cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Using libcurl/SSL with in-core certificate - solved

From: Daniel Stenberg <daniel-curl_at_haxx.se>
Date: Fri, 26 Aug 2005 13:57:08 +0200 (CEST)

On Fri, 26 Aug 2005, theo borm wrote:

> Please keep in mind that if you fetch multiple HTTPS URLS, the
> CURLOPT_SSL_CTX_FUNCTION callback function will be called for every
> transfer, and (re-) loading the same certificate the second/third etc. time
> will (should) fail.

I'm not sure I understand why. This callback should only be called on new
connects and surely you need to do this check thing on each new connect since
you cannot know if the remote host has changed?

> Loading certificate(s) should (in most cases) be a one-time per program
> initialization event, which could easily be achieved by calling (SSL_CTX
> *)curl_easy_get_SSL_context(void) (to be written) to get a pointer to the
> SSL context and doing the nescessary modifications once.

If you only wanted it done on the first invoke, couldn't you simply achieve
the same thing then by simply set a variable to a value and then check that
value on forthcoming invokes?

I'm sure I've missed something, I just can't see what!

-- 
  Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
Received on 2005-08-26