"Marc Hoersken" <info_at_marc-hoersken.de> wrote:

> Therefore I consider those things something which I or others can add
> later on, because until these options are implemented in libcurl,
> Windows will choose the best available cipher from the registry and
> use certificates from the Windows Certification Store.

Speaking of certificates, libcurl+OpenSSL it's quite handy to know the
server's certs. E.g.:

curl.exe -v --trace-ascii - https://www.google.com
...

0000: .....P..^N..?.;.
== Info: SSL connection using ECDHE-RSA-RC4-SHA
== Info: Server certificate:
== Info: subject: C=US; ST=California; L=Mountain View; O=Google Inc; CN=www.google.com
== Info: start date: 2011-10-26 00:00:00 GMT
== Info: expire date: 2013-09-30 23:59:59 GMT
== Info: common name: www.google.com (matched)
== Info: issuer: C=ZA; O=Thawte Consulting (Pty) Ltd.; CN=Thawte SGC CA
== Info: SSL certificate verify ok.

Using libcurl+Schannel I get no such trace. Would it be possible? There are
maybe some Schannel callbacks that could do this?

> I would really like to see those changes make it into libcurl. Maybe
> more testing is required and therefore I also ask you people to test
> it. Once you also consider it stable, it can be merged into libcurl,
> even though there are some long-term TODOs open.

Agreed, merge into the official repo. I find it good.

--gv
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-04-14