cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: TLS security in Curl

From: Hu, Eric <EHu_at_directv.com>
Date: Tue, 4 Jan 2011 16:50:04 -0700

> If I make my custom protocol by using curl_easy_send() and
> curl_easy_recv(), will curl still be handling TLS authentication on my
> behalf before sending the data on network?
>
If by "protocol," you mean a new prefix (ie, the "http" in "http://cool.haxx.se"), then the short answer is no. TLS happens a few layers down, so it would be up to your protocol to talk to the TLS engine (eg OpenSSL or GnuTLS). Lucky for you, looking at how https is implemented (see http.c/h and sslgen.c/h) should be instructive. You may even be able to call existing functions.

> Also if I use above mentioned API's, and implement some custom
> protocol, will Curl take care of all HTTP protocol related issues, for
> e.g. HTTP redirect and handling of error codes???
>
I think the short answer here is also no, for similar reasons as above. Also as above, you can probably make use of lots of existing code, either as examples or functions that you call.

If this is for your SSE project, you may want to consider not creating a new protocol, though that's a design decision for you to make.

Eric
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2011-01-05