cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: SSL validation callback

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Sun, 24 Apr 2011 13:03:55 +0200 (CEST)

On Wed, 20 Apr 2011, Clint Adams wrote:

> I am interested in a callback for SSL connections that will work with GNUTLS
> or NSS. The callback would need access to the X.509 certificate data
> retrieved from the peer (it would also need to know the peer name and some
> other information, but I am assuming the reverse dependency of libcurl can
> provide that information to the function itself). Its return value would
> determine whether libcurl continued performing the transfer or aborted as if
> the traditional certificate validation had failed.
>
> Is this something you'd consider viable for libcurl?

Yes, that sounds like something that would fit very nicely into libcurl and
that GnuTLS and NSS powered (anything except the OpenSSL backed ones really)
libcurls are currently missing.

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Received on 2011-04-24

This message: [ Message body ]
Next message: Daniel Stenberg: "Re: CURLPROXY_HTTP_1_0 does not affect protocol version (still HTTP/1.1)"
Previous message: Daniel Stenberg: "Re: missing version info in curl_config.h"
In reply to: Clint Adams: "SSL validation callback"
Next in thread: Peter Sylvester: "Re: SSL validation callback"
Reply: Peter Sylvester: "Re: SSL validation callback"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]