Download
Browse source Changelog
Documentation
Project   Bug Bounty   Help us   Known bugs   TODO Protocols   CA bundle   HTTP Cookies   HTTP/2   SSL Certs Releases   Security   Version numbers   Vulnerabilities curl tool   man page   Tutorial   HTTP scripting Who and Why
libcurl
ABI API Competitors Examples Features Mailing list Related libs Using libcurl Tutorial Testimonials
Get Help
curl-library curl-users Mailing lists Book: Everything curl Video presentations Report a bug Paid support
Development
Autobuilds Code review Code style Contribute Dashboard Deprecate Internals Release Notes Release Procedure Roadmap Run Tests Security Process Specifications Test curl
News
Changelog Release table
curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: Add CURLOPT_SSL_PTR_FUNCTION callback?

From: Felipe Gasper via curl-library <curl-library_at_cool.haxx.se>
Date: Tue, 7 Jul 2020 09:42:03 -0400

> On Jul 3, 2020, at 10:13 AM, Felipe Gasper via curl-library <curl-library_at_cool.haxx.se> wrote:
>
>
>> On Jul 3, 2020, at 9:54 AM, Daniel Stenberg <daniel_at_haxx.se> wrote:
>>
>> On Thu, 2 Jul 2020, Felipe Gasper via curl-library wrote:
>>
>>> I’d like libcurl’s API to expose a callback that fires immediately after the SSL object is created. This will allow alterations to the request as per the SSL parameters.
>>>
>>> I’m happy to do the work. Is this an enhancement that would interest the maintainer(s)?
>>
>> How about instead making sure CURLINFO_TLS_SSL_PTR can be extracted by the time the CURLOPT_SSL_CTX_FUNCTION is called?
>>
>> Feels like a smaller change with roughly the same end result...
>
> The documentation for CURLOPT_SSL_CTX_FUNCTION states that that callback fires “just before the initialization of an SSL connection”. To change that so that the callback fires after the SSL and CTX are both available would indeed facilitate the usage I envision, but it would seem to be a breaking change, both in terms of when the callback fires and of the input signature that the callback would need to implement:
>
> 1) Instead of firing before the SSL initialization it would need to fire after it.
>
> 2) Instead of passing in the SSL_CTX it would need to pass in both, or just the SSL (from which the CTX can be derived).
>
> Or is there another way to approach this?

Hi Daniel et al.,

Is there any update on this proposal?

If the original SSL_PTR callback isn’t suitable, would there maybe be a later point where the callback could more generally function as a “preflight”, a last point where alterations to the request are feasible?

Thank you!

-FG

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2020-07-07