commit 6c8fc1e87e1a0b6b620c62db0666f6495dc6e045
author xf.li <xf.li@mobiletek.cn> Sat Aug 12 00:11:09 2023 -0700
committer xf.li <xf.li@mobiletek.cn> Sat Aug 12 00:11:09 2023 -0700
tree b487841df503656d5c11b676bb6eefc384c9e961
parent 582072f7236d97759b14a1176c2f4abfa74212d9

[Feature][ZXW-88]merge P50 version

Only Configure: No
Affected branch: master
Affected module: unknown
Is it affected on both ZXIC and MTK: only ZXIC
Self-test: Yes
Doc Update: No

Change-Id: I34667719d9e0e7e29e8e4368848601cde0a48408

ap/lib/libcurl/curl-7.86.0/docs/examples/simplessl.c

diff --git a/ap/lib/libcurl/curl-7.86.0/docs/examples/simplessl.c b/ap/lib/libcurl/curl-7.86.0/docs/examples/simplessl.c
new file mode 100755
index 0000000..879672b
--- /dev/null
+++ b/ap/lib/libcurl/curl-7.86.0/docs/examples/simplessl.c
@@ -0,0 +1,143 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ * SPDX-License-Identifier: curl
+ *
+ ***************************************************************************/
+/* <DESC>
+ * Shows HTTPS usage with client certs and optional ssl engine use.
+ * </DESC>
+ */
+#include <stdio.h>
+
+#include <curl/curl.h>
+
+/* some requirements for this to work:
+   1.   set pCertFile to the file with the client certificate
+   2.   if the key is passphrase protected, set pPassphrase to the
+        passphrase you use
+   3.   if you are using a crypto engine:
+   3.1. set a #define USE_ENGINE
+   3.2. set pEngine to the name of the crypto engine you use
+   3.3. set pKeyName to the key identifier you want to use
+   4.   if you do not use a crypto engine:
+   4.1. set pKeyName to the file name of your client key
+   4.2. if the format of the key file is DER, set pKeyType to "DER"
+
+   !! verify of the server certificate is not implemented here !!
+
+   **** This example only works with libcurl 7.9.3 and later! ****
+
+*/
+
+int main(void)
+{
+  CURL *curl;
+  CURLcode res;
+  FILE *headerfile;
+  const char *pPassphrase = NULL;
+
+  static const char *pCertFile = "testcert.pem";
+  static const char *pCACertFile = "cacert.pem";
+  static const char *pHeaderFile = "dumpit";
+
+  const char *pKeyName;
+  const char *pKeyType;
+
+  const char *pEngine;
+
+#ifdef USE_ENGINE
+  pKeyName  = "rsa_test";
+  pKeyType  = "ENG";
+  pEngine   = "chil";            /* for nChiper HSM... */
+#else
+  pKeyName  = "testkey.pem";
+  pKeyType  = "PEM";
+  pEngine   = NULL;
+#endif
+
+  headerfile = fopen(pHeaderFile, "wb");
+
+  curl_global_init(CURL_GLOBAL_DEFAULT);
+
+  curl = curl_easy_init();
+  if(curl) {
+    /* what call to write: */
+    curl_easy_setopt(curl, CURLOPT_URL, "HTTPS://your.favourite.ssl.site");
+    curl_easy_setopt(curl, CURLOPT_HEADERDATA, headerfile);
+
+    do { /* dummy loop, just to break out from */
+      if(pEngine) {
+        /* use crypto engine */
+        if(curl_easy_setopt(curl, CURLOPT_SSLENGINE, pEngine) != CURLE_OK) {
+          /* load the crypto engine */
+          fprintf(stderr, "cannot set crypto engine\n");
+          break;
+        }
+        if(curl_easy_setopt(curl, CURLOPT_SSLENGINE_DEFAULT, 1L) != CURLE_OK) {
+          /* set the crypto engine as default */
+          /* only needed for the first time you load
+             a engine in a curl object... */
+          fprintf(stderr, "cannot set crypto engine as default\n");
+          break;
+        }
+      }
+      /* cert is stored PEM coded in file... */
+      /* since PEM is default, we needn't set it for PEM */
+      curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM");
+
+      /* set the cert for client authentication */
+      curl_easy_setopt(curl, CURLOPT_SSLCERT, pCertFile);
+
+      /* sorry, for engine we must set the passphrase
+         (if the key has one...) */
+      if(pPassphrase)
+        curl_easy_setopt(curl, CURLOPT_KEYPASSWD, pPassphrase);
+
+      /* if we use a key stored in a crypto engine,
+         we must set the key type to "ENG" */
+      curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, pKeyType);
+
+      /* set the private key (file or ID in engine) */
+      curl_easy_setopt(curl, CURLOPT_SSLKEY, pKeyName);
+
+      /* set the file with the certs vaildating the server */
+      curl_easy_setopt(curl, CURLOPT_CAINFO, pCACertFile);
+
+      /* disconnect if we cannot validate server's cert */
+      curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L);
+
+      /* Perform the request, res will get the return code */
+      res = curl_easy_perform(curl);
+      /* Check for errors */
+      if(res != CURLE_OK)
+        fprintf(stderr, "curl_easy_perform() failed: %s\n",
+                curl_easy_strerror(res));
+
+      /* we are done... */
+    } while(0);
+    /* always cleanup */
+    curl_easy_cleanup(curl);
+  }
+
+  curl_global_cleanup();
+
+  return 0;
+}