SSL: Add an option to disable certificate revocation checks

New tool option --ssl-no-revoke. New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS. Currently this option applies only to WinSSL where we have automatic certificate revocation checking by default. According to the ssl-compared chart there are other backends that have automatic checking (NSS, wolfSSL and DarwinSSL) so we could possibly accommodate them at some later point. Bug: https://github.com/bagder/curl/issues/264 Reported-by: zenden2k <zenden2k@gmail.com>
2015-07-17 02:40:16 -04:00
parent 606b29fe0d
commit 172b2beba6
15 changed files with 129 additions and 23 deletions
--- a/src/tool_setopt.h
+++ b/src/tool_setopt.h
@@ -52,6 +52,7 @@ extern const NameValue setopt_nv_CURL_SSLVERSION[];
 extern const NameValue setopt_nv_CURL_TIMECOND[];
 extern const NameValue setopt_nv_CURLFTPSSL_CCC[];
 extern const NameValue setopt_nv_CURLUSESSL[];
+extern const NameValueUnsigned setopt_nv_CURLSSLOPT[];
 extern const NameValue setopt_nv_CURL_NETRC[];
 extern const NameValue setopt_nv_CURLPROTO[];
 extern const NameValueUnsigned setopt_nv_CURLAUTH[];
@@ -63,6 +64,7 @@ extern const NameValueUnsigned setopt_nv_CURLAUTH[];
 #define setopt_nv_CURLOPT_TIMECONDITION setopt_nv_CURL_TIMECOND
 #define setopt_nv_CURLOPT_FTP_SSL_CCC setopt_nv_CURLFTPSSL_CCC
 #define setopt_nv_CURLOPT_USE_SSL setopt_nv_CURLUSESSL
+#define setopt_nv_CURLOPT_SSL_OPTIONS setopt_nv_CURLSSLOPT
 #define setopt_nv_CURLOPT_NETRC setopt_nv_CURL_NETRC
 #define setopt_nv_CURLOPT_PROTOCOLS setopt_nv_CURLPROTO
 #define setopt_nv_CURLOPT_REDIR_PROTOCOLS setopt_nv_CURLPROTO