diff options
| author | Jay Satiro <raysatiro@yahoo.com> | 2016-02-23 19:03:03 -0500 |
|---|---|---|
| committer | Jay Satiro <raysatiro@yahoo.com> | 2016-02-23 19:03:03 -0500 |
| commit | 332414a30e82caa8fbc6cd76903f286736594052 (patch) | |
| tree | 9f74485828cace029cf9af1183709c6094ca74ac /lib/getinfo.c | |
| parent | 3438ce7f468e837f98f51b798da15ff0a836cf43 (diff) | |
getinfo: CURLINFO_TLS_SSL_PTR supersedes CURLINFO_TLS_SESSION
The two options are almost the same, except in the case of OpenSSL:
CURLINFO_TLS_SESSION OpenSSL session internals is SSL_CTX *.
CURLINFO_TLS_SSL_PTR OpenSSL session internals is SSL *.
For backwards compatibility we couldn't modify CURLINFO_TLS_SESSION to
return an SSL pointer for OpenSSL.
Also, add support for the 'internals' member to point to SSL object for
the other backends axTLS, PolarSSL, Secure Channel, Secure Transport and
wolfSSL.
Bug: https://github.com/curl/curl/issues/234
Reported-by: dkjjr89@users.noreply.github.com
Bug: https://curl.haxx.se/mail/lib-2015-09/0127.html
Reported-by: Michael König
Diffstat (limited to 'lib/getinfo.c')
| -rw-r--r-- | lib/getinfo.c | 57 |
1 files changed, 32 insertions, 25 deletions
diff --git a/lib/getinfo.c b/lib/getinfo.c index 0b801fd7e..2508b291f 100644 --- a/lib/getinfo.c +++ b/lib/getinfo.c @@ -281,48 +281,55 @@ static CURLcode getinfo_slist(struct SessionHandle *data, CURLINFO info, *param_slistp = ptr.to_slist; break; case CURLINFO_TLS_SESSION: + case CURLINFO_TLS_SSL_PTR: { struct curl_tlssessioninfo **tsip = (struct curl_tlssessioninfo **) param_slistp; struct curl_tlssessioninfo *tsi = &data->tsi; struct connectdata *conn = data->easy_conn; - unsigned int sockindex = 0; - void *internals = NULL; *tsip = tsi; tsi->backend = Curl_ssl_backend(); tsi->internals = NULL; - if(!conn) - break; - - /* Find the active ("in use") SSL connection, if any */ - while((sockindex < sizeof(conn->ssl) / sizeof(conn->ssl[0])) && - (!conn->ssl[sockindex].use)) - sockindex++; - - if(sockindex == sizeof(conn->ssl) / sizeof(conn->ssl[0])) - break; /* no SSL session found */ - - /* Return the TLS session information from the relevant backend */ -#ifdef USE_OPENSSL - internals = conn->ssl[sockindex].ctx; + if(conn && tsi->backend != CURLSSLBACKEND_NONE) { + unsigned int i; + for(i = 0; i < (sizeof(conn->ssl) / sizeof(conn->ssl[0])); ++i) { + if(conn->ssl[i].use) { +#ifdef USE_AXTLS + tsi->internals = (void *)conn->ssl[i].ssl; +#endif +#ifdef USE_CYASSL + tsi->internals = (void *)conn->ssl[i].handle; +#endif +#ifdef USE_DARWINSSL + tsi->internals = (void *)conn->ssl[i].ssl_ctx; #endif #ifdef USE_GNUTLS - internals = conn->ssl[sockindex].session; + tsi->internals = (void *)conn->ssl[i].session; +#endif +#ifdef USE_GSKIT + tsi->internals = (void *)conn->ssl[i].handle; #endif #ifdef USE_NSS - internals = conn->ssl[sockindex].handle; + tsi->internals = (void *)conn->ssl[i].handle; #endif -#ifdef USE_GSKIT - internals = conn->ssl[sockindex].handle; +#ifdef USE_OPENSSL + /* Legacy: CURLINFO_TLS_SESSION must return an SSL_CTX pointer. */ + tsi->internals = ((info == CURLINFO_TLS_SESSION) ? + (void *)conn->ssl[i].ctx : + (void *)conn->ssl[i].handle); +#endif +#ifdef USE_POLARSSL + tsi->internals = (void *)&conn->ssl[i].ssn; +#endif +#ifdef USE_SCHANNEL + tsi->internals = (void *)&conn->ssl[i].ctxt->ctxt_handle; #endif - if(internals) { - tsi->internals = internals; + break; + } + } } - /* NOTE: For other SSL backends, it is not immediately clear what data - to return from 'struct ssl_connect_data'; thus we keep 'internals' to - NULL which should be interpreted as "not supported" */ } break; default: |