Mercurial > hgrepos > Python2 > PyMuPDF
comparison mupdf-source/thirdparty/curl/docs/examples/simplessl.c @ 2:b50eed0cc0ef upstream
ADD: MuPDF v1.26.7: the MuPDF source as downloaded by a default build of PyMuPDF 1.26.4.
The directory name has changed: no version number in the expanded directory now.
| author | Franz Glasner <fzglas.hg@dom66.de> |
|---|---|
| date | Mon, 15 Sep 2025 11:43:07 +0200 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| 1:1d09e1dec1d9 | 2:b50eed0cc0ef |
|---|---|
| 1 /*************************************************************************** | |
| 2 * _ _ ____ _ | |
| 3 * Project ___| | | | _ \| | | |
| 4 * / __| | | | |_) | | | |
| 5 * | (__| |_| | _ <| |___ | |
| 6 * \___|\___/|_| \_\_____| | |
| 7 * | |
| 8 * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. | |
| 9 * | |
| 10 * This software is licensed as described in the file COPYING, which | |
| 11 * you should have received as part of this distribution. The terms | |
| 12 * are also available at https://curl.haxx.se/docs/copyright.html. | |
| 13 * | |
| 14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell | |
| 15 * copies of the Software, and permit persons to whom the Software is | |
| 16 * furnished to do so, under the terms of the COPYING file. | |
| 17 * | |
| 18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY | |
| 19 * KIND, either express or implied. | |
| 20 * | |
| 21 ***************************************************************************/ | |
| 22 /* <DESC> | |
| 23 * Shows HTTPS usage with client certs and optional ssl engine use. | |
| 24 * </DESC> | |
| 25 */ | |
| 26 #include <stdio.h> | |
| 27 | |
| 28 #include <curl/curl.h> | |
| 29 | |
| 30 /* some requirements for this to work: | |
| 31 1. set pCertFile to the file with the client certificate | |
| 32 2. if the key is passphrase protected, set pPassphrase to the | |
| 33 passphrase you use | |
| 34 3. if you are using a crypto engine: | |
| 35 3.1. set a #define USE_ENGINE | |
| 36 3.2. set pEngine to the name of the crypto engine you use | |
| 37 3.3. set pKeyName to the key identifier you want to use | |
| 38 4. if you don't use a crypto engine: | |
| 39 4.1. set pKeyName to the file name of your client key | |
| 40 4.2. if the format of the key file is DER, set pKeyType to "DER" | |
| 41 | |
| 42 !! verify of the server certificate is not implemented here !! | |
| 43 | |
| 44 **** This example only works with libcurl 7.9.3 and later! **** | |
| 45 | |
| 46 */ | |
| 47 | |
| 48 int main(void) | |
| 49 { | |
| 50 CURL *curl; | |
| 51 CURLcode res; | |
| 52 FILE *headerfile; | |
| 53 const char *pPassphrase = NULL; | |
| 54 | |
| 55 static const char *pCertFile = "testcert.pem"; | |
| 56 static const char *pCACertFile = "cacert.pem"; | |
| 57 static const char *pHeaderFile = "dumpit"; | |
| 58 | |
| 59 const char *pKeyName; | |
| 60 const char *pKeyType; | |
| 61 | |
| 62 const char *pEngine; | |
| 63 | |
| 64 #ifdef USE_ENGINE | |
| 65 pKeyName = "rsa_test"; | |
| 66 pKeyType = "ENG"; | |
| 67 pEngine = "chil"; /* for nChiper HSM... */ | |
| 68 #else | |
| 69 pKeyName = "testkey.pem"; | |
| 70 pKeyType = "PEM"; | |
| 71 pEngine = NULL; | |
| 72 #endif | |
| 73 | |
| 74 headerfile = fopen(pHeaderFile, "wb"); | |
| 75 | |
| 76 curl_global_init(CURL_GLOBAL_DEFAULT); | |
| 77 | |
| 78 curl = curl_easy_init(); | |
| 79 if(curl) { | |
| 80 /* what call to write: */ | |
| 81 curl_easy_setopt(curl, CURLOPT_URL, "HTTPS://your.favourite.ssl.site"); | |
| 82 curl_easy_setopt(curl, CURLOPT_HEADERDATA, headerfile); | |
| 83 | |
| 84 do { /* dummy loop, just to break out from */ | |
| 85 if(pEngine) { | |
| 86 /* use crypto engine */ | |
| 87 if(curl_easy_setopt(curl, CURLOPT_SSLENGINE, pEngine) != CURLE_OK) { | |
| 88 /* load the crypto engine */ | |
| 89 fprintf(stderr, "can't set crypto engine\n"); | |
| 90 break; | |
| 91 } | |
| 92 if(curl_easy_setopt(curl, CURLOPT_SSLENGINE_DEFAULT, 1L) != CURLE_OK) { | |
| 93 /* set the crypto engine as default */ | |
| 94 /* only needed for the first time you load | |
| 95 a engine in a curl object... */ | |
| 96 fprintf(stderr, "can't set crypto engine as default\n"); | |
| 97 break; | |
| 98 } | |
| 99 } | |
| 100 /* cert is stored PEM coded in file... */ | |
| 101 /* since PEM is default, we needn't set it for PEM */ | |
| 102 curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM"); | |
| 103 | |
| 104 /* set the cert for client authentication */ | |
| 105 curl_easy_setopt(curl, CURLOPT_SSLCERT, pCertFile); | |
| 106 | |
| 107 /* sorry, for engine we must set the passphrase | |
| 108 (if the key has one...) */ | |
| 109 if(pPassphrase) | |
| 110 curl_easy_setopt(curl, CURLOPT_KEYPASSWD, pPassphrase); | |
| 111 | |
| 112 /* if we use a key stored in a crypto engine, | |
| 113 we must set the key type to "ENG" */ | |
| 114 curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, pKeyType); | |
| 115 | |
| 116 /* set the private key (file or ID in engine) */ | |
| 117 curl_easy_setopt(curl, CURLOPT_SSLKEY, pKeyName); | |
| 118 | |
| 119 /* set the file with the certs vaildating the server */ | |
| 120 curl_easy_setopt(curl, CURLOPT_CAINFO, pCACertFile); | |
| 121 | |
| 122 /* disconnect if we can't validate server's cert */ | |
| 123 curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L); | |
| 124 | |
| 125 /* Perform the request, res will get the return code */ | |
| 126 res = curl_easy_perform(curl); | |
| 127 /* Check for errors */ | |
| 128 if(res != CURLE_OK) | |
| 129 fprintf(stderr, "curl_easy_perform() failed: %s\n", | |
| 130 curl_easy_strerror(res)); | |
| 131 | |
| 132 /* we are done... */ | |
| 133 } while(0); | |
| 134 /* always cleanup */ | |
| 135 curl_easy_cleanup(curl); | |
| 136 } | |
| 137 | |
| 138 curl_global_cleanup(); | |
| 139 | |
| 140 return 0; | |
| 141 } |