cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: API to include cacert using a C string

From: bch <brad.harder_at_gmail.com>
Date: Fri, 8 Jan 2016 23:57:47 -0800

I feel like re-purposing CAINFO or CAPATH has a smell about it.
Something like CURLOPT_CARAW or CURLOPT_CAEMBEDDED sounds more
reasonable to me.

-bch

On 1/8/16, Thomas Glanzmann <thomas_at_glanzmann.de> wrote:
> Hello Daniel,
>
>> I will gladly accept patches that introduce it. Have you considered
>> the API/option for passing the cacert bundle to libcurl?
>
> I have thought about this as well. I think we have two options:
>
> - Make CURLOPT_CAINFO and/or CURLOPT_CAPATH not only accept a
> path as they do today but also let them accept one or more
> X509 PEM encoded certificates. Try to write a generic wrapper
> function that works with all SSL backends, if that it is not
> possible write one per SSL backend.
>
> - Introduce a new CURLOPT which only accepts one or more X509
> PEM certificates. Maybe CURLOPT_EMBEDCA or something similar.
>
> Maybe you have another and better idea, than let me know.
>
> Cheers,
> Thomas
> -------------------------------------------------------------------
> List admin: http://cool.haxx.se/list/listinfo/curl-library
> Etiquette: http://curl.haxx.se/mail/etiquette.html
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2016-01-09

This message: [ Message body ]
Next message: Eakasit Tangmunchittham: "RE: multiplexing issues on libcurl HTTP2"
Previous message: Thomas Glanzmann: "Re: API to include cacert using a C string"
In reply to: Thomas Glanzmann: "Re: API to include cacert using a C string"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]