Re: CURLOPT_SSL_VERIFYPEER without CURLOPT_CAINFO?
Date: Thu, 02 Mar 2006 20:57:33 +0100
Daniel Stenberg schrieb:
> On Thu, 2 Mar 2006, Sebastian Brückner wrote:
>> I need to set both CURLOPT_CAINFO and CURLOPT_CAPATH to NULL, then
>> curl won't try to read any files...
> Oh. When you say it and I check the source I can see why, but it feels a
> bit awkward and unintuitive for your use case. I'm not really sure how
> we could fix that without breaking anything...
Would be fine for me if it would be obvious from the documentation :-)
>> Now I get an access violation in my sslctx callback... but that might
>> not be related at all.
> Let us know if you find anything suspicious!
Problem was a non-initialized pointer:
X509 *x509_server; // <-- not initialized
PEM_read_bio_X509(bio, &x509_server, 0, NULL);
When x509_server is not NULL PEM_read_bio_X509 will cause an access
I mostly copied that code from samples and it works perfectly with NULL
pointers. Took me a while to figure that out though. Can't say that I
understand that huge mess of #defines around PEM_read_bio_*...
Anyway... that's not related to curl but to OpenSSL/libeay so never mind.
A more comfortable way to pass certificates from memory into curl would
be nice though. Without having to use all that OpenSSL-voodoo stuff.
Received on 2006-03-02