CURLOPT_PINNEDPUBLICKEY.3: added details

This commit is contained in:
Daniel Stenberg 2014-10-30 14:56:53 +01:00
parent b274dedf1b
commit 006556713e

View File

@ -32,20 +32,34 @@ Pass a pointer to a zero terminated string as parameter. The string should be
the file name of your pinned public key. The format expected is "DER".
When negotiating a TLS or SSL connection, the server sends a certificate
indicating its identity. A public key is extracted from this certificate
and if it does not exactly match the public key provided to this option,
curl will abort the connection before sending or receiving any data.
This is currently only implemented in the OpenSSL backend, with more backends
expected to follow shortly.
indicating its identity. A public key is extracted from this certificate and
if it does not exactly match the public key provided to this option, curl will
abort the connection before sending or receiving any data.
.SH DEFAULT
NULL
.SH PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3, SMTPS etc.
.SH EXAMPLE
TODO
.nf
CURL *curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
curl_easy_setopt(curl, CURLOPT_PINNEDPUBLICKEY, "/etc/publickey.der");
/* Perform the request */
curl_easy_perform(curl);
}
.fi
.SH AVAILABILITY
If built TLS enabled.
If built TLS enabled. This is currently only implemented in the OpenSSL,
GnuTLS and GSKit backends.
Added in libcurl 7.39.0
.SH RETURN VALUE
Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or
CURLE_OUT_OF_MEMORY if there was insufficient heap space.
.SH "SEE ALSO"
.BR CURLOPT_SSL_VERIFYPEER "(3), "
.BR CURLOPT_SSL_VERIFYHOST "(3), "
.BR CURLOPT_CAINFO "(3), "
.BR CURLOPT_CAPATH "(3), "