bionic (3) CURLOPT_SSL_CTX_FUNCTION.3.gz

Provided by: libcurl4-doc_7.58.0-2ubuntu3.24_all bug

NAME
       CURLOPT_SSL_CTX_FUNCTION - SSL context callback for OpenSSL, wolfSSL/CyaSSL or mbedTLS


SYNOPSIS
       #include <curl/curl.h>

       CURLcode ssl_ctx_callback(CURL *curl, void *ssl_ctx, void *userptr);

       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_CTX_FUNCTION,
                                 ssl_ctx_callback);


DESCRIPTION
       This  option  only  works for libcurl powered by OpenSSL, wolfSSL/CyaSSL or mbedTLS. If libcurl was built
       against another SSL library this functionality is absent.

       Pass a pointer to your callback function, which should match the prototype shown above.

       This callback function gets called by libcurl just before the initialization of an SSL  connection  after
       having  processed  all  other  SSL  related options to give a last chance to an application to modify the
       behaviour of the SSL initialization. The ssl_ctx parameter is actually a pointer  to  the  SSL  library's
       SSL_CTX  for  OpenSSL  or wolfSSL/CyaSSL, and a pointer to mbedtls_ssl_config for mbedTLS. If an error is
       returned from the callback no attempt to establish a connection is made and the  perform  operation  will
       return the callback's error code. Set the userptr argument with the CURLOPT_SSL_CTX_DATA(3) option.

       This  function  will  get called on all new connections made to a server, during the SSL negotiation. The
       ssl_ctx will point to a newly initialized object each time, but note the pointer may be the same as  from
       a prior call.

       To  use  this  properly, a non-trivial amount of knowledge of your SSL library is necessary. For example,
       you can use this function to call library-specific  callbacks  to  add  additional  validation  code  for
       certificates, and even to change the actual URI of a HTTPS request.


DEFAULT
       NULL


PROTOCOLS
       All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.


EXAMPLE
       See cacertinmem.c in docs/examples directory for usage example.

       https://curl.haxx.se/libcurl/c/cacertinmem.html


AVAILABILITY
       Added  in  7.11.0 for OpenSSL. Added in 7.42.0 for wolfSSL/CyaSSL. Added in 7.54.0 for mbedTLS. Other SSL
       backends not supported.


RETURN VALUE
       CURLE_OK if supported; or an error such as:

       CURLE_NOT_BUILT_IN - Not supported by the SSL backend

       CURLE_UNKNOWN_OPTION


SEE ALSO
       CURLOPT_SSL_CTX_DATA(3), CURLOPT_SSL_VERIFYPEER(3),