-
-
Notifications
You must be signed in to change notification settings - Fork 6.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
curl_easy_setopt with CURLOPT_SSLCERT_BLOB seems not to work. #6816
Comments
We pass PEM data with the option and I can verify it got 6000 bytes and a non NULL pointer in curl_blob. PS: Bug is also in 7.75.0. |
I put some debug code in SSL_CTX_use_PrivateKey_bio:
and the output is:
So while it shows clearly for us in l our log above, the length is > 6000 for the PEM, but at point of PEM_read_bio_PrivateKey, the length is zero! And Openssl can't find the --- BEGIN in the PEM. |
I added logging for the created BIO object and it has the size:
So somewhere between that and the later point the length is lost, and internal pointer changes! |
Seems like some of the BIO taking functions read the content of the BIO, so you can't reuse it. |
I made a pull request with fixes: |
see curl#6816 and alternate fix 6817
I did this
curl_easy_setopt with CURLOPT_SSLCERT_BLOB seems not to work.
58: unable to set private key file: '(memory blob)' type PEM
I expected the following
The key is used.
curl/libcurl version
7.76.0 from today.
operating system
macOS
Darwin MyMac.lan 19.6.0 Darwin Kernel Version 19.6.0: Tue Jan 12 22:13:05 PST 2021; root:xnu-6153.141.16~1/RELEASE_X86_64 x86_64
The text was updated successfully, but these errors were encountered: