Commit dc68120e authored by Steve Holme's avatar Steve Holme
Browse files

curl_easy_getinfo: Post CURLINFO_TLS_SESSION tidy up 

1) Renamed curl_tlsinfo to curl_tlssessioninfo as discussed on the
mailing list.
2) Renamed curl_ssl_backend to curl_sslbackend so it doesn't follow our
function naming convention.
3) Updated sessioninfo.c example accordingly.
parent 0db811b6

docs/examples/sessioninfo.c

+6 −8
Original line number Original line Diff line number Diff line
@@ -32,7 +32,7 @@ static CURL *curl; 




static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream)

static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream)

{

{

  const struct curl_tlsinfo *tlsinfo;

  const struct curl_tlssessioninfo *info;

  unsigned int cert_list_size;

  unsigned int cert_list_size;

  const gnutls_datum_t *chainp;

  const gnutls_datum_t *chainp;

  CURLcode res;

  CURLcode res;
@@ -40,14 +40,13 @@ static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream) 
  (void)stream;

  (void)stream;

  (void)ptr;

  (void)ptr;





  res = curl_easy_getinfo(curl, CURLINFO_TLS_SESSION, &tlsinfo);

  res = curl_easy_getinfo(curl, CURLINFO_TLS_SESSION, &info);





  if(!res) {

  if(!res) {

    switch(tlsinfo->ssl_backend) {

    switch(info->backend) {

    case CURLSSLBACKEND_GNUTLS:

    case CURLSSLBACKEND_GNUTLS:

      /* tlsinfo->internals is now the gnutls_session_t */

      /* info->internals is now the gnutls_session_t */

      chainp = gnutls_certificate_get_peers(tlsinfo->internals,

      chainp = gnutls_certificate_get_peers(info->internals, &cert_list_size);

                                            &cert_list_size);

      if((chainp) && (cert_list_size)) {

      if((chainp) && (cert_list_size)) {

        unsigned int i;

        unsigned int i;
@@ -57,8 +56,7 @@ static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream) 




          if(GNUTLS_E_SUCCESS == gnutls_x509_crt_init(&cert)) {

          if(GNUTLS_E_SUCCESS == gnutls_x509_crt_init(&cert)) {

            if(GNUTLS_E_SUCCESS ==

            if(GNUTLS_E_SUCCESS ==

               gnutls_x509_crt_import(cert, &chainp[i],

               gnutls_x509_crt_import(cert, &chainp[i], GNUTLS_X509_FMT_DER)) {

                                      GNUTLS_X509_FMT_DER)) {

              if(GNUTLS_E_SUCCESS ==

              if(GNUTLS_E_SUCCESS ==

                 gnutls_x509_crt_print(cert, GNUTLS_CRT_PRINT_FULL, &dn)) {

                 gnutls_x509_crt_print(cert, GNUTLS_CRT_PRINT_FULL, &dn)) {

                fprintf(stderr, "Certificate #%d: %.*s", i, dn.size, dn.data);

                fprintf(stderr, "Certificate #%d: %.*s", i, dn.size, dn.data);

include/curl/curl.h

+3 −3
Original line number Original line Diff line number Diff line
@@ -1997,13 +1997,13 @@ typedef enum { 
  CURLSSLBACKEND_CYASSL = 7,

  CURLSSLBACKEND_CYASSL = 7,

  CURLSSLBACKEND_SCHANNEL = 8,

  CURLSSLBACKEND_SCHANNEL = 8,

  CURLSSLBACKEND_DARWINSSL = 9

  CURLSSLBACKEND_DARWINSSL = 9

} curl_ssl_backend;

} curl_sslbackend;





/* Information about the SSL library used and the respective internal SSL

/* Information about the SSL library used and the respective internal SSL

   handle, which can be used to obtain further information regarding the

   handle, which can be used to obtain further information regarding the

   connection. Asked for with CURLINFO_TLS_SESSION. */

   connection. Asked for with CURLINFO_TLS_SESSION. */

struct curl_tlsinfo {

struct curl_tlssessioninfo {

  curl_ssl_backend ssl_backend;

  curl_sslbackend backend;

  void *internals;

  void *internals;

};

};

lib/getinfo.c

+16 −15
Original line number Original line Diff line number Diff line
@@ -279,14 +279,15 @@ static CURLcode getinfo_slist(struct SessionHandle *data, CURLINFO info, 
    break;

    break;

  case CURLINFO_TLS_SESSION:

  case CURLINFO_TLS_SESSION:

