- Introducing CURLOPT_CERTINFO and the corresponding CURLINFO_CERTINFO. By

enabling this feature with CURLOPT_CERTINFO for a request using SSL (HTTPS or FTPS), libcurl will gather lots of server certificate info and that info can then get extracted by a client after the request has completed with curl_easy_getinfo()'s CURLINFO_CERTINFO option. Linus Nielsen Feltzing helped me test and smoothen out this feature. Unfortunately, this feature currently only works with libcurl built to use OpenSSL. This feature was sponsored by networking4all.com - thanks!
2008-09-05 14:29:21 +00:00
parent 873e734c39
commit 4c9768565e
15 changed files with 542 additions and 41 deletions
--- a/docs/examples/Makefile.inc
+++ b/docs/examples/Makefile.inc
@@ -5,7 +5,7 @@ check_PROGRAMS = 10-at-a-time anyauthput cookie_interface \
  https multi-app multi-debugcallback multi-double \
  multi-post multi-single persistant post-callback \
  postit2 sepheaders simple simplepost simplessl \
-  sendrecv httpcustomheader
+  sendrecv httpcustomheader certinfo

 # These examples require external dependencies that may not be commonly
 # available on POSIX systems, so don't bother attempting to compile them here.
@@ -14,4 +14,3 @@ COMPLICATED_EXAMPLES = \
 ghiper.c hiperfifo.c htmltidy.c multithread.c \
 opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c

-
--- a/docs/examples/certinfo.c
+++ b/docs/examples/certinfo.c
@@ -0,0 +1,62 @@
+/*****************************************************************************
+ */
+
+#include <stdio.h>
+
+#include <curl/curl.h>
+#include <curl/types.h>
+#include <curl/easy.h>
+
+static size_t wrfu(void *ptr,  size_t  size,  size_t  nmemb,  void *stream)
+{
+  return size * nmemb;
+}
+int main(int argc, char **argv)
+{
+  CURL *curl;
+  CURLcode res;
+
+  curl_global_init(CURL_GLOBAL_DEFAULT);
+
+  curl = curl_easy_init();
+  if(curl) {
+    curl_easy_setopt(curl, CURLOPT_URL, "https://www.networking4all.com/");
+
+    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, wrfu);
+
+    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
+    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+
+    curl_easy_setopt(curl, CURLOPT_VERBOSE, 0L);
+    curl_easy_setopt(curl, CURLOPT_CERTINFO, 1L);
+
+    res = curl_easy_perform(curl);
+
+    if(!res) {
+      struct curl_certinfo *ci = NULL;
+
+      res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &ci);
+
+      if(!res && ci) {
+        int i;
+        printf("%d certs!\n", ci->num_of_certs);
+
+        for(i=0; i<ci->num_of_certs; i++) {
+          struct curl_slist *slist;
+
+          for(slist = ci->certinfo[i