DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 

CURLOPT_SSL_CTX_FUNCTION(3)





CURLOPT_SSL_CTX_FUNCTION(3curl_easy_setopt optionCURLOPT_SSL_CTX_FUNCTION(3)



NAME

     CURLOPT_SSL_CTX_FUNCTION - SSL context callback for OpenSSL,
     wolfSSL/CyaSSL or mbedTLS


SYNOPSIS

     #include <curl/curl.h>

     CURLcode ssl_ctx_callback(CURL *curl, void *ssl_ctx, void *userptr);

     CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_CTX_FUNCTION,
                               ssl_ctx_callback);


DESCRIPTION

     This option only  works  for  libcurl  powered  by  OpenSSL,
     wolfSSL/CyaSSL  or  mbedTLS.  If  libcurl  was built against
     another SSL library this functionality is absent.

     Pass a pointer to your callback function, which should match
     the prototype shown above.

     This callback function gets called by  libcurl  just  before
     the  initialization  of  an SSL connection after having pro-
     cessed all other SSL related options to give a  last  chance
     to  an  application  to modify the behaviour of the SSL ini-
     tialization. The ssl_ctx parameter is actually a pointer  to
     the SSL library's SSL_CTX for OpenSSL or wolfSSL/CyaSSL, and
     a pointer to mbedtls_ssl_config for mbedTLS. If an error  is
     returned from the callback no attempt to establish a connec-
     tion is made and  the  perform  operation  will  return  the
     callback's  error  code.  Set  the userptr argument with the
     CURLOPT_SSL_CTX_DATA(3) option.

     This function will get called on all new connections made to
     a server, during the SSL negotiation. The ssl_ctx will point
     to a newly  initialized  object  each  time,  but  note  the
     pointer may be the same as from a prior call.

     To use this properly, a non-trivial amount of  knowledge  of
     your SSL library is necessary. For example, you can use this
     function to call library-specific  callbacks  to  add  addi-
     tional  validation code for certificates, and even to change
     the actual URI of a HTTPS request.


DEFAULT

     NULL


PROTOCOLS

     All TLS based protocols: HTTPS, FTPS,  IMAPS,  POP3S,  SMTPS
     etc.


EXAMPLE

     See  cacertinmem.c  in  docs/examples  directory  for  usage

libcurl 7.58.0   Last change: December 19, 2017                 1


CURLOPT_SSL_CTX_FUNCTION(3curl_easy_setopt optionCURLOPT_SSL_CTX_FUNCTION(3)


     example.

     https://curl.haxx.se/libcurl/c/cacertinmem.html


AVAILABILITY

     Added  in  7.11.0  for  OpenSSL.   Added   in   7.42.0   for
     wolfSSL/CyaSSL. Added in 7.54.0 for mbedTLS. Other SSL back-
     ends not supported.


RETURN VALUE

     CURLE_OK if supported; or an error such as:

     CURLE_NOT_BUILT_IN - Not supported by the SSL backend

     CURLE_UNKNOWN_OPTION


SEE ALSO

     CURLOPT_SSL_CTX_DATA(3), CURLOPT_SSL_VERIFYPEER(3),

libcurl 7.58.0   Last change: December 19, 2017                 2


Man(1) output converted with man2html