Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
CURLOPT_SSL_CTX_FUNCTION(3)curl_easy_setopt optionsCURLOPT_SSL_CTX_FUNCTION(3)

NAME
       CURLOPT_SSL_CTX_FUNCTION	- SSL context callback for OpenSSL, wolfSSL or
       mbedTLS

SYNOPSIS
       #include	<curl/curl.h>

       CURLcode	ssl_ctx_callback(CURL *curl, void *ssl_ctx, void *userptr);

       CURLcode	curl_easy_setopt(CURL *handle, CURLOPT_SSL_CTX_FUNCTION,
				 ssl_ctx_callback);

DESCRIPTION
       This option only	works for  libcurl  powered  by	 OpenSSL,  wolfSSL  or
       mbedTLS.	 If  libcurl  was built	against	another	SSL library this func-
       tionality is absent.

       Pass a pointer to your callback function, which should match the	proto-
       type shown above.

       This  callback function gets called by libcurl just before the initial-
       ization of an SSL connection after having processed all other  SSL  re-
       lated options to	give a last chance to an application to	modify the be-
       havior of the SSL initialization. The ssl_ctx parameter is  actually  a
       pointer	to  the	 SSL  library's	 SSL_CTX for OpenSSL or	wolfSSL, and a
       pointer to mbedtls_ssl_config for mbedTLS. If an	error is returned from
       the  callback no	attempt	to establish a connection is made and the per-
       form operation will return the callback's error code. Set  the  userptr
       argument	with the CURLOPT_SSL_CTX_DATA(3) option.

       This  function will get called on all new connections made to a server,
       during the SSL negotiation. The ssl_ctx will point to a newly  initial-
       ized  object  each time,	but note the pointer may be the	same as	from a
       prior call.

       To use this properly, a non-trivial amount of knowledge of your SSL li-
       brary  is necessary. For	example, you can use this function to call li-
       brary-specific callbacks	to add additional validation code for certifi-
       cates, and even to change the actual URI	of an HTTPS request.

       WARNING:	 The  CURLOPT_SSL_CTX_FUNCTION(3) callback allows the applica-
       tion to reach in	and modify  SSL	 details  in  the  connection  without
       libcurl	itself	knowing	anything about it, which then subsequently can
       lead to libcurl unknowingly  reusing  SSL  connections  with  different
       properties. To remedy this you may set CURLOPT_FORBID_REUSE(3) from the
       callback	function.

DEFAULT
       NULL

PROTOCOLS
       All TLS based protocols:	HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.

EXAMPLE
       See cacertinmem.c in docs/examples directory for	usage example.

       https://curl.se/libcurl/c/cacertinmem.html

AVAILABILITY
       Added in	7.11.0 for OpenSSL, in 7.42.0 for wolfSSL and  in  7.54.0  for
       mbedTLS.	Other SSL backends are not supported.

RETURN VALUE
       CURLE_OK	if supported; or an error such as:

       CURLE_NOT_BUILT_IN - Not	supported by the SSL backend

       CURLE_UNKNOWN_OPTION

SEE ALSO
       CURLOPT_SSL_CTX_DATA(3),	CURLOPT_SSL_VERIFYPEER(3),

libcurl	7.74.0		       November	04, 2020   CURLOPT_SSL_CTX_FUNCTION(3)

NAME | SYNOPSIS | DESCRIPTION | DEFAULT | PROTOCOLS | EXAMPLE | AVAILABILITY | RETURN VALUE | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=CURLOPT_SSL_CTX_FUNCTION&sektion=3&manpath=FreeBSD+13.0-RELEASE+and+Ports>

home | help