gtls: implement CURLOPT_CERTINFO

.\" *                            | (__| |_| |  _ <| |___

.\" *                             \___|\___/|_| \_\_____|

.\" *

.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.

.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.

.\" *

.\" * This software is licensed as described in the file COPYING, which

.\" * you should have received as part of this distribution. The terms

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CERTINFO, long certinfo);

.SH DESCRIPTION

Pass a long set to 1 to enable libcurl's certificate chain info gatherer. With

this enabled, libcurl (if built with OpenSSL, NSS or GSKit) will

extract lots of information and data about the certificates in the certificate

chain used in the SSL connection. This data may then be retrieved after a

transfer using \fIcurl_easy_getinfo(3)\fP and its option

\fICURLINFO_CERTINFO\fP.

this enabled, libcurl will extract lots of information and data about the

certificates in the certificate chain used in the SSL connection. This data may

then be retrieved after a transfer using \fIcurl_easy_getinfo(3)\fP and its

option \fICURLINFO_CERTINFO\fP.

.SH DEFAULT

0

.SH PROTOCOLS

.SH EXAMPLE

TODO

.SH AVAILABILITY

Added in 7.19.1

This option is supported by the OpenSSL, GnuTLS, NSS and GSKit backends.

.SH RETURN VALUE

Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.

.SH "SEE ALSO"

#include "select.h"

#include "rawstr.h"

#include "warnless.h"

#include "x509asn1.h"

#include "curl_printf.h"

#include "curl_memory.h"

/* The last #include file should be: */

    infof(data, "\t common name: WARNING couldn't obtain\n");

  }

  if(data->set.ssl.certinfo) {

    unsigned int i;

    result = Curl_ssl_init_certinfo(data, cert_list_size);

    if(result)

      return result;

    for(i = 0; i < cert_list_size; i++) {

      const char *beg = (const char *) chainp[i].data;

      const char *end = beg + chainp[i].size;

      result = Curl_extract_certinfo(conn, i, beg, end);

      if(result)

        return result;

    }

  }

  if(data->set.ssl.verifypeer) {

    /* This function will try to verify the peer's certificate and return its

       status (trusted, invalid etc.). The value of status should be one or

/* this backend supports the CAPATH option */

#define have_curlssl_ca_path 1

/* this backend supports CURLOPT_CERTINFO */

#define have_curlssl_certinfo 1

/* API setup for GnuTLS */

#define curlssl_init Curl_gtls_init

#define curlssl_cleanup Curl_gtls_cleanup

#include "curl_setup.h"

#if defined(USE_GSKIT) || defined(USE_NSS)

#if defined(USE_GSKIT) || defined(USE_NSS) || defined(USE_GNUTLS)

#include <curl/curl.h>

#include "urldata.h"

}

static const char * bit2str(const char * beg, const char * end)

{

  /* Convert an ASN.1 bit string to a printable string.

     Return the dynamically allocated string, or NULL if an error occurs. */

  return CURLE_OK;

}

#endif /* USE_GSKIT or USE_NSS */

#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS */

#if defined(USE_GSKIT)

 *                            | (__| |_| |  _ <| |___

 *                             \___|\___/|_| \_\_____|

 *

 * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.

 * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.

 *

 * This software is licensed as described in the file COPYING, which

 * you should have received as part of this distribution. The terms

#include "curl_setup.h"

#if defined(USE_GSKIT) || defined(USE_NSS)

#if defined(USE_GSKIT) || defined(USE_NSS) || defined(USE_GNUTLS)

#include "urldata.h"

CURLcode Curl_verifyhost(struct connectdata * conn,

                         const char * beg, const char * end);

#endif /* USE_GSKIT or USE_NSS */

#endif /* USE_GSKIT or USE_NSS or  USE_GNUTLS */

#endif /* HEADER_CURL_X509ASN1_H */