curl / Mailing Lists / curl-library / Single Mail


RE: cURL with openSSL 1.1.1 version

From: Daniel Stenberg via curl-library <>
Date: Thu, 21 Mar 2019 10:00:18 +0100 (CET)

On Thu, 21 Mar 2019, Swamy J-S wrote:

> Thanks for the reply. I didn't understand the last point what you mentioned
> about curl handle. I can't use the handle passed in the exact same way
> before means any changes in curl handling options?

With CURLOPT_SSL_CTX_FUNCTION you specifty a callback to use. When that
callback function is used, the second argument is a 'ssl_ctx' pointer.

This pointer is TLS library specific, so in order to be able to use this for
anything your application needs to know about the TLS library in use and it
needs to know how to use this pointer with that library.

In your case apparently OpenSSL. For OpenSSL that is a pointer to a 'SSL_CTX'.

OpenSSL changed a lot of stuff in the SSL_CTX struct between 1.0.2 and 1.1.1
and lots of data that was previously available in that struct now requires
access function calls etc.

> So if I upgrade to openssl 1.1.1(adding it through untrusted
> repository{"sudo add-apt-repository ppa:ci-train-ppa-service/3473"}) in
> Ubuntu 18.04 OS with curl 7.58.0, Will it affect any functionality?

curl will work fine. If your application depends on something (in that
callback call path) that OpenSSL 1.0.2 could do that 1.1.1 can't, then you
need to update/change your code for that.

Received on 2019-03-21