mirror of
https://github.com/curl/curl.git
synced 2025-01-06 13:44:52 +08:00
e3fe020089
Remove the PROTOCOLS section from the source files completely and instead generate them based on the header data in the curldown files. It also generates TLS backend information for options marked for TLS as protocol. Closes #13175
88 lines
2.1 KiB
Markdown
88 lines
2.1 KiB
Markdown
---
|
|
c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
|
|
SPDX-License-Identifier: curl
|
|
Title: CURLOPT_SSLKEY_BLOB
|
|
Section: 3
|
|
Source: libcurl
|
|
See-also:
|
|
- CURLOPT_SSLKEY (3)
|
|
- CURLOPT_SSLKEYTYPE (3)
|
|
Protocol:
|
|
- TLS
|
|
TLS-backend:
|
|
- OpenSSL
|
|
---
|
|
|
|
# NAME
|
|
|
|
CURLOPT_SSLKEY_BLOB - private key for client cert from memory blob
|
|
|
|
# SYNOPSIS
|
|
|
|
~~~c
|
|
#include <curl/curl.h>
|
|
|
|
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLKEY_BLOB,
|
|
struct curl_blob *blob);
|
|
~~~
|
|
|
|
# DESCRIPTION
|
|
|
|
Pass a pointer to a curl_blob structure, which contains information (pointer
|
|
and size) for a private key. Compatible with OpenSSL. The format (like "PEM")
|
|
must be specified with CURLOPT_SSLKEYTYPE(3).
|
|
|
|
If the blob is initialized with the flags member of struct curl_blob set to
|
|
CURL_BLOB_COPY, the application does not have to keep the buffer around after
|
|
setting this.
|
|
|
|
This option is an alternative to CURLOPT_SSLKEY(3) which instead expects a
|
|
filename as input.
|
|
|
|
# DEFAULT
|
|
|
|
NULL
|
|
|
|
# EXAMPLE
|
|
|
|
~~~c
|
|
|
|
extern char *certificateData; /* point to cert */
|
|
extern size_t filesize; /* size of cert */
|
|
|
|
extern char *privateKeyData; /* point to key */
|
|
extern size_t privateKeySize; /* size of key */
|
|
|
|
int main(void)
|
|
{
|
|
CURL *curl = curl_easy_init();
|
|
if(curl) {
|
|
CURLcode res;
|
|
struct curl_blob blob;
|
|
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
|
|
blob.data = certificateData;
|
|
blob.len = filesize;
|
|
blob.flags = CURL_BLOB_COPY;
|
|
curl_easy_setopt(curl, CURLOPT_SSLCERT_BLOB, &blob);
|
|
curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM");
|
|
|
|
blob.data = privateKeyData;
|
|
blob.len = privateKeySize;
|
|
curl_easy_setopt(curl, CURLOPT_SSLKEY_BLOB, &blob);
|
|
curl_easy_setopt(curl, CURLOPT_KEYPASSWD, "s3cret");
|
|
curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, "PEM");
|
|
res = curl_easy_perform(curl);
|
|
curl_easy_cleanup(curl);
|
|
}
|
|
}
|
|
~~~
|
|
|
|
# AVAILABILITY
|
|
|
|
Added in 7.71.0. This option is supported by the OpenSSL backends.
|
|
|
|
# RETURN VALUE
|
|
|
|
Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or
|
|
CURLE_OUT_OF_MEMORY if there was insufficient heap space.
|