cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Proposal + patch: add CURLOPT_CERTINFO to NSS

From: Kamil Dudka <kdudka_at_redhat.com>
Date: Tue, 29 Oct 2013 20:23:10 +0100

On Tuesday, October 29, 2013 19:32:58 Patrick Monnerat wrote:
> Kamil Dudka wrote:
>
> Hi Kamil,
>
> > thank you for working on this!
>
> You're welcome. I think we should have such a feature on Fedora ;-)
>
> > ... checked the verbose output with CURLOPT_CERTINFO enabled, and it
>
> appeared to work just fine!
>
> WARNING: the verbose output of the command line tool does not use
> CERTINFO. It just sets the verbose mode that dumps server certificate
> parameters: you should obtain such an output with most of the SSL
> backends even if they don't support CERTINFO.
>
> The only way you may test it is by writing a program, or compile the
> curl cli tool replacing tool_operate.c by the crappy updated one in
> attachement (for test purpose only: no commit !!!) that unconditionally
> requests CERTINFO and dumps it.

Sure. I was talking about the verbose output provided with CURLOPT_CERTINFO
enabled (for testing purposes, I had patched url.c to enable the option by
default). I did not check the data exposed through the libcurl API though.

> Tell me if you're OK for commit, please.

Yes, it looks perfectly fine for commit to me.

Kamil
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-10-29