-
-
Notifications
You must be signed in to change notification settings - Fork 6.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
rebased branch bundled_cacert from moparisthebest
Validation : 397e11b [397e11b] Parents : 4506607 Auteur : moparisthebest <admin@moparisthebest.com> Date : vendredi 3 avril 2020 00:32:42 Auteur : moparisthebest Date de validation : samedi 4 avril 2020 00:31:23 Add CURLOPT_CAINFO_PEM
- Loading branch information
Showing
15 changed files
with
333 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,67 @@ | ||
.\" ************************************************************************** | ||
.\" * _ _ ____ _ | ||
.\" * Project ___| | | | _ \| | | ||
.\" * / __| | | | |_) | | | ||
.\" * | (__| |_| | _ <| |___ | ||
.\" * \___|\___/|_| \_\_____| | ||
.\" * | ||
.\" * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. | ||
.\" * | ||
.\" * This software is licensed as described in the file COPYING, which | ||
.\" * you should have received as part of this distribution. The terms | ||
.\" * are also available at https://curl.se/docs/copyright.html. | ||
.\" * | ||
.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell | ||
.\" * copies of the Software, and permit persons to whom the Software is | ||
.\" * furnished to do so, under the terms of the COPYING file. | ||
.\" * | ||
.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY | ||
.\" * KIND, either express or implied. | ||
.\" * | ||
.\" ************************************************************************** | ||
.\" | ||
.TH CURLOPT_CAINFO_PEM 3 "14 Nov 2020" "libcurl 7.74.0" "curl_easy_setopt options" | ||
.SH NAME | ||
CURLOPT_CAINFO \- with proxy Certificate Authority (CA) bundle in PEM format | ||
.SH SYNOPSIS | ||
#include <curl/curl.h> | ||
|
||
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CAINFO_PEM, char *pem_string); | ||
.SH DESCRIPTION | ||
Pass a char * to a null-terminated string with PEM encoded content holding one | ||
or more certificates to verify the HTTPS proxy with. | ||
|
||
If \fICURLOPT_SSL_VERIFYPEER(3)\fP is zero and you avoid verifying the | ||
server's certificate, \fICURLOPT_CAINFO(3)\fP need not even indicate an | ||
accessible file. | ||
|
||
|
||
The application does not have to keep the string around after setting this | ||
option. | ||
.SH DEFAULT | ||
Built-in system specific. When curl is built with Secure Transport or | ||
Schannel, this option is not set by default. | ||
.SH PROTOCOLS | ||
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc. | ||
.SH EXAMPLE | ||
.nf | ||
const char* strpem; | ||
/* user must fill strpem with content of a PEM file */ | ||
CURL *curl = curl_easy_init(); | ||
if(curl) { | ||
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/"); | ||
curl_easy_setopt(curl, CURLOPT_CAINFO_PEM, strpem); | ||
ret = curl_easy_perform(curl); | ||
curl_easy_cleanup(curl); | ||
} | ||
.fi | ||
.SH AVAILABILITY | ||
Added in 7.74.0 | ||
|
||
This option is supported by the OpenSSL backends. | ||
.SH RETURN VALUE | ||
Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or | ||
CURLE_OUT_OF_MEMORY if there was insufficient heap space. | ||
.SH "SEE ALSO" | ||
.BR CURLOPT_CAPATH "(3), " | ||
.BR CURLOPT_SSL_VERIFYPEER "(3), " CURLOPT_SSL_VERIFYHOST "(3), " |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,84 @@ | ||
.\" ************************************************************************** | ||
.\" * _ _ ____ _ | ||
.\" * Project ___| | | | _ \| | | ||
.\" * / __| | | | |_) | | | ||
.\" * | (__| |_| | _ <| |___ | ||
.\" * \___|\___/|_| \_\_____| | ||
.\" * | ||
.\" * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. | ||
.\" * | ||
.\" * This software is licensed as described in the file COPYING, which | ||
.\" * you should have received as part of this distribution. The terms | ||
.\" * are also available at https://curl.se/docs/copyright.html. | ||
.\" * | ||
.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell | ||
.\" * copies of the Software, and permit persons to whom the Software is | ||
.\" * furnished to do so, under the terms of the COPYING file. | ||
.\" * | ||
.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY | ||
.\" * KIND, either express or implied. | ||
.\" * | ||
