Bug 248165 - [Curl] Use CURLOPT_CAINFO_BLOB to set Certificate Authority bundle
Summary: [Curl] Use CURLOPT_CAINFO_BLOB to set Certificate Authority bundle
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Platform (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2022-11-20 23:19 PST by Kenji Shukuwa
Modified: 2022-11-21 03:57 PST (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Kenji Shukuwa 2022-11-20 23:19:05 PST 
We are currently using the SSL_CTX_load_verify_mem function that is a libressl-specific function to set the Certificate Authority bundle from memory.
However, a similar process can be done with OpenSSL and its forks by using CURLOPT_CAINFO_Blob, which is supported since libcurl 7.77.0.
Comment 1 Kenji Shukuwa 2022-11-20 23:25:39 PST 
Pull request: https://github.com/WebKit/WebKit/pull/6693
Comment 2 EWS 2022-11-21 03:56:58 PST 
Committed 256904@main (a845b7e4ec04): <https://commits.webkit.org/256904@main>

Reviewed commits have been landed. Closing PR #6693 and removing active labels.
Comment 3 Radar WebKit Bug Importer 2022-11-21 03:57:17 PST 
<rdar://problem/102579058>