (man in the middle attack perhaps). I'd
like to add the feature to the curl library to do a callback to a
user-defined function(int callback(SSL*) perhaps) to override the default
certificate behavior. I was wondering if anyone is or is planning to do
anything of this sort. Thanks.
-Bram Whillock

-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
Received on 2002-07-02

This message: [ Message body ]
Next message: Steve Dekorte: "curl_slist"
Previous message: Andr�s Garc�a: "Re: CURLOPT_POSTFIELDS with HTTP GET instead of HTTP POST"
Next in thread: Daniel Stenberg: "Re: Server certificate validation"
Reply: Daniel Stenberg: "Re: Server certificate validation"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]