.\" ************************************************************************** | ||
.\" | ||
.TH CURLOPT_PROXY_CAINFO_PEM 3 "14 Nov 2020" "libcurl 7.74.0" "curl_easy_setopt options" | ||
.SH NAME | ||
CURLOPT_PROXY_CAINFO \- string with proxy Certificate Authority (CA) bundle in PEM format | ||
.SH SYNOPSIS | ||
#include <curl/curl.h> | ||
|
||
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_CAINFO_PEM, char *pem_string); | ||
.SH DESCRIPTION | ||
This option is for connecting to an HTTPS proxy, not an HTTPS server. | ||
|
||
Pass a char * to a null-terminated string with PEM encoded content holding one | ||
or more certificates to verify the HTTPS proxy with. | ||
|
||
If \fICURLOPT_PROXY_SSL_VERIFYPEER(3)\fP is zero and you avoid verifying the | ||
server's certificate, \fICURLOPT_PROXY_CAINFO(3)\fP need not even indicate an | ||
accessible file. | ||
|
||
This option is by default set to the system path where libcurl's cacert bundle | ||
is assumed to be stored, as established at build time. | ||
|
||
If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module | ||
(libnsspem.so) needs to be available for this option to work properly. | ||
|
||
(iOS and macOS only) If curl is built against Secure Transport, then this | ||
option is supported for backward compatibility with other SSL engines, but it | ||
should not be set. If the option is not set, then curl will use the | ||
certificates in the system and user Keychain to verify the peer, which is the | ||
preferred method of verifying the peer's certificate chain. | ||
|
||
This option is supported by the OpenSSL backends. | ||
|
||
The application does not have to keep the string around after setting this | ||
option. | ||
.SH DEFAULT | ||
Built-in system specific | ||
.SH PROTOCOLS | ||
Used with HTTPS proxy | ||
.SH EXAMPLE | ||
.nf | ||
const char* strpem; | ||
/* user must fill strpem with content of a PEM file */ | ||
CURL *curl = curl_easy_init(); | ||
if(curl) { | ||
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/"); | ||
/* using an HTTPS proxy */ | ||
curl_easy_setopt(curl, CURLOPT_PROXY, "https://localhost:443"); | ||
curl_easy_setopt(curl, CURLOPT_PROXY_CAINFO_PEM, strpem); | ||
ret = curl_easy_perform(curl); | ||
curl_easy_cleanup(curl); | ||
} | ||
.fi | ||
.SH AVAILABILITY | ||
Added in 7.74.0 | ||
|
||
This option is supported by the OpenSSL backends..SH RETURN VALUE | ||
Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or | ||
CURLE_OUT_OF_MEMORY if there was insufficient heap space. | ||
.SH "SEE ALSO" | ||
.BR CURLOPT_PROXY_CAPATH "(3), " | ||
.BR CURLOPT_PROXY_SSL_VERIFYPEER "(3), " CURLOPT_PROXY_SSL_VERIFYHOST "(3), " | ||
.BR CURLOPT_CAPATH "(3), " | ||
.BR CURLOPT_SSL_VERIFYPEER "(3), " CURLOPT_SSL_VERIFYHOST "(3), " |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
/*************************************************************************** | ||
* _ _ ____ _ | ||
* Project ___| | | | _ \| | | ||
* / __| | | | |_) | | | ||
* | (__| |_| | _ <| |___ | ||
* \___|\___/|_| \_\_____| | ||
* | ||
* Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. | ||
* | ||
* This software is licensed as described in the file COPYING, which | ||
* you should have received as part of this distribution. The terms | ||
* are also available at https://curl.haxx.se/docs/copyright.html. | ||
* | ||
* You may opt to use, copy, modify, merge, publish, distribute and/or sell | ||
* copies of the Software, and permit persons to whom the Software is | ||
* furnished to do so, under the terms of the COPYING file. | ||
* | ||
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY | ||
* KIND, either express or implied. | ||
* | ||
***************************************************************************/ | ||
|
||
/* | ||
regenerate this file like so: | ||
curl -Oz cacert.pem https://curl.haxx.se/ca/cacert.pem \ | ||
&& xxd -i -C cacert.pem | sed -r 's/(0x..)$/\1, 0x00/' > lib/cacert.h | ||
unless CACERT_PEM is defined in here, there will be a compile error if | ||
CURL_CA_BUNDLE_PEM is defined, CACERT_PEM must be a proper null-terminated | ||
C string | ||
unsigned char CACERT_PEM[] = { | ||
0x62, 0x6f, 0x62, 0x0a, 0x00 | ||
}; | ||
unsigned int CACERT_PEM_LEN = 4; | ||
*/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.