getinfo: access SSL internals via Curl_ssl

In the ongoing endeavor to abstract out all SSL backend-specific functionality, this is the next step: Instead of hard-coding how the different SSL backends access their internal data in getinfo.c, let's implement backend-specific functions to do that task. This will also allow for switching SSL backends as a runtime option. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
author: Johannes Schindelin <johannes.schindelin@gmx.de> 2017-06-23 16:05:26 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2017-08-28 14:56:57 +0200
commit: 69039fd1fa3e65e2f5737b2a4044dcb8fbabb76d (patch)
tree: 45490b3472aea76af548851766c1a26aa98b5d22 /lib/vtls
parent: 118b074fba6ac9d8128410ce14cd05d46ad6dfa5 (diff)
11 files changed, 83 insertions, 0 deletions
diff --git a/lib/vtls/axtls.c b/lib/vtls/axtls.c
index ceebc9a7a..2b904fcd0 100644
--- a/lib/vtls/axtls.c
+++ b/lib/vtls/axtls.c
@@ -681,6 +681,13 @@ static CURLcode Curl_axtls_random(struct Curl_easy *data,
   return CURLE_OK;
 }
 
+static void *Curl_axtls_get_internals(struct ssl_connect_data *connssl,
+                                      CURLINFO info UNUSED_PARAM)
+{
+  (void)info;
+  return connssl->ssl;
+}
+
 const struct Curl_ssl Curl_ssl_axtls = {
   "axtls",                        /* name */
 
@@ -705,6 +712,7 @@ const struct Curl_ssl Curl_ssl_axtls = {
   Curl_none_cert_status_request,  /* cert_status_request */
   Curl_axtls_connect,             /* connect */
   Curl_axtls_connect_nonblocking, /* connect_nonblocking */
+  Curl_axtls_get_internals,       /* get_internals */
   Curl_axtls_close,               /* close */
   Curl_none_close_all,            /* close_all */
   Curl_axtls_session_free,        /* session_free */
diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c
index 7cc294b1d..0fbb6ff67 100644
--- a/lib/vtls/cyassl.c
+++ b/lib/vtls/cyassl.c
@@ -959,6 +959,13 @@ static void Curl_cyassl_sha256sum(const unsigned char *tmp, /* input */
   Sha256Final(&SHA256pw, sha256sum);
 }
 
+static void *Curl_cyassl_get_internals(struct ssl_connect_data *connssl,
+                                       CURLINFO info UNUSED_PARAM)
+{
+  (void)info;
+  return connssl->handle;
+}
+
 const struct Curl_ssl Curl_ssl_cyassl = {
   "cyassl",                        /* name */
 
@@ -982,6 +989,7 @@ const struct Curl_ssl Curl_ssl_cyassl = {
   Curl_none_cert_status_request,   /* cert_status_request */
   Curl_cyassl_connect,             /* connect */
   Curl_cyassl_connect_nonblocking, /* connect_nonblocking */
+  Curl_cyassl_get_internals,       /* get_internals */
   Curl_cyassl_close,               /* close */
   Curl_none_close_all,             /* close_all */
   Curl_cyassl_session_free,        /* session_free */
diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c
index aef644457..d6558e358 100644
--- a/lib/vtls/darwinssl.c
+++ b/lib/vtls/darwinssl.c
@@ -2871,6 +2871,13 @@ static ssize_t darwinssl_recv(struct connectdata *conn,
   return (ssize_t)processed;
 }
 
+static void *Curl_darwinssl_get_internals(struct ssl_connect_data *connssl,
+                                          CURLINFO info UNUSED_PARAM)
+{
+  (void)info;
+  return connssl->ssl_ctx;
+}
+
 const struct Curl_ssl Curl_ssl_darwinssl = {
   "darwinssl",                        /* name */
 
@@ -2894,6 +2901,7 @@ const struct Curl_ssl Curl_ssl_darwinssl = {
   Curl_none_cert_status_request,      /* cert_status_request */
   Curl_darwinssl_connect,             /* connect */
   Curl_darwinssl_connect_nonblocking, /* connect_nonblocking */
+  Curl_darwinssl_get_internals,       /* get_internals */
   Curl_darwinssl_close,               /* close */
   Curl_none_close_all,                /* close_all */
   Curl_darwinssl_session_free,        /* session_free */
diff --git a/lib/vtls/gskit.c b/lib/vtls/gskit.c
index dab114912..196cbb3ba 100644
--- a/lib/vtls/gskit.c
+++ b/lib/vtls/gskit.c
@@ -1333,6 +1333,13 @@ static int Curl_gskit_check_cxn(struct connectdata *cxn)
   return -1;  /* connection status unknown */
 }
 
