cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: SV: 2. Cert chain for data channel

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Thu, 30 Sep 2010 23:22:59 +0200 (CEST)

On Mon, 20 Sep 2010, Mehmet Bozkurt wrote:

> I have added a new callback type (this is for LibCurl built with OpenSSL
> only) after SSL_connect in ossl_connect_step2, ssluse.c. Here, the
> application gets a chance to inspect/modify etc. the OpenSSL SSL object used
> in the connection. We have our own cert verification functionality which I
> call from here.

And you really need your own cert verification? Is there any way you can think
of to do this that doesn't expose any TLS-library specific details?

I really want to avoid adding functionality that MUST have a particular SSL
library. The current situation is bad enough already! ;-/

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Received on 2010-09-30

This message: [ Message body ]
Next message: Daniel Stenberg: "Re: Bug in ftp_nextconnect? version: libcurl 7.21.1"
Previous message: Daniel Stenberg: "RE: SV: SV: 1. FTP cmd channel and data channel validation"
In reply to: Mehmet Bozkurt: "RE: SV: 2. Cert chain for data channel"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]