aboutsummaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorAlessandro Ghedini <alessandro@ghedini.me>2014-06-16 13:20:47 +0200
committerDaniel Stenberg <daniel@haxx.se>2015-01-16 23:23:29 +0100
commit3af90a6e19249807f99bc9ee7b50d3e58849072a (patch)
treea8e4e31842fcf4b40dbb283847940ea2e83ee3d4 /include
parent5e113a18c56e0743e377854ab18c79305b2830ea (diff)
url: add CURLOPT_SSL_VERIFYSTATUS option
This option can be used to enable/disable certificate status verification using the "Certificate Status Request" TLS extension defined in RFC6066 section 8. This also adds the CURLE_SSL_INVALIDCERTSTATUS error, to be used when the certificate status verification fails, and the Curl_ssl_cert_status_request() function, used to check whether the SSL backend supports the status_request extension.
Diffstat (limited to 'include')
-rw-r--r--include/curl/curl.h4
1 files changed, 4 insertions, 0 deletions
diff --git a/include/curl/curl.h b/include/curl/curl.h
index e3688872e..0a326d3ba 100644
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@@ -523,6 +523,7 @@ typedef enum {
session will be queued */
CURLE_SSL_PINNEDPUBKEYNOTMATCH, /* 90 - specified pinned public key did not
match */
+ CURLE_SSL_INVALIDCERTSTATUS, /* 91 - invalid certificate status */
CURL_LAST /* never use! */
} CURLcode;
@@ -1622,6 +1623,9 @@ typedef enum {
/* Path to Unix domain socket */
CINIT(UNIX_SOCKET_PATH, OBJECTPOINT, 231),
+ /* Set if we should verify the certificate status. */
+ CINIT(SSL_VERIFYSTATUS, LONG, 232),
+
CURLOPT_LASTENTRY /* the last unused */
} CURLoption;