curl-library
Re: API to include cacert using a C string
Date: Fri, 8 Jan 2016 23:57:47 -0800
I feel like re-purposing CAINFO or CAPATH has a smell about it.
Something like CURLOPT_CARAW or CURLOPT_CAEMBEDDED sounds more
reasonable to me.
-bch
On 1/8/16, Thomas Glanzmann <thomas_at_glanzmann.de> wrote:
> Hello Daniel,
>
>> I will gladly accept patches that introduce it. Have you considered
>> the API/option for passing the cacert bundle to libcurl?
>
> I have thought about this as well. I think we have two options:
>
> - Make CURLOPT_CAINFO and/or CURLOPT_CAPATH not only accept a
> path as they do today but also let them accept one or more
> X509 PEM encoded certificates. Try to write a generic wrapper
> function that works with all SSL backends, if that it is not
> possible write one per SSL backend.
>
> - Introduce a new CURLOPT which only accepts one or more X509
> PEM certificates. Maybe CURLOPT_EMBEDCA or something similar.
>
> Maybe you have another and better idea, than let me know.
>
> Cheers,
> Thomas
> -------------------------------------------------------------------
> List admin: http://cool.haxx.se/list/listinfo/curl-library
> Etiquette: http://curl.haxx.se/mail/etiquette.html
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2016-01-09