gtls: implement CURLOPT_CERTINFO

author: Alessandro Ghedini <alessandro@ghedini.me> 2015-03-20 19:03:53 +0100
committer: Patrick Monnerat <pm@datasphere.ch> 2015-03-20 19:03:53 +0100
commit: a332922a526f91876fc8ffa73a45322800bf0e73 (patch)
tree: 33badf13abc58ef5cda72707d251823b1cce430a /lib/vtls/gtls.c
parent: 8854f8d45a5cef688377c29e49e8d8b2bd668ee4 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index fbf4586e8..53412a1a2 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -53,6 +53,7 @@
 #include "select.h"
 #include "rawstr.h"
 #include "warnless.h"
+#include "x509asn1.h"
 #include "curl_printf.h"
 #include "curl_memory.h"
 /* The last #include file should be: */
@@ -837,6 +838,23 @@ gtls_connect_step3(struct connectdata *conn,
     infof(data, "\t common name: WARNING couldn't obtain\n");
   }
 
+  if(data->set.ssl.certinfo) {
+    unsigned int i;
+
+    result = Curl_ssl_init_certinfo(data, cert_list_size);
+    if(result)
+      return result;
+
+    for(i = 0; i < cert_list_size; i++) {
+      const char *beg = (const char *) chainp[i].data;
+      const char *end = beg + chainp[i].size;
+
+      result = Curl_extract_certinfo(conn, i, beg, end);
+      if(result)
+        return result;
+    }
+  }
+
   if(data->set.ssl.verifypeer) {
     /* This function will try to verify the peer's certificate and return its
        status (trusted, invalid etc.). The value of status should be one or
author	Alessandro Ghedini <alessandro@ghedini.me>	2015-03-20 19:03:53 +0100
committer	Patrick Monnerat <pm@datasphere.ch>	2015-03-20 19:03:53 +0100
commit	a332922a526f91876fc8ffa73a45322800bf0e73 (patch)
tree	33badf13abc58ef5cda72707d251823b1cce430a /lib/vtls/gtls.c
parent	8854f8d45a5cef688377c29e49e8d8b2bd668ee4 (diff)