[prev in list] [next in list] [prev in thread] [next in thread]
List: curl-library
Subject: Re: Access to server certificate or verify callback?
From: Scott Cantor <cantor.2 () osu ! edu>
Date: 2003-04-30 3:14:16
[Download RAW message or body]
> Both of your requests have been received on this list before,
> but so far no one has introduced a nice patch introducing them.
>
> I would say that Philippe Raoult has come closest, as he
> submitted a patch back in March that adds a callback for the
> certificate verification:
>
> http://curl.haxx.se/mail/lib-2003-03/0173.html
>
> (See that thread for my comments and why it wasn't applied, yet.)
Cool, thanks.
> I (and others) would certainly appreciate it!
>
> I guess Philippe's patch could be used as the basis, and then the tiny
> quirks could be smoothened and then we are game. At least that's what I
> think, I'll admit I haven't been investigating the patch very closely.
Ok, I'll take a look at that code and see if I can address the concerns.
I'm acually inclined for *my* purposes to try and just get hold of the certificate \
because what I'm looking to do is compare it to a well-known certificate. But since \
that would happen after the response is already received and processed by libcurl, \
that would be a security no-no for other apps, so it's probably best to do it as a \
supplemental or replacement verify callback.
-- Scott
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic