diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-11-27 23:37:09 +0100 |
---|---|---|
committer | Steve Holme <steve_holme@hotmail.com> | 2013-11-28 07:05:07 +0000 |
commit | 889cb9c9827fd641187f3926b65a47eb72ed93ac (patch) | |
tree | 5992b26433764cc2fcdf3341ca7d828c53e8e82e | |
parent | 26ff1ea6c33fb624793909ca17a6ff57cecca004 (diff) |
sessioninfo.c: Added sample code for CURLINFO_TLS_SESSION
Added a simple example to show how one can use CURLINFO_TLS_SESSION for
obtaining extensive TLS certificate information.
-rw-r--r-- | docs/examples/Makefile.inc | 2 | ||||
-rw-r--r-- | docs/examples/sessioninfo.c | 107 |
2 files changed, 108 insertions, 1 deletions
diff --git a/docs/examples/Makefile.inc b/docs/examples/Makefile.inc index 5d3bcfc1a..6a97bc276 100644 --- a/docs/examples/Makefile.inc +++ b/docs/examples/Makefile.inc @@ -13,4 +13,4 @@ COMPLICATED_EXAMPLES = curlgtk.c curlx.c htmltitle.cpp cacertinmem.c \ ftpuploadresume.c ghiper.c hiperfifo.c htmltidy.c multithread.c \ opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c evhiperfifo.c \ smooth-gtk-thread.c version-check.pl href_extractor.c asiohiper.cpp \ - multi-uv.c xmlstream.c usercertinmem.c + multi-uv.c xmlstream.c usercertinmem.c sessioninfo.c diff --git a/docs/examples/sessioninfo.c b/docs/examples/sessioninfo.c new file mode 100644 index 000000000..ac0cbb158 --- /dev/null +++ b/docs/examples/sessioninfo.c @@ -0,0 +1,107 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at http://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +/* Note that this example currently requires cURL to be linked against + GnuTLS (and this program must also be linked against -lgnutls). */ + +#include <stdio.h> + +#include <curl/curl.h> +#include <gnutls/gnutls.h> + +static CURL *curl; + +static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream) +{ + const struct curl_tlsinfo *tlsinfo; + unsigned int cert_list_size; + const gnutls_datum_t *chainp; + CURLcode res; + + (void)stream; + (void)ptr; + + res = curl_easy_getinfo(curl, CURLINFO_TLS_SESSION, &tlsinfo); + + if(!res) { + switch(tlsinfo->ssl_backend) { + case CURLSSLBACKEND_GNUTLS: + /* tlsinfo->internals is now the gnutls_session_t */ + chainp = gnutls_certificate_get_peers(tlsinfo->internals, + &cert_list_size); + if((chainp) && (cert_list_size)) { + unsigned int i; + + for(i = 0; i < cert_list_size; i++) { + gnutls_x509_crt_t cert; + gnutls_datum_t dn; + + if(GNUTLS_E_SUCCESS == gnutls_x509_crt_init(&cert)) { + if(GNUTLS_E_SUCCESS == + gnutls_x509_crt_import(cert, &chainp[i], + GNUTLS_X509_FMT_DER)) { + if(GNUTLS_E_SUCCESS == + gnutls_x509_crt_print(cert, GNUTLS_CRT_PRINT_FULL, &dn)) { + fprintf(stderr, "Certificate #%d: %.*s", i, dn.size, dn.data); + + gnutls_free(dn.data); + } + } + + gnutls_x509_crt_deinit(cert); + } + } + } + break; + case CURLSSLBACKEND_NONE: + default: + break; + } + } + + return size * nmemb; +} + +int main(void) +{ + curl_global_init(CURL_GLOBAL_DEFAULT); + + curl = curl_easy_init(); + if(curl) { + curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); + + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, wrfu); + + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); + + curl_easy_setopt(curl, CURLOPT_VERBOSE, 0L); + + (void) curl_easy_perform(curl); + + curl_easy_cleanup(curl); + } + + curl_global_cleanup(); + + return 0; +} |