cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Passing memory blocks instead of file names to curl_easy_setopt

From: Kamil Dudka <kdudka_at_redhat.com>
Date: Tue, 3 Aug 2010 02:01:56 +0200

On Tuesday 03 August 2010 01:08:13 Mayur Srinivasan wrote:
> As suggested, I've also explored the CURLOPT_SSL_CTX_FUNCTION option, and
> managed to get the root certificate read using the PEM_read_bio_X509 API,
> as explained in the example:
> http://curl.haxx.se/libcurl/c/cacertinmem.html
>
> However, I'm not sure how to read in the client key and certificate using
> the *_read_bio_* APIs. Any example to illustrate it would be helpful.

To be honest I hadn't been aware of the cacertinmem.c example. So I don't
think I can serve an example even here. I would start with the the related
libcurl code and the OpenSSL documentation:

http://github.com/bagder/curl/blob/master/lib/ssluse.c#L305
http://www.openssl.org/docs/ssl/SSL_CTX_use_certificate.html

You want probably replace SSL_CTX_use_certificate_chain_file() and
SSL_CTX_use_PrivateKey_file() with SSL_use_certificate_ASN1() and
SSL_use_PrivateKey_ASN1() or whatever. This will highly depend on the format
of cert/key you have, if the key is encrypted, etc. I think it's better to
look for help on some OpenSSL related channel if you really want to go this
way.

Kamil
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2010-08-03