    {

    {

      struct curl_tlsinfo **tlsinfop = (struct curl_tlsinfo **) param_slistp;

      struct curl_tlssessioninfo **tsip = (struct curl_tlssessioninfo **)

      struct curl_tlsinfo *tlsinfo = &data->tlsinfo;

                                          param_slistp;

      struct curl_tlssessioninfo *tsi = &data->tsi;

      struct connectdata *conn = data->easy_conn;

      struct connectdata *conn = data->easy_conn;

      unsigned int sockindex = 0;

      unsigned int sockindex = 0;





      *tlsinfop = tlsinfo;

      *tsip = tsi;

      tlsinfo->ssl_backend = CURLSSLBACKEND_NONE;

      tsi->backend = CURLSSLBACKEND_NONE;

      tlsinfo->internals = NULL;

      tsi->internals = NULL;





      if(!conn)

      if(!conn)

        break;

        break;
@@ -301,24 +302,24 @@ static CURLcode getinfo_slist(struct SessionHandle *data, CURLINFO info, 




      /* Return the TLS session information from the relevant backend */

      /* Return the TLS session information from the relevant backend */

#ifdef USE_SSLEAY

#ifdef USE_SSLEAY

      tlsinfo->ssl_backend = CURLSSLBACKEND_OPENSSL;

      tsi->backend = CURLSSLBACKEND_OPENSSL;

      tlsinfo->internals = conn->ssl[sockindex].ctx;

      tsi->internals = conn->ssl[sockindex].ctx;

#endif

#endif

#ifdef USE_GNUTLS

#ifdef USE_GNUTLS

      tlsinfo->ssl_backend = CURLSSLBACKEND_GNUTLS;

      tsi->backend = CURLSSLBACKEND_GNUTLS;

      tlsinfo->internals = conn->ssl[sockindex].session;

      tsi->internals = conn->ssl[sockindex].session;

#endif

#endif

#ifdef USE_NSS

#ifdef USE_NSS

      tlsinfo->ssl_backend = CURLSSLBACKEND_NSS;

      tsi->backend = CURLSSLBACKEND_NSS;

      tlsinfo->internals = conn->ssl[sockindex].handle;

      tsi->internals = conn->ssl[sockindex].handle;

#endif

#endif

#ifdef USE_QSOSSL

#ifdef USE_QSOSSL

      tlsinfo->ssl_backend = CURLSSLBACKEND_QSOSSL;

      tsi->backend = CURLSSLBACKEND_QSOSSL;

      tlsinfo->internals = conn->ssl[sockindex].handle;

      tsi->internals = conn->ssl[sockindex].handle;

#endif

#endif

#ifdef USE_GSKIT

#ifdef USE_GSKIT

      tlsinfo->ssl_backend = CURLSSLBACKEND_GSKIT;

      tsi->backend = CURLSSLBACKEND_GSKIT;

      tlsinfo->internals = conn->ssl[sockindex].handle;

      tsi->internals = conn->ssl[sockindex].handle;

#endif

#endif

      /* NOTE: For other SSL backends, it is not immediately clear what data

      /* NOTE: For other SSL backends, it is not immediately clear what data

         to return from 'struct ssl_connect_data'; thus, for now we keep the

         to return from 'struct ssl_connect_data'; thus, for now we keep the

lib/urldata.h

+2 −2
Original line number Original line Diff line number Diff line
@@ -1637,7 +1637,7 @@ struct SessionHandle { 
                                  other dynamic purposes */

                                  other dynamic purposes */

  struct WildcardData wildcard; /* wildcard download state info */

  struct WildcardData wildcard; /* wildcard download state info */

  struct PureInfo info;        /* stats, reports and info data */

  struct PureInfo info;        /* stats, reports and info data */

  struct curl_tlsinfo tlsinfo; /* Information about the TLS session, only

  struct curl_tlssessioninfo tsi; /* Information about the TLS session, only

                                     valid after a client has asked for it */

                                     valid after a client has asked for it */

#if defined(CURL_DOES_CONVERSIONS) && defined(HAVE_ICONV)

#if defined(CURL_DOES_CONVERSIONS) && defined(HAVE_ICONV)

  iconv_t outbound_cd;         /* for translating to the network encoding */

  iconv_t outbound_cd;         /* for translating to the network encoding */