| .\" ************************************************************************** |
| .\" * _ _ ____ _ |
| .\" * Project ___| | | | _ \| | |
| .\" * / __| | | | |_) | | |
| .\" * | (__| |_| | _ <| |___ |
| .\" * \___|\___/|_| \_\_____| |
| .\" * |
| .\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al. |
| .\" * |
| .\" * This software is licensed as described in the file COPYING, which |
| .\" * you should have received as part of this distribution. The terms |
| .\" * are also available at http://curl.haxx.se/docs/copyright.html. |
| .\" * |
| .\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell |
| .\" * copies of the Software, and permit persons to whom the Software is |
| .\" * furnished to do so, under the terms of the COPYING file. |
| .\" * |
| .\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY |
| .\" * KIND, either express or implied. |
| .\" * |
| .\" ************************************************************************** |
| .\" |
| .TH CURLOPT_SSL_CTX_FUNCTION 3 "19 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options" |
| .SH NAME |
| CURLOPT_SSL_CTX_FUNCTION \- openssl specific callback to do SSL magic |
| .SH SYNOPSIS |
| .nf |
| #include <curl/curl.h> |
| |
| CURLcode ssl_ctx_callback(CURL *curl, void *ssl_ctx, void *userptr); |
| |
| CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_CTX_FUNCTION, |
| ssl_ctx_callback); |
| .SH DESCRIPTION |
| This option only works for libcurl powered by OpenSSL. If libcurl was built |
| against another SSL library, this functionality is absent. |
| |
| Pass a pointer to your callback function, which should match the prototype |
| shown above. |
| |
| This callback function gets called by libcurl just before the initialization |
| of a SSL connection after having processed all other SSL related options to |
| give a last chance to an application to modify the behaviour of openssl's ssl |
| initialization. The \fIsslctx\fP parameter is actually a pointer to an openssl |
| \fISSL_CTX\fP. If an error is returned from the callback, no attempt to |
| establish a connection is made and the perform operation will return the error |
| code. Set the \fIuserptr\fP argument with the \fICURLOPT_SSL_CTX_DATA(3)\fP |
| option. |
| |
| This function will get called on all new connections made to a server, during |
| the SSL negotiation. The SSL_CTX pointer will be a new one every time. |
| |
| To use this properly, a non-trivial amount of knowledge of the openssl |
| libraries is necessary. For example, using this function allows you to use |
| openssl callbacks to add additional validation code for certificates, and even |
| to change the actual URI of a HTTPS request (example used in the lib509 test |
| case). See also the example section for a replacement of the key, certificate |
| and trust file settings. |
| .SH DEFAULT |
| NULL |
| .SH PROTOCOLS |
| All TLS based protocols: HTTPS, FTPS, IMAPS, POP3, SMTPS etc. |
| .SH EXAMPLE |
| TODO |
| .SH AVAILABILITY |
| Added in 7.11.0. Only supported when built with OpenSSL. |
| .SH RETURN VALUE |
| Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. |
| .SH "SEE ALSO" |
| .BR CURLOPT_SSL_CTX_DATA "(3), " CURLOPT_SSL_VERIFYPEER "(3), " |