- Introducing CURLOPT_CERTINFO and the corresponding CURLINFO_CERTINFO. By

                                  Changelog

Daniel Stenberg (5 Sep 2008)

- Introducing CURLOPT_CERTINFO and the corresponding CURLINFO_CERTINFO. By

  enabling this feature with CURLOPT_CERTINFO for a request using SSL (HTTPS

  or FTPS), libcurl will gather lots of server certificate info and that info

  can then get extracted by a client after the request has completed with

  curl_easy_getinfo()'s CURLINFO_CERTINFO option. Linus Nielsen Feltzing

  helped me test and smoothen out this feature.

  Unfortunately, this feature currently only works with libcurl built to use

  OpenSSL.

  This feature was sponsored by networking4all.com - thanks!

- Dmitriy Sergeyev pointed out that curl_easy_pause() didn't unpause properly

  during certain conditions. I also changed this code to use realloc() based

  on Daniel Fandrich's suggestion.

 Public curl releases:         107

 Command line options:         127

 curl_easy_setopt() options:   153

 curl_easy_setopt() options:   154

 Public functions in libcurl:  58

 Known libcurl bindings:       36

 Contributors:                 672

This release includes the following changes:

 o pkg-config can now show supported_protocols and supported_features

 o Added CURLOPT_CERTINFO and CURLINFO_CERTINFO

This release includes the following bugfixes:

This release would not have looked like this without help, code, reports and

advice from friends like these:

 Keith Mok, Yang Tse, Daniel Fandrich, Guenter Knauf, Dmitriy Sergeyev

 Keith Mok, Yang Tse, Daniel Fandrich, Guenter Knauf, Dmitriy Sergeyev,

 Linus Nielsen Feltzing

        Thanks! (and sorry if I forgot to mention someone)

To be addressed before 7.19.1 (planned release: October/November 2008)

=============================

157 - the CERTINFO patch as posted to:

      http://curl.haxx.se/mail/lib-2008-08/0105.html

158 - Martin Drasar's CURLOPT_POSTREDIR work:

      http://curl.haxx.se/mail/lib-2008-08/0170.html

  https multi-app multi-debugcallback multi-double \

  multi-post multi-single persistant post-callback \

  postit2 sepheaders simple simplepost simplessl \

  sendrecv httpcustomheader

  sendrecv httpcustomheader certinfo

# These examples require external dependencies that may not be commonly

# available on POSIX systems, so don't bother attempting to compile them here.

 ghiper.c hiperfifo.c htmltidy.c multithread.c \

 opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c

/*****************************************************************************

 */

#include <stdio.h>

#include <curl/curl.h>

#include <curl/types.h>

#include <curl/easy.h>

static size_t wrfu(void *ptr,  size_t  size,  size_t  nmemb,  void *stream)

{

  return size * nmemb;

}

int main(int argc, char **argv)

{

  CURL *curl;

  CURLcode res;

  curl_global_init(CURL_GLOBAL_DEFAULT);

  curl = curl_easy_init();

  if(curl) {

    curl_easy_setopt(curl, CURLOPT_URL, "https://www.networking4all.com/");

    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, wrfu);

    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);

    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);

    curl_easy_setopt(curl, CURLOPT_VERBOSE, 0L);

    curl_easy_setopt(curl, CURLOPT_CERTINFO, 1L);

    res = curl_easy_perform(curl);

    if(!res) {

      struct curl_certinfo *ci = NULL;

      res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &ci);

      if(!res && ci) {

        int i;

        printf("%d certs!\n", ci->num_of_certs);

        for(i=0; i<ci->num_of_certs; i++) {

          struct curl_slist *slist;

          for(slist = ci->certinfo[i]; slist; slist = slist->next)

            printf("%s\n", slist->data);

        }

      }

    }

    curl_easy_cleanup(curl);

  }

  curl_global_cleanup();

  return 0;

}