curl-library
[PATCH 2/2] docs/examples/sessioninfo.c: sample code for CURLINFO_TLS_SESSION
From: Christian Grothoff <christian_at_grothoff.org>
Date: Wed, 27 Nov 2013 23:37:09 +0100
Date: Wed, 27 Nov 2013 23:37:09 +0100
Added a simple example for how one can use CURLINFO_TLS_SESSION
to obtain extensive TLS certificate information.
--- docs/examples/Makefile.inc | 3 +- docs/examples/sessioninfo.c | 107 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 109 insertions(+), 1 deletion(-) create mode 100644 docs/examples/sessioninfo.c diff --git a/docs/examples/Makefile.inc b/docs/examples/Makefile.inc index 5d3bcfc..fb628e7 100644 --- a/docs/examples/Makefile.inc +++ b/docs/examples/Makefile.inc @@ -13,4 +13,5 @@ COMPLICATED_EXAMPLES = curlgtk.c curlx.c htmltitle.cpp cacertinmem.c \ ftpuploadresume.c ghiper.c hiperfifo.c htmltidy.c multithread.c \ opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c evhiperfifo.c \ smooth-gtk-thread.c version-check.pl href_extractor.c asiohiper.cpp \ - multi-uv.c xmlstream.c usercertinmem.c + multi-uv.c xmlstream.c usercertinmem.c sessioninfo.c + diff --git a/docs/examples/sessioninfo.c b/docs/examples/sessioninfo.c new file mode 100644 index 0000000..cc517c5 --- /dev/null +++ b/docs/examples/sessioninfo.c @@ -0,0 +1,107 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel_at_haxx.se>, et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at http://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +/* Note that this example currently requires cURL to be linked against + GnuTLS (and this program must also be linked against -lgnutls). */ + +#include <stdio.h> + +#include <curl/curl.h> +#include <gnutls/gnutls.h> + +static CURL *curl; + +static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream) +{ + const struct curl_tlsinfo *tlsinfo; + unsigned int cert_list_size; + const gnutls_datum_t *chainp; + CURLcode res; + + res = curl_easy_getinfo(curl, CURLINFO_TLS_SESSION, &tlsinfo); + + if(!res) { + switch (tlsinfo->ssl_backend) { + case CURLSSLBACKEND_GNUTLS: + /* tlsinfo->internals is now the gnutls_session_t */ + chainp = gnutls_certificate_get_peers (tlsinfo->internals, + &cert_list_size); + if((chainp) && (0 != cert_list_size)) { + unsigned int i; + + for(i=0;i<cert_list_size;i++) { + gnutls_x509_crt_t cert; + gnutls_datum_t dn; + + if (GNUTLS_E_SUCCESS == gnutls_x509_crt_init (&cert)) { + if(GNUTLS_E_SUCCESS == + gnutls_x509_crt_import (cert, &chainp[i], + GNUTLS_X509_FMT_DER)) { + if(GNUTLS_E_SUCCESS == + gnutls_x509_crt_print (cert, + GNUTLS_CRT_PRINT_FULL, + &dn)) { + fprintf (stderr, + "Certificate #%d: %.*s", + i, dn.size, dn.data); + gnutls_free (dn.data); + } + } + gnutls_x509_crt_deinit (cert); + } + } + } + break; + case CURLSSLBACKEND_NONE: + default: + break; + } + } + + (void)stream; + (void)ptr; + return size * nmemb; +} + +int main(void) +{ + curl_global_init(CURL_GLOBAL_DEFAULT); + + curl = curl_easy_init(); + if(curl) { + curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); + + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, wrfu); + + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); + + curl_easy_setopt(curl, CURLOPT_VERBOSE, 0L); + + (void) curl_easy_perform(curl); + curl_easy_cleanup(curl); + } + + curl_global_cleanup(); + + return 0; +} -- 1.7.10.4 --------------020303070707070301020109 Content-Type: text/x-patch; name="0001-curl_easy_getopt-handle-API-violation-gracefully.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename*0="0001-curl_easy_getopt-handle-API-violation-gracefully.patch"Received on 2001-09-17