diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/vtls/gtls.c | 18 | ||||
| -rw-r--r-- | lib/vtls/gtls.h | 3 | ||||
| -rw-r--r-- | lib/x509asn1.c | 5 | ||||
| -rw-r--r-- | lib/x509asn1.h | 6 |
4 files changed, 26 insertions, 6 deletions
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index fbf4586e8..53412a1a2 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -53,6 +53,7 @@ #include "select.h" #include "rawstr.h" #include "warnless.h" +#include "x509asn1.h" #include "curl_printf.h" #include "curl_memory.h" /* The last #include file should be: */ @@ -837,6 +838,23 @@ gtls_connect_step3(struct connectdata *conn, infof(data, "\t common name: WARNING couldn't obtain\n"); } + if(data->set.ssl.certinfo) { + unsigned int i; + + result = Curl_ssl_init_certinfo(data, cert_list_size); + if(result) + return result; + + for(i = 0; i < cert_list_size; i++) { + const char *beg = (const char *) chainp[i].data; + const char *end = beg + chainp[i].size; + + result = Curl_extract_certinfo(conn, i, beg, end); + if(result) + return result; + } + } + if(data->set.ssl.verifypeer) { /* This function will try to verify the peer's certificate and return its status (trusted, invalid etc.). The value of status should be one or diff --git a/lib/vtls/gtls.h b/lib/vtls/gtls.h index af1cb5b10..dcae44225 100644 --- a/lib/vtls/gtls.h +++ b/lib/vtls/gtls.h @@ -57,6 +57,9 @@ bool Curl_gtls_cert_status_request(void); /* this backend supports the CAPATH option */ #define have_curlssl_ca_path 1 +/* this backend supports CURLOPT_CERTINFO */ +#define have_curlssl_certinfo 1 + /* API setup for GnuTLS */ #define curlssl_init Curl_gtls_init #define curlssl_cleanup Curl_gtls_cleanup diff --git a/lib/x509asn1.c b/lib/x509asn1.c index 4d50f0e0c..8b32d6bf7 100644 --- a/lib/x509asn1.c +++ b/lib/x509asn1.c @@ -22,7 +22,7 @@ #include "curl_setup.h" -#if defined(USE_GSKIT) || defined(USE_NSS) +#if defined(USE_GSKIT) || defined(USE_NSS) || defined(USE_GNUTLS) #include <curl/curl.h> #include "urldata.h" @@ -209,7 +209,6 @@ static const char * octet2str(const char * beg, const char * end) } static const char * bit2str(const char * beg, const char * end) - { /* Convert an ASN.1 bit string to a printable string. Return the dynamically allocated string, or NULL if an error occurs. */ @@ -1024,7 +1023,7 @@ CURLcode Curl_extract_certinfo(struct connectdata * conn, return CURLE_OK; } -#endif /* USE_GSKIT or USE_NSS */ +#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS */ #if defined(USE_GSKIT) diff --git a/lib/x509asn1.h b/lib/x509asn1.h index 075c424f3..caa5f6f33 100644 --- a/lib/x509asn1.h +++ b/lib/x509asn1.h @@ -8,7 +8,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -25,7 +25,7 @@ #include "curl_setup.h" -#if defined(USE_GSKIT) || defined(USE_NSS) +#if defined(USE_GSKIT) || defined(USE_NSS) || defined(USE_GNUTLS) #include "urldata.h" @@ -127,5 +127,5 @@ CURLcode Curl_extract_certinfo(struct connectdata * conn, int certnum, CURLcode Curl_verifyhost(struct connectdata * conn, const char * beg, const char * end); -#endif /* USE_GSKIT or USE_NSS */ +#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS */ #endif /* HEADER_CURL_X509ASN1_H */ |