Commit dc68120e authored by Steve Holme's avatar Steve Holme
Browse files

curl_easy_getinfo: Post CURLINFO_TLS_SESSION tidy up 

1) Renamed curl_tlsinfo to curl_tlssessioninfo as discussed on the
mailing list.
2) Renamed curl_ssl_backend to curl_sslbackend so it doesn't follow our
function naming convention.
3) Updated sessioninfo.c example accordingly.
parent 0db811b6

docs/examples/sessioninfo.c

+6 −8
Original line number Diff line number Diff line
@@ -32,7 +32,7 @@ static CURL *curl; 


static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream)

{

  const struct curl_tlsinfo *tlsinfo;

  const struct curl_tlssessioninfo *info;

  unsigned int cert_list_size;

  const gnutls_datum_t *chainp;

  CURLcode res;
@@ -40,14 +40,13 @@ static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream) 
  (void)stream;

  (void)ptr;



  res = curl_easy_getinfo(curl, CURLINFO_TLS_SESSION, &tlsinfo);

  res = curl_easy_getinfo(curl, CURLINFO_TLS_SESSION, &info);



  if(!res) {

    switch(tlsinfo->ssl_backend) {

    switch(info->backend) {

    case CURLSSLBACKEND_GNUTLS:

      /* tlsinfo->internals is now the gnutls_session_t */

      chainp = gnutls_certificate_get_peers(tlsinfo->internals,

                                            &cert_list_size);

      /* info->internals is now the gnutls_session_t */

      chainp = gnutls_certificate_get_peers(info->internals, &cert_list_size);

      if((chainp) && (cert_list_size)) {

        unsigned int i;
@@ -57,8 +56,7 @@ static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream) 


          if(GNUTLS_E_SUCCESS == gnutls_x509_crt_init(&cert)) {

            if(GNUTLS_E_SUCCESS ==

               gnutls_x509_crt_import(cert, &chainp[i],

                                      GNUTLS_X509_FMT_DER)) {

               gnutls_x509_crt_import(cert, &chainp[i], GNUTLS_X509_FMT_DER)) {

              if(GNUTLS_E_SUCCESS ==

                 gnutls_x509_crt_print(cert, GNUTLS_CRT_PRINT_FULL, &dn)) {

                fprintf(stderr, "Certificate #%d: %.*s", i, dn.size, dn.data);

include/curl/curl.h

+3 −3
Original line number Diff line number Diff line
@@ -1997,13 +1997,13 @@ typedef enum { 
  CURLSSLBACKEND_CYASSL = 7,

  CURLSSLBACKEND_SCHANNEL = 8,

  CURLSSLBACKEND_DARWINSSL = 9

} curl_ssl_backend;

} curl_sslbackend;



/* Information about the SSL library used and the respective internal SSL

   handle, which can be used to obtain further information regarding the

   connection. Asked for with CURLINFO_TLS_SESSION. */

struct curl_tlsinfo {

  curl_ssl_backend ssl_backend;

struct curl_tlssessioninfo {

  curl_sslbackend backend;

  void *internals;

};

lib/getinfo.c

+16 −15
Original line number Diff line number Diff line
@@ -279,14 +279,15 @@ static CURLcode getinfo_slist(struct SessionHandle *data, CURLINFO info, 
    break;

  case CURLINFO_TLS_SESSION:

    {

      struct curl_tlsinfo **tlsinfop = (struct curl_tlsinfo **) param_slistp;

      struct curl_tlsinfo *tlsinfo = &data->tlsinfo;

      struct curl_tlssessioninfo **tsip = (struct curl_tlssessioninfo **)

                                          param_slistp;

      struct curl_tlssessioninfo *tsi = &data->tsi;

      struct connectdata *conn = data->easy_conn;

      unsigned int sockindex = 0;



      *tlsinfop = tlsinfo;

      tlsinfo->ssl_backend = CURLSSLBACKEND_NONE;

      tlsinfo->internals = NULL;

      *tsip = tsi;

      tsi->backend = CURLSSLBACKEND_NONE;

      tsi->internals = NULL;



      if(!conn)

        break;
@@ -301,24 +302,24 @@ static CURLcode getinfo_slist(struct SessionHandle *data, CURLINFO info, 


      /* Return the TLS session information from the relevant backend */

#ifdef USE_SSLEAY

      tlsinfo->ssl_backend = CURLSSLBACKEND_OPENSSL;

      tlsinfo->internals = conn->ssl[sockindex].ctx;

      tsi->backend = CURLSSLBACKEND_OPENSSL;

      tsi->internals = conn->ssl[sockindex].ctx;

#endif

#ifdef USE_GNUTLS

      tlsinfo->ssl_backend = CURLSSLBACKEND_GNUTLS;

      tlsinfo->internals = conn->ssl[sockindex].session;

      tsi->backend = CURLSSLBACKEND_GNUTLS;

      tsi->internals = conn->ssl[sockindex].session;

#endif

#ifdef USE_NSS

      tlsinfo->ssl_backend = CURLSSLBACKEND_NSS;

      tlsinfo->internals = conn->ssl[sockindex].handle;

      tsi->backend = CURLSSLBACKEND_NSS;

      tsi->internals = conn->ssl[sockindex].handle;

#endif

#ifdef USE_QSOSSL

      tlsinfo->ssl_backend = CURLSSLBACKEND_QSOSSL;

      tlsinfo->internals = conn->ssl[sockindex].handle;

      tsi->backend = CURLSSLBACKEND_QSOSSL;

      tsi->internals = conn->ssl[sockindex].handle;

#endif

#ifdef USE_GSKIT

      tlsinfo->ssl_backend = CURLSSLBACKEND_GSKIT;

      tlsinfo->internals = conn->ssl[sockindex].handle;

      tsi->backend = CURLSSLBACKEND_GSKIT;

      tsi->internals = conn->ssl[sockindex].handle;

#endif

      /* NOTE: For other SSL backends, it is not immediately clear what data

         to return from 'struct ssl_connect_data'; thus, for now we keep the

lib/urldata.h

+2 −2
Original line number Diff line number Diff line
@@ -1637,7 +1637,7 @@ struct SessionHandle { 
                                  other dynamic purposes */

  struct WildcardData wildcard; /* wildcard download state info */

  struct PureInfo info;        /* stats, reports and info data */

  struct curl_tlsinfo tlsinfo; /* Information about the TLS session, only

  struct curl_tlssessioninfo tsi; /* Information about the TLS session, only

                                     valid after a client has asked for it */

#if defined(CURL_DOES_CONVERSIONS) && defined(HAVE_ICONV)

  iconv_t outbound_cd;         /* for translating to the network encoding */