1*6236dae4SAndroid Build Coastguard Worker--- 2*6236dae4SAndroid Build Coastguard Workerc: Copyright (C) Daniel Stenberg, <[email protected]>, et al. 3*6236dae4SAndroid Build Coastguard WorkerSPDX-License-Identifier: curl 4*6236dae4SAndroid Build Coastguard WorkerTitle: curl_global_sslset 5*6236dae4SAndroid Build Coastguard WorkerSection: 3 6*6236dae4SAndroid Build Coastguard WorkerSource: libcurl 7*6236dae4SAndroid Build Coastguard WorkerSee-also: 8*6236dae4SAndroid Build Coastguard Worker - curl_global_init (3) 9*6236dae4SAndroid Build Coastguard Worker - libcurl (3) 10*6236dae4SAndroid Build Coastguard WorkerProtocol: 11*6236dae4SAndroid Build Coastguard Worker - All 12*6236dae4SAndroid Build Coastguard WorkerAdded-in: 7.56.0 13*6236dae4SAndroid Build Coastguard Worker--- 14*6236dae4SAndroid Build Coastguard Worker 15*6236dae4SAndroid Build Coastguard Worker# NAME 16*6236dae4SAndroid Build Coastguard Worker 17*6236dae4SAndroid Build Coastguard Workercurl_global_sslset - select SSL backend to use 18*6236dae4SAndroid Build Coastguard Worker 19*6236dae4SAndroid Build Coastguard Worker# SYNOPSIS 20*6236dae4SAndroid Build Coastguard Worker 21*6236dae4SAndroid Build Coastguard Worker~~~c 22*6236dae4SAndroid Build Coastguard Worker#include <curl/curl.h> 23*6236dae4SAndroid Build Coastguard Worker 24*6236dae4SAndroid Build Coastguard WorkerCURLsslset curl_global_sslset(curl_sslbackend id, 25*6236dae4SAndroid Build Coastguard Worker const char *name, 26*6236dae4SAndroid Build Coastguard Worker const curl_ssl_backend ***avail); 27*6236dae4SAndroid Build Coastguard Worker~~~ 28*6236dae4SAndroid Build Coastguard Worker 29*6236dae4SAndroid Build Coastguard Worker# DESCRIPTION 30*6236dae4SAndroid Build Coastguard Worker 31*6236dae4SAndroid Build Coastguard WorkerThis function configures at runtime which SSL backend to use with 32*6236dae4SAndroid Build Coastguard Workerlibcurl. This function can only be used to select an SSL backend once, and it 33*6236dae4SAndroid Build Coastguard Workermust be called **before** curl_global_init(3). 34*6236dae4SAndroid Build Coastguard Worker 35*6236dae4SAndroid Build Coastguard WorkerThe backend can be identified by the *id* 36*6236dae4SAndroid Build Coastguard Worker(e.g. **CURLSSLBACKEND_OPENSSL**). The backend can also be specified via the 37*6236dae4SAndroid Build Coastguard Worker*name* parameter for a case insensitive match (passing 38*6236dae4SAndroid Build Coastguard Worker**CURLSSLBACKEND_NONE** as *id*). If both *id* and *name* are 39*6236dae4SAndroid Build Coastguard Workerspecified, the *name* is ignored. 40*6236dae4SAndroid Build Coastguard Worker 41*6236dae4SAndroid Build Coastguard WorkerIf neither *id* nor *name* are specified, the function fails with 42*6236dae4SAndroid Build Coastguard Worker**CURLSSLSET_UNKNOWN_BACKEND** and set the *avail* pointer to the 43*6236dae4SAndroid Build Coastguard WorkerNULL-terminated list of available backends. The available backends are those 44*6236dae4SAndroid Build Coastguard Workerthat this particular build of libcurl supports. 45*6236dae4SAndroid Build Coastguard Worker 46*6236dae4SAndroid Build Coastguard WorkerSince libcurl 7.60.0, the *avail* pointer is always set to the list of 47*6236dae4SAndroid Build Coastguard Workeralternatives if non-NULL. 48*6236dae4SAndroid Build Coastguard Worker 49*6236dae4SAndroid Build Coastguard WorkerUpon success, the function returns **CURLSSLSET_OK**. 50*6236dae4SAndroid Build Coastguard Worker 51*6236dae4SAndroid Build Coastguard WorkerIf the specified SSL backend is not available, the function returns 52*6236dae4SAndroid Build Coastguard Worker**CURLSSLSET_UNKNOWN_BACKEND** and sets the *avail* pointer to a 53*6236dae4SAndroid Build Coastguard WorkerNULL-terminated list of available SSL backends. In this case, you may call the 54*6236dae4SAndroid Build Coastguard Workerfunction again to try to select a different backend. 55*6236dae4SAndroid Build Coastguard Worker 56*6236dae4SAndroid Build Coastguard WorkerThe SSL backend can be set only once. If it has already been set, a subsequent 57*6236dae4SAndroid Build Coastguard Workerattempt to change it results in a **CURLSSLSET_TOO_LATE** getting returned. 58*6236dae4SAndroid Build Coastguard Worker 59*6236dae4SAndroid Build Coastguard WorkerThis function is thread-safe since libcurl 7.84.0 if 60*6236dae4SAndroid Build Coastguard Workercurl_version_info(3) has the CURL_VERSION_THREADSAFE feature bit set 61*6236dae4SAndroid Build Coastguard Worker(most platforms). 62*6236dae4SAndroid Build Coastguard Worker 63*6236dae4SAndroid Build Coastguard WorkerIf this is not thread-safe, you must not call this function when any other 64*6236dae4SAndroid Build Coastguard Workerthread in the program (i.e. a thread sharing the same memory) is running. 65*6236dae4SAndroid Build Coastguard WorkerThis does not just mean no other thread that is using libcurl. 66*6236dae4SAndroid Build Coastguard Worker 67*6236dae4SAndroid Build Coastguard Worker# OpenSSL 68*6236dae4SAndroid Build Coastguard Worker 69*6236dae4SAndroid Build Coastguard WorkerThe name "OpenSSL" is used for all versions of OpenSSL and its associated 70*6236dae4SAndroid Build Coastguard Workerforks/flavors in this function. OpenSSL, BoringSSL, LibreSSL, quictls and 71*6236dae4SAndroid Build Coastguard WorkerAmiSSL are all supported by libcurl, but in the eyes of 72*6236dae4SAndroid Build Coastguard Workercurl_global_sslset(3) they are all just "OpenSSL". They all mostly 73*6236dae4SAndroid Build Coastguard Workerprovide the same API. 74*6236dae4SAndroid Build Coastguard Worker 75*6236dae4SAndroid Build Coastguard Workercurl_version_info(3) can return more specific info about the exact 76*6236dae4SAndroid Build Coastguard WorkerOpenSSL flavor and version number is use. 77*6236dae4SAndroid Build Coastguard Worker 78*6236dae4SAndroid Build Coastguard Worker# struct 79*6236dae4SAndroid Build Coastguard Worker 80*6236dae4SAndroid Build Coastguard Worker~~~c 81*6236dae4SAndroid Build Coastguard Workertypedef struct { 82*6236dae4SAndroid Build Coastguard Worker curl_sslbackend id; 83*6236dae4SAndroid Build Coastguard Worker const char *name; 84*6236dae4SAndroid Build Coastguard Worker} curl_ssl_backend; 85*6236dae4SAndroid Build Coastguard Worker 86*6236dae4SAndroid Build Coastguard Workertypedef enum { 87*6236dae4SAndroid Build Coastguard Worker CURLSSLBACKEND_NONE = 0, 88*6236dae4SAndroid Build Coastguard Worker CURLSSLBACKEND_OPENSSL = 1, /* or one of its forks */ 89*6236dae4SAndroid Build Coastguard Worker CURLSSLBACKEND_GNUTLS = 2, 90*6236dae4SAndroid Build Coastguard Worker CURLSSLBACKEND_NSS = 3, 91*6236dae4SAndroid Build Coastguard Worker CURLSSLBACKEND_GSKIT = 5, /* deprecated */ 92*6236dae4SAndroid Build Coastguard Worker CURLSSLBACKEND_POLARSSL = 6, /* deprecated */ 93*6236dae4SAndroid Build Coastguard Worker CURLSSLBACKEND_WOLFSSL = 7, 94*6236dae4SAndroid Build Coastguard Worker CURLSSLBACKEND_SCHANNEL = 8, 95*6236dae4SAndroid Build Coastguard Worker CURLSSLBACKEND_SECURETRANSPORT = 9, 96*6236dae4SAndroid Build Coastguard Worker CURLSSLBACKEND_AXTLS = 10, /* deprecated */ 97*6236dae4SAndroid Build Coastguard Worker CURLSSLBACKEND_MBEDTLS = 11, 98*6236dae4SAndroid Build Coastguard Worker CURLSSLBACKEND_MESALINK = 12, /* deprecated */ 99*6236dae4SAndroid Build Coastguard Worker CURLSSLBACKEND_BEARSSL = 13, 100*6236dae4SAndroid Build Coastguard Worker CURLSSLBACKEND_RUSTLS = 14 101*6236dae4SAndroid Build Coastguard Worker} curl_sslbackend; 102*6236dae4SAndroid Build Coastguard Worker~~~ 103*6236dae4SAndroid Build Coastguard Worker 104*6236dae4SAndroid Build Coastguard Worker# %PROTOCOLS% 105*6236dae4SAndroid Build Coastguard Worker 106*6236dae4SAndroid Build Coastguard Worker# EXAMPLE 107*6236dae4SAndroid Build Coastguard Worker 108*6236dae4SAndroid Build Coastguard Worker~~~c 109*6236dae4SAndroid Build Coastguard Workerint main(void) 110*6236dae4SAndroid Build Coastguard Worker{ 111*6236dae4SAndroid Build Coastguard Worker int i; 112*6236dae4SAndroid Build Coastguard Worker /* choose a specific backend */ 113*6236dae4SAndroid Build Coastguard Worker curl_global_sslset(CURLSSLBACKEND_WOLFSSL, NULL, NULL); 114*6236dae4SAndroid Build Coastguard Worker 115*6236dae4SAndroid Build Coastguard Worker /* list the available ones */ 116*6236dae4SAndroid Build Coastguard Worker const curl_ssl_backend **list; 117*6236dae4SAndroid Build Coastguard Worker curl_global_sslset(CURLSSLBACKEND_NONE, NULL, &list); 118*6236dae4SAndroid Build Coastguard Worker 119*6236dae4SAndroid Build Coastguard Worker for(i = 0; list[i]; i++) 120*6236dae4SAndroid Build Coastguard Worker printf("SSL backend #%d: '%s' (ID: %d)\n", 121*6236dae4SAndroid Build Coastguard Worker i, list[i]->name, list[i]->id); 122*6236dae4SAndroid Build Coastguard Worker} 123*6236dae4SAndroid Build Coastguard Worker~~~ 124*6236dae4SAndroid Build Coastguard Worker 125*6236dae4SAndroid Build Coastguard Worker# %AVAILABILITY% 126*6236dae4SAndroid Build Coastguard Worker 127*6236dae4SAndroid Build Coastguard Worker# RETURN VALUE 128*6236dae4SAndroid Build Coastguard Worker 129*6236dae4SAndroid Build Coastguard WorkerIf this function returns *CURLSSLSET_OK*, the backend was successfully 130*6236dae4SAndroid Build Coastguard Workerselected. 131*6236dae4SAndroid Build Coastguard Worker 132*6236dae4SAndroid Build Coastguard WorkerIf the chosen backend is unknown (or support for the chosen backend has not 133*6236dae4SAndroid Build Coastguard Workerbeen compiled into libcurl), the function returns 134*6236dae4SAndroid Build Coastguard Worker*CURLSSLSET_UNKNOWN_BACKEND*. 135*6236dae4SAndroid Build Coastguard Worker 136*6236dae4SAndroid Build Coastguard WorkerIf the backend had been configured previously, or if curl_global_init(3) 137*6236dae4SAndroid Build Coastguard Workerhas already been called, the function returns *CURLSSLSET_TOO_LATE*. 138*6236dae4SAndroid Build Coastguard Worker 139*6236dae4SAndroid Build Coastguard WorkerIf this libcurl was built completely without SSL support, with no backends at 140*6236dae4SAndroid Build Coastguard Workerall, this function returns *CURLSSLSET_NO_BACKENDS*. 141