+static void *Curl_gskit_get_internals(struct ssl_connect_data *connssl,
+                                      CURLINFO info UNUSED_PARAM)
+{
+  (void)info;
+  return connssl->handle;
+}
+
 const struct Curl_ssl Curl_ssl_gskit = {
   "gskit",                        /* name */
 
@@ -1354,6 +1361,7 @@ const struct Curl_ssl Curl_ssl_gskit = {
   Curl_none_cert_status_request,  /* cert_status_request */
   Curl_gskit_connect,             /* connect */
   Curl_gskit_connect_nonblocking, /* connect_nonblocking */
+  Curl_gskit_get_internals,       /* get_internals */
   Curl_gskit_close,               /* close */
   Curl_none_close_all,            /* close_all */
   /* No session handling for GSKit */
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index 54fda5467..1e57b4588 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -1782,6 +1782,13 @@ static bool Curl_gtls_cert_status_request(void)
 #endif
 }
 
+static void *Curl_gtls_get_internals(struct ssl_connect_data *connssl,
+                                     CURLINFO info UNUSED_PARAM)
+{
+  (void)info;
+  return connssl->session;
+}
+
 const struct Curl_ssl Curl_ssl_gnutls = {
   "gnutls",                      /* name */
 
@@ -1801,6 +1808,7 @@ const struct Curl_ssl Curl_ssl_gnutls = {
   Curl_gtls_cert_status_request, /* cert_status_request */
   Curl_gtls_connect,             /* connect */
   Curl_gtls_connect_nonblocking, /* connect_nonblocking */
+  Curl_gtls_get_internals,       /* get_internals */
   Curl_gtls_close,               /* close */
   Curl_none_close_all,           /* close_all */
   Curl_glts_session_free,        /* session_free */
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index ea8f3c6d5..803932c6f 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -1012,6 +1012,13 @@ static void Curl_mbedtls_sha256sum(const unsigned char *input,
   mbedtls_sha256(input, inputlen, sha256sum, 0);
 }
 
+static void *Curl_mbedtls_get_internals(struct ssl_connect_data *connssl,
+                                        CURLINFO info UNUSED_PARAM)
+{
+  (void)info;
+  return &connssl->ssl;
+}
+
 const struct Curl_ssl Curl_ssl_mbedtls = {
   "mbedtls",                        /* name */
 
@@ -1031,6 +1038,7 @@ const struct Curl_ssl Curl_ssl_mbedtls = {
   Curl_none_cert_status_request,    /* cert_status_request */
   Curl_mbedtls_connect,             /* connect */
   Curl_mbedtls_connect_nonblocking, /* connect_nonblocking */
+  Curl_mbedtls_get_internals,       /* get_internals */
   Curl_mbedtls_close,               /* close */
   Curl_mbedtls_close_all,           /* close_all */
   Curl_mbedtls_session_free,        /* session_free */
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index 3f3d59f0d..d7d49b673 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -2323,6 +2323,13 @@ static bool Curl_nss_false_start(void)
 #endif
 }
 
+static void *Curl_nss_get_internals(struct ssl_connect_data *connssl,
+                                    CURLINFO info UNUSED_PARAM)
+{
+  (void)info;
+  return connssl->handle;
+}
+
 const struct Curl_ssl Curl_ssl_nss = {
   "nss",                        /* name */
 
@@ -2343,6 +2350,7 @@ const struct Curl_ssl Curl_ssl_nss = {
   Curl_nss_cert_status_request, /* cert_status_request */
   Curl_nss_connect,             /* connect */
   Curl_nss_connect_nonblocking, /* connect_nonblocking */
+  Curl_nss_get_internals,       /* get_internals */
   Curl_nss_close,               /* close */
   Curl_none_close_all,          /* close_all */
   /* NSS has its own session ID cache */
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index fcd4539d5..40bd8ee86 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -3394,6 +3394,14 @@ static bool Curl_ossl_cert_status_request(void)
 #endif
 }
 
+static void *Curl_ossl_get_internals(struct ssl_connect_data *connssl,
+                                     CURLINFO info)
+{
+  /* Legacy: CURLINFO_TLS_SESSION must return an SSL_CTX pointer. */
+  return info == CURLINFO_TLS_SESSION ?
+         (void *)connssl->ctx : (void *)connssl->handle;
+}
+
 const struct Curl_ssl Curl_ssl_openssl = {
   "openssl",                     /* name */
 
@@ -3413,6 +3421,7 @@ const struct Curl_ssl Curl_ssl_openssl = {
   Curl_ossl_cert_status_request, /* cert_status_request */
   Curl_ossl_connect,             /* connect */
   Curl_ossl_connect_nonblocking, /* connect_nonblocking */
+  Curl_ossl_get_internals,       /* get_internals */
   Curl_ossl_close,               /* close */
   Curl_ossl_close_all,           /* close_all */
   Curl_ossl_session_free,        /* session_free */
diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c
index e12a50d6a..3cffb9f4b 100644
--- a/lib/vtls/polarssl.c
+++ b/lib/vtls/polarssl.c
@@ -874,6 +874,13 @@ static void Curl_polarssl_sha256sum(const unsigned char *input,
   sha256(input, inputlen, sha256sum, 0);
 }
 
+static void *Curl_polarssl_get_internals(struct ssl_connect_data *connssl,
+                                         CURLINFO info UNUSED_PARAM)
+{
+  (void)info;
+  return &connssl->ssl;
+}
+
 const struct Curl_ssl Curl_ssl_polarssl = {
   "polarssl",                        /* name */
 
@@ -896,6 +903,7 @@ const struct Curl_ssl Curl_ssl_polarssl = {
   Curl_none_cert_status_request,     /* cert_status_request */
   Curl_polarssl_connect,             /* connect */
   Curl_polarssl_connect_nonblocking, /* connect_nonblocking */
+  Curl_polarssl_get_internals,       /* get_internals */
   Curl_polarssl_close,               /* close */
   Curl_none_close_all,               /* close_all */
   Curl_polarssl_session_free,        /* session_free */
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index d01a224c9..1296267ef 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -1773,6 +1773,13 @@ static CURLcode verify_certificate(struct connectdata *conn, int sockindex)
 }
 #endif /* _WIN32_WCE */
 
+static void *Curl_schannel_get_internals(struct ssl_connect_data *connssl,
+                                         CURLINFO info UNUSED_PARAM)
+{
+  (void)info;
+  return &connssl->ctxt->ctxt_handle;
+}
+
 const struct Curl_ssl Curl_ssl_schannel = {
   "schannel",                        /* name */
 
@@ -1792,6 +1799,7 @@ const struct Curl_ssl Curl_ssl_schannel = {
   Curl_none_cert_status_request,     /* cert_status_request */
   Curl_schannel_connect,             /* connect */
   Curl_schannel_connect_nonblocking, /* connect_nonblocking */
+  Curl_schannel_get_internals,       /* get_internals */
   Curl_schannel_close,               /* close */
   Curl_none_close_all,               /* close_all */
   Curl_schannel_session_free,        /* session_free */
diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h
index de98df027..a814b72fb 100644
--- a/lib/vtls/vtls.h
+++ b/lib/vtls/vtls.h
@@ -24,6 +24,7 @@
 #include "curl_setup.h"
 
 struct connectdata;
+struct ssl_connect_data;
 
 struct Curl_ssl {
   const char *name;
@@ -52,6 +53,7 @@ struct Curl_ssl {
   CURLcode (*connect)(struct connectdata *conn, int sockindex);
   CURLcode (*connect_nonblocking)(struct connectdata *conn, int sockindex,
                                   bool *done);
+  void *(*get_internals)(struct ssl_connect_data *connssl, CURLINFO info);
   void (*close)(struct connectdata *conn, int sockindex);
   void (*close_all)(struct Curl_easy *data);
   void (*session_free)(void *ptr);
author	Johannes Schindelin <johannes.schindelin@gmx.de>	2017-06-23 16:05:26 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2017-08-28 14:56:57 +0200
commit	69039fd1fa3e65e2f5737b2a4044dcb8fbabb76d (patch)
tree	45490b3472aea76af548851766c1a26aa98b5d22 /lib/vtls
parent	118b074fba6ac9d8128410ce14cd05d46ad6dfa5 (diff)