On Thu, Mar 17, 2016 at 10:33 PM, Ray Satiro via curl-library <[email protected]> wrote: > Yes. If there is any interest that is likely the way to do it.
OK. See below. > You can do it in the progress callback. It's really quite complicated to do > it properly because you have to verify certificate changes. I will make an > example for you. I opened #685 [1] to find a better way, and it looks like > you've already seen that. Yes, I did see that. I'll look for your sample. >> I am willing to make a pull request for >> the CURLOPT_PINNEDPUBLICKEY implementation in SSPI, if >> that is more agreeable. > > That would be fantastic. Great. I will work on both the changes: CURLOPT_SSL_CTX_FUNCTION, the way we discussed it, and CURLOPT_PINNEDPUBLICKEY. I can tell you are luke-wam on SSL_CTX_FUNCTION, but I'd like to submit it anyway. I know what to do for that change, and it'll be nice to move towards parity with the other SSL implementations. Also, I do think there are some useful options in SCHANNEL_CRED for limiting algorithms and cipher strength. Thanks, - Henri Hein ------------------------------------------------------------------- List admin: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
