curl_easy_setopt with CURLOPT_SSLCERT_BLOB seems not to work. #6816
Comments
We pass PEM data with the option and I can verify it got 6000 bytes and a non NULL pointer in curl_blob. PS: Bug is also in 7.75.0. |
I put some debug code in SSL_CTX_use_PrivateKey_bio:
and the output is:
So while it shows clearly for us in l our log above, the length is > 6000 for the PEM, but at point of PEM_read_bio_PrivateKey, the length is zero! And Openssl can't find the --- BEGIN in the PEM. |
I added logging for the created BIO object and it has the size:
So somewhere between that and the later point the length is lost, and internal pointer changes! |
Seems like some of the BIO taking functions read the content of the BIO, so you can't reuse it. |
I made a pull request with fixes: |
see curl#6816 and alternate fix 6817
I did this
curl_easy_setopt with CURLOPT_SSLCERT_BLOB seems not to work.
58: unable to set private key file: '(memory blob)' type PEM
I expected the following
The key is used.
curl/libcurl version
7.76.0 from today.
operating system
macOS
Darwin MyMac.lan 19.6.0 Darwin Kernel Version 19.6.0: Tue Jan 12 22:13:05 PST 2021; root:xnu-6153.141.16~1/RELEASE_X86_64 x86_64
The text was updated successfully, but these errors were encountered: