cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: SSL validation callback

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Sun, 24 Apr 2011 13:03:55 +0200 (CEST)

On Wed, 20 Apr 2011, Clint Adams wrote:

> I am interested in a callback for SSL connections that will work with GNUTLS
> or NSS. The callback would need access to the X.509 certificate data
> retrieved from the peer (it would also need to know the peer name and some
> other information, but I am assuming the reverse dependency of libcurl can
> provide that information to the function itself). Its return value would
> determine whether libcurl continued performing the transfer or aborted as if
> the traditional certificate validation had failed.
>
> Is this something you'd consider viable for libcurl?

Yes, that sounds like something that would fit very nicely into libcurl and
that GnuTLS and NSS powered (anything except the OpenSSL backed ones really)
libcurls are currently missing.

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2011-04-24