diff options
author | Ales Mlakar <ales.mlakar@outfit7.com> | 2017-02-21 13:15:56 +0100 |
---|---|---|
committer | Jay Satiro <raysatiro@yahoo.com> | 2017-03-21 23:51:44 -0400 |
commit | a360906de63debbf1f2f2a0eb008443a2df17291 (patch) | |
tree | 3c6b9edbf551d690703b2cfaa688d8aa5d3c94c0 /docs | |
parent | 898b012a9bf388590c4be7f526815b5ab74feca1 (diff) | |
download | curl-a360906de63debbf1f2f2a0eb008443a2df17291.tar.gz |
mbedtls: add support for CURLOPT_SSL_CTX_FUNCTION
Ref: https://curl.haxx.se/mail/lib-2017-02/0097.html
Closes https://github.com/curl/curl/pull/1272
Diffstat (limited to 'docs')
-rw-r--r-- | docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.3 | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.3 b/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.3 index b26012670..2f71495b7 100644 --- a/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.3 +++ b/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.3 @@ -22,7 +22,7 @@ .\" .TH CURLOPT_SSL_CTX_FUNCTION 3 "19 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options" .SH NAME -CURLOPT_SSL_CTX_FUNCTION \- SSL context callback for OpenSSL or wolfSSL/CyaSSL +CURLOPT_SSL_CTX_FUNCTION \- SSL context callback for OpenSSL, wolfSSL/CyaSSL or mbedTLS .SH SYNOPSIS .nf #include <curl/curl.h> @@ -32,8 +32,9 @@ CURLcode ssl_ctx_callback(CURL *curl, void *ssl_ctx, void *userptr); CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_CTX_FUNCTION, ssl_ctx_callback); .SH DESCRIPTION -This option only works for libcurl powered by OpenSSL or wolfSSL/CyaSSL. If -libcurl was built against another SSL library this functionality is absent. +This option only works for libcurl powered by OpenSSL, wolfSSL/CyaSSL or +mbedTLS. If libcurl was built against another SSL library this functionality is +absent. Pass a pointer to your callback function, which should match the prototype shown above. @@ -42,13 +43,15 @@ This callback function gets called by libcurl just before the initialization of an SSL connection after having processed all other SSL related options to give a last chance to an application to modify the behaviour of the SSL initialization. The \fIssl_ctx\fP parameter is actually a pointer to the SSL -library's \fISSL_CTX\fP. If an error is returned from the callback no attempt -to establish a connection is made and the perform operation will return the -callback's error code. Set the \fIuserptr\fP argument with the +library's \fISSL_CTX\fP for OpenSSL or wolfSSL/CyaSSL, and a pointer to +\fImbedtls_ssl_config\fP for mbedTLS. If an error is returned from the callback +no attempt to establish a connection is made and the perform operation will +return the callback's error code. Set the \fIuserptr\fP argument with the \fICURLOPT_SSL_CTX_DATA(3)\fP option. This function will get called on all new connections made to a server, during -the SSL negotiation. The SSL_CTX pointer will be a new one every time. +the SSL negotiation. The \fIssl_ctx\fP will point to a newly initialized object +each time, but note the pointer may be the same as from a prior call. To use this properly, a non-trivial amount of knowledge of your SSL library is necessary. For example, you can use this function to call library-specific @@ -133,8 +136,8 @@ int main(void) } .fi .SH AVAILABILITY -Added in 7.11.0 for OpenSSL. Added in 7.42.0 for wolfSSL/CyaSSL. Other SSL -backends not supported. +Added in 7.11.0 for OpenSSL. Added in 7.42.0 for wolfSSL/CyaSSL. Added in +7.54.0 for mbedTLS. Other SSL backends not supported. .SH RETURN VALUE CURLE_OK if supported; or an error such as: |