Peter Sylvester's patch was applied that introduces the following:

CURLOPT_SSL_CTX_FUNCTION to set a callback that gets called with the OpenSSL's ssl_ctx pointer passed in and allow a callback to act on it. If anything but CURLE_OK is returned, that will also be returned by libcurl all the way back. If this function changes the CURLOPT_URL, libcurl will detect this and instead go use the new URL. CURLOPT_SSL_CTX_DATA is a pointer you set to get passed to the callback set with CURLOPT_SSL_CTX_FUNCTION.
author: Daniel Stenberg <daniel@haxx.se> 2003-07-04 16:29:23 +0000
committer: Daniel Stenberg <daniel@haxx.se> 2003-07-04 16:29:23 +0000
commit: 45fc760985fa11ef98149418cbad02dadf748f31 (patch)
tree: 5e9e1c097cac271dd1f0504c2ea844bf57dc56f4 /lib/ssluse.c
parent: 7968e3c2de56b035081f30ddcc9b60be2d75f396 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/lib/ssluse.c b/lib/ssluse.c
index b4af2ba0d..8e8f5eeb2 100644
--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@@ -831,6 +831,15 @@ Curl_SSLConnect(struct connectdata *conn)
   else
     SSL_CTX_set_verify(conn->ssl.ctx, SSL_VERIFY_NONE, cert_verify_callback);
 
+  /* give application a chance to interfere with SSL set up. */
+  if (data->set.ssl.fsslctx) {
+    CURLcode callbackresult = (*data->set.ssl.fsslctx)(data, conn->ssl.ctx,
+                                                       data->set.ssl.fsslctxp);
+    if (callbackresult != CURLE_OK) {
+      failf(data,"error signaled by ssl ctx callback");
+      return callbackresult;
+    }
+  }
 
   /* Lets make an SSL structure */
   conn->ssl.handle = SSL_new (conn->ssl.ctx);
author	Daniel Stenberg <daniel@haxx.se>	2003-07-04 16:29:23 +0000
committer	Daniel Stenberg <daniel@haxx.se>	2003-07-04 16:29:23 +0000
commit	45fc760985fa11ef98149418cbad02dadf748f31 (patch)
tree	5e9e1c097cac271dd1f0504c2ea844bf57dc56f4 /lib/ssluse.c
parent	7968e3c2de56b035081f30ddcc9b60be2d75f396 (diff)