diff options
Diffstat (limited to 'lib/vtls')
-rw-r--r-- | lib/vtls/gtls.c | 18 | ||||
-rw-r--r-- | lib/vtls/gtls.h | 3 |
2 files changed, 21 insertions, 0 deletions
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index fbf4586e8..53412a1a2 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -53,6 +53,7 @@ #include "select.h" #include "rawstr.h" #include "warnless.h" +#include "x509asn1.h" #include "curl_printf.h" #include "curl_memory.h" /* The last #include file should be: */ @@ -837,6 +838,23 @@ gtls_connect_step3(struct connectdata *conn, infof(data, "\t common name: WARNING couldn't obtain\n"); } + if(data->set.ssl.certinfo) { + unsigned int i; + + result = Curl_ssl_init_certinfo(data, cert_list_size); + if(result) + return result; + + for(i = 0; i < cert_list_size; i++) { + const char *beg = (const char *) chainp[i].data; + const char *end = beg + chainp[i].size; + + result = Curl_extract_certinfo(conn, i, beg, end); + if(result) + return result; + } + } + if(data->set.ssl.verifypeer) { /* This function will try to verify the peer's certificate and return its status (trusted, invalid etc.). The value of status should be one or diff --git a/lib/vtls/gtls.h b/lib/vtls/gtls.h index af1cb5b10..dcae44225 100644 --- a/lib/vtls/gtls.h +++ b/lib/vtls/gtls.h @@ -57,6 +57,9 @@ bool Curl_gtls_cert_status_request(void); /* this backend supports the CAPATH option */ #define have_curlssl_ca_path 1 +/* this backend supports CURLOPT_CERTINFO */ +#define have_curlssl_certinfo 1 + /* API setup for GnuTLS */ #define curlssl_init Curl_gtls_init #define curlssl_cleanup Curl_gtls_cleanup |