.SH EXAMPLE
TODO
.SH AVAILABILITY
-Added in 7.11.0. Only used with the OpenSSL backend.
+Added in 7.11.0. Only used with the OpenSSL and WolfSSL/CyaSSL backend.
.SH RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
.SH "SEE ALSO"
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_CTX_FUNCTION,
ssl_ctx_callback);
.SH DESCRIPTION
-This option only works for libcurl powered by OpenSSL. If libcurl was built
-against another SSL library, this functionality is absent.
+This option only works for libcurl powered by OpenSSL and WolfSSL/CyaSSL.
+If libcurl was built against another SSL library, this functionality is absent.
Pass a pointer to your callback function, which should match the prototype
shown above.
.SH EXAMPLE
TODO
.SH AVAILABILITY
-Added in 7.11.0. Only supported when built with OpenSSL.
+Added in 7.11.0. Only supported when built with OpenSSL and WolfSSL/CyaSSL.
.SH RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
.SH "SEE ALSO"
data->set.ssl.verifypeer?SSL_VERIFY_PEER:SSL_VERIFY_NONE,
NULL);
+ /* give application a chance to interfere with SSL set up. */
+ if(data->set.ssl.fsslctx) {
+ CURLcode result = CURLE_OK;
+ result = (*data->set.ssl.fsslctx)(data, conssl->ctx,
+ data->set.ssl.fsslctxp);
+ if(result) {
+ failf(data, "error signaled by ssl ctx callback");
+ return result;
+ }
+ }
+#ifdef NO_FILESYSTEM
+ else if(data->set.ssl.verifypeer) {
+ failf(data, "CyaSSL: unable to verify certificate; no certificate",
+ " authorities registered");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+#endif
+
/* Let's make an SSL structure */
if(conssl->handle)
SSL_free(conssl->handle);
/* Set the API backend definition to Schannel */
#define CURL_SSL_BACKEND CURLSSLBACKEND_CYASSL
+/* this backend suppots CURLOPT_SSL_CTX_FUNCTION */
+#define have_curlssl_ssl_ctx 1
+
/* API setup for CyaSSL */
#define curlssl_init Curl_cyassl_init
#define curlssl_cleanup() Curl_nop_stmt
projects / curl / commitdiff