* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2013 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
- * are also available at http://curl.haxx.se/docs/copyright.html.
+ * are also available at https://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* KIND, either express or implied.
*
***************************************************************************/
-/* Example using an in memory PEM user certificate and RSA key to retrieve an
- * https page.
- * Written by Ishan SinghLevett, based on Theo Borm's cacertinmem.c.
- * Note that to maintain simplicity this example does not use a CA certificate
+/* <DESC>
+ * Use an in-memory user certificate and RSA key and retrieve an https page.
+ * </DESC>
+ */
+/* Written by Ishan SinghLevett, based on Theo Borm's cacertinmem.c.
+ * Note that to maintain simplicity this example does not use a CA certificate
* for peer verification. However, some form of peer verification
* must be used in real circumstances when a secure connection is required.
*/
static size_t writefunction(void *ptr, size_t size, size_t nmemb, void *stream)
{
- fwrite(ptr,size,nmemb,stream);
- return(nmemb*size);
+ fwrite(ptr, size, nmemb, stream);
+ return (nmemb*size);
}
static CURLcode sslctx_function(CURL *curl, void *sslctx, void *parm)
/* get a BIO */
bio = BIO_new_mem_buf((char *)mypem, -1);
- if (bio == NULL) {
+ if(bio == NULL) {
printf("BIO_new_mem_buf failed\n");
}
* structure that SSL can use
*/
cert = PEM_read_bio_X509(bio, NULL, 0, NULL);
- if (cert == NULL) {
+ if(cert == NULL) {
printf("PEM_read_bio_X509 failed...\n");
}
/*tell SSL to use the X509 certificate*/
ret = SSL_CTX_use_certificate((SSL_CTX*)sslctx, cert);
- if (ret != 1) {
+ if(ret != 1) {
printf("Use certificate failed\n");
}
/*create a bio for the RSA key*/
kbio = BIO_new_mem_buf((char *)mykey, -1);
- if (kbio == NULL) {
+ if(kbio == NULL) {
printf("BIO_new_mem_buf failed\n");
}
/*read the key bio into an RSA object*/
rsa = PEM_read_bio_RSAPrivateKey(kbio, NULL, 0, NULL);
- if (rsa == NULL) {
+ if(rsa == NULL) {
printf("Failed to create key bio\n");
}
/*tell SSL to use the RSA key from memory*/
ret = SSL_CTX_use_RSAPrivateKey((SSL_CTX*)sslctx, rsa);
- if (ret != 1) {
+ if(ret != 1) {
printf("Use Key failed\n");
}
/* free resources that have been allocated by openssl functions */
- if (bio)
+ if(bio)
BIO_free(bio);
- if (kbio)
+ if(kbio)
BIO_free(kbio);
- if (rsa)
+ if(rsa)
RSA_free(rsa);
- if (cert)
+ if(cert)
X509_free(cert);
/* all set to go */
- return CURLE_OK ;
+ return CURLE_OK;
}
int main(void)
rv = curl_global_init(CURL_GLOBAL_ALL);
ch = curl_easy_init();
- rv = curl_easy_setopt(ch,CURLOPT_VERBOSE, 0L);
- rv = curl_easy_setopt(ch,CURLOPT_HEADER, 0L);
- rv = curl_easy_setopt(ch,CURLOPT_NOPROGRESS, 1L);
- rv = curl_easy_setopt(ch,CURLOPT_NOSIGNAL, 1L);
- rv = curl_easy_setopt(ch,CURLOPT_WRITEFUNCTION, *writefunction);
- rv = curl_easy_setopt(ch,CURLOPT_WRITEDATA, stdout);
- rv = curl_easy_setopt(ch,CURLOPT_HEADERFUNCTION, *writefunction);
- rv = curl_easy_setopt(ch,CURLOPT_HEADERDATA, stderr);
- rv = curl_easy_setopt(ch,CURLOPT_SSLCERTTYPE,"PEM");
+ rv = curl_easy_setopt(ch, CURLOPT_VERBOSE, 0L);
+ rv = curl_easy_setopt(ch, CURLOPT_HEADER, 0L);
+ rv = curl_easy_setopt(ch, CURLOPT_NOPROGRESS, 1L);
+ rv = curl_easy_setopt(ch, CURLOPT_NOSIGNAL, 1L);
+ rv = curl_easy_setopt(ch, CURLOPT_WRITEFUNCTION, writefunction);
+ rv = curl_easy_setopt(ch, CURLOPT_WRITEDATA, stdout);
+ rv = curl_easy_setopt(ch, CURLOPT_HEADERFUNCTION, writefunction);
+ rv = curl_easy_setopt(ch, CURLOPT_HEADERDATA, stderr);
+ rv = curl_easy_setopt(ch, CURLOPT_SSLCERTTYPE, "PEM");
/* both VERIFYPEER and VERIFYHOST are set to 0 in this case because there is
no CA certificate*/
- rv = curl_easy_setopt(ch,CURLOPT_SSL_VERIFYPEER, 0L);
- rv = curl_easy_setopt(ch,CURLOPT_SSL_VERIFYHOST, 0L);
+ rv = curl_easy_setopt(ch, CURLOPT_SSL_VERIFYPEER, 0L);
+ rv = curl_easy_setopt(ch, CURLOPT_SSL_VERIFYHOST, 0L);
rv = curl_easy_setopt(ch, CURLOPT_URL, "https://www.example.com/");
rv = curl_easy_setopt(ch, CURLOPT_SSLKEYTYPE, "PEM");
/* first try: retrieve page without user certificate and key -> will fail
*/
rv = curl_easy_perform(ch);
- if (rv==CURLE_OK) {
+ if(rv == CURLE_OK) {
printf("*** transfer succeeded ***\n");
}
else {
* load the certificate and key by installing a function doing the necessary
* "modifications" to the SSL CONTEXT just before link init
*/
- rv = curl_easy_setopt(ch,CURLOPT_SSL_CTX_FUNCTION, *sslctx_function);
+ rv = curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function);
rv = curl_easy_perform(ch);
- if (rv==CURLE_OK) {
+ if(rv == CURLE_OK) {
printf("*** transfer succeeded ***\n");
}
else {
projects / platform / upstream / curl.git / blobdiff