diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/vtls/cyassl.c | 18 | ||||
| -rw-r--r-- | lib/vtls/cyassl.h | 3 |
2 files changed, 21 insertions, 0 deletions
diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c index 32a4477cb..7a10eba12 100644 --- a/lib/vtls/cyassl.c +++ b/lib/vtls/cyassl.c @@ -201,6 +201,24 @@ cyassl_connect_step1(struct connectdata *conn, data->set.ssl.verifypeer?SSL_VERIFY_PEER:SSL_VERIFY_NONE, NULL); + /* give application a chance to interfere with SSL set up. */ + if(data->set.ssl.fsslctx) { + CURLcode result = CURLE_OK; + result = (*data->set.ssl.fsslctx)(data, conssl->ctx, + data->set.ssl.fsslctxp); + if(result) { + failf(data, "error signaled by ssl ctx callback"); + return result; + } + } +#ifdef NO_FILESYSTEM + else if(data->set.ssl.verifypeer) { + failf(data, "CyaSSL: unable to verify certificate; no certificate", + " authorities registered"); + return CURLE_SSL_CONNECT_ERROR; + } +#endif + /* Let's make an SSL structure */ if(conssl->handle) SSL_free(conssl->handle); diff --git a/lib/vtls/cyassl.h b/lib/vtls/cyassl.h index b492ffa96..ba64ab2ca 100644 --- a/lib/vtls/cyassl.h +++ b/lib/vtls/cyassl.h @@ -46,6 +46,9 @@ int Curl_cyassl_random(struct SessionHandle *data, /* Set the API backend definition to Schannel */ #define CURL_SSL_BACKEND CURLSSLBACKEND_CYASSL +/* this backend suppots CURLOPT_SSL_CTX_FUNCTION */ +#define have_curlssl_ssl_ctx 1 + /* API setup for CyaSSL */ #define curlssl_init Curl_cyassl_init #define curlssl_cleanup() Curl_nop_stmt |