curl / Mailing Lists / curl-library / Single Mail


Re: Enabled multiple SSL backends

From: Rich Gray <>
Date: Mon, 28 Aug 2017 21:26:56 -0400

Daniel Stenberg wrote:
> Hi friends!
> As of minutes ago, libcurl has the ability to change SSL backend
> dynamically at run-time - if built with the support enabled. That means
> that the choice does no longer only have to happen at build-time.
> curl_global_sslset() is the new function for selecting which SSL backend
> to use. See

Wow. Niiice. One of the issues I've had with using libcurl in our products
is that we don't really know what SSL libraries (if any) the customer will
have available. This seems to go a long way towards being able to deliver a
libcurl and not have to worry about targeting/dictating the SSL library the
customer uses.

> Finally, all credits for the heavy lifting here should go to Johannes
> Schindelin! Thanks!

All hail Johannes Schindelin, and all the curl developers upon whose
shoulders he stands !! :)

> Questions?

I am curious about the manpage statement "This function can only be called
once". Shouldn't this be something more like "This function can only be
used to select an SSL library once."

Is the avail list a list of all possible libcurl backends or a list of
backends supported by the current library or a the valid libraries on the
current system? I suspect the first case, given there appear to be
CURLSSLBACKEND_* defines for each library. This is also the only sane way
the ID#s in the example could be stable? They don't change, do they?

"If the specified SSL backend is not available, the function returns
CURLSSLSET_UNKNOWN_BACKEND and sets the "avail" pointer to a NULL-terminated
list of available SSL backends." Would it be correct to follow this with
"In this case, you may call the function again to try to select a different

Again, this looks to be a fantastic addition to libcurl!

- Rich
Received on 2017-08-29