generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

url: add CURLOPT_SSL_VERIFYSTATUS option

Browse Source 
This option can be used to enable/disable certificate status verification using
the "Certificate Status Request" TLS extension defined in RFC6066 section 8.

This also adds the CURLE_SSL_INVALIDCERTSTATUS error, to be used when the
certificate status verification fails, and the Curl_ssl_cert_status_request()
function, used to check whether the SSL backend supports the status_request
extension.
This commit is contained in:
Alessandro Ghedini
2014-06-16 13:20:47 +02:00
committed by Daniel Stenberg
parent 5e113a18c5
commit 3af90a6e19
8 changed files with 89 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
lib/url.c
View File

@@ -1997,6 +1997,17 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
data->set.ssl.verifyhost = (0 != arg)?TRUE:FALSE;
break;
case CURLOPT_SSL_VERIFYSTATUS:
/*
* Enable certificate status verifying.
*/
if(!Curl_ssl_cert_status_request()) {
result = CURLE_NOT_BUILT_IN;
break;
}
data->set.ssl.verifystatus = (0 != va_arg(param, long))?TRUE:FALSE;
break;
case CURLOPT_SSL_CTX_FUNCTION:
#ifdef have_curlssl_ssl_ctx
/*