Pages

Sunday, February 17, 2013

SSL context function with cURL and CyaSSL

For some reason, cURL disables this functionality when using SSL libraries other than OpenSSL. To solve the problem, we need to dive into the cURL source code for a bit.

This code applies for cURL version 7.29.0.

Source file: cyassl.c, cyassl_connect_step1()

Declare and define variable at the top:

CURLcode retcode = CURLE_OK;

The rest of the code:

#ifndef NO_FILESYSTEM
// ...
#else
/* give application a chance to interfere with SSL set up. */
if(data->set.ssl.fsslctx) {
    retcode = (*data->set.ssl.fsslctx)(data, conssl->ctx, data->set.ssl.fsslctxp);
    if(retcode) {
        failf(data,"error signaled by ssl ctx callback");
        return retcode;
    }
}
#endif /* NO_FILESYSTEM */

Most of this was copied from ssluse.c.

Source file: url.c, Curl_setopt()

Look for the following code.

#ifdef USE_SSLEAY
    /* since these two options are only possible to use on an OpenSSL-
       powered libcurl we #ifdef them on this condition so that libcurls
       built against other SSL libs will return a proper error when trying
       to set this option! */
  case CURLOPT_SSL_CTX_FUNCTION:
    /*
     * Set a SSL_CTX callback
     */
    data->set.ssl.fsslctx = va_arg(param, curl_ssl_ctx_callback);
    break;
  case CURLOPT_SSL_CTX_DATA:
    /*
     * Set a SSL_CTX callback parameter pointer
     */
    data->set.ssl.fsslctxp = va_arg(param, void *);
    break;
  case CURLOPT_CERTINFO:
    data->set.ssl.certinfo = (0 != va_arg(param, long))?TRUE:FALSE;
    break;
#endif

Change the #ifdef:

#if defined(USE_SSLEAY) || defined(USE_CYASSL)

Project files: *.vcxproj

Add preprocessor definition if needed: USE_CYASSL

Using it

CURLcode sslContextCallback(CURL* curl, void* ctx, void* param) {
    return CURLE_OK;
}

// ...
curl_easy_setopt(curl, CURLOPT_SSL_CTX_FUNCTION, *sslContextCallback);

No comments:

Post a Comment