CURLOPT_DOH_SSL_VERIFYSTATUS.md (1689B)
1 --- 2 c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 3 SPDX-License-Identifier: curl 4 Title: CURLOPT_DOH_SSL_VERIFYSTATUS 5 Section: 3 6 Source: libcurl 7 See-also: 8 - CURLOPT_DOH_SSL_VERIFYHOST (3) 9 - CURLOPT_DOH_SSL_VERIFYPEER (3) 10 - CURLOPT_SSL_VERIFYSTATUS (3) 11 Protocol: 12 - TLS 13 TLS-backend: 14 - OpenSSL 15 - GnuTLS 16 Added-in: 7.76.0 17 --- 18 19 # NAME 20 21 CURLOPT_DOH_SSL_VERIFYSTATUS - verify the DoH SSL certificate's status 22 23 # SYNOPSIS 24 25 ~~~c 26 #include <curl/curl.h> 27 28 CURLcode curl_easy_setopt(CURL *handle, CURLOPT_DOH_SSL_VERIFYSTATUS, 29 long verify); 30 ~~~ 31 32 # DESCRIPTION 33 34 Pass a long as parameter set to 1 to enable or 0 to disable. 35 36 This option determines whether libcurl verifies the status of the DoH 37 (DNS-over-HTTPS) server cert using the "Certificate Status Request" TLS 38 extension (aka. OCSP stapling). 39 40 This option is the DoH equivalent of CURLOPT_SSL_VERIFYSTATUS(3) and 41 only affects requests to the DoH server. 42 43 If this option is enabled and the server does not support the TLS extension, 44 the verification fails. 45 46 # DEFAULT 47 48 0 49 50 # %PROTOCOLS% 51 52 # EXAMPLE 53 54 ~~~c 55 int main(void) 56 { 57 CURL *curl = curl_easy_init(); 58 if(curl) { 59 curl_easy_setopt(curl, CURLOPT_URL, "https://example.com"); 60 61 curl_easy_setopt(curl, CURLOPT_DOH_URL, 62 "https://cloudflare-dns.com/dns-query"); 63 64 /* Ask for OCSP stapling when verifying the DoH server */ 65 curl_easy_setopt(curl, CURLOPT_DOH_SSL_VERIFYSTATUS, 1L); 66 67 curl_easy_perform(curl); 68 } 69 } 70 ~~~ 71 72 # %AVAILABILITY% 73 74 # RETURN VALUE 75 76 curl_easy_setopt(3) returns a CURLcode indicating success or error. 77 78 CURLE_OK (0) means everything was OK, non-zero means an error occurred, see 79 libcurl-errors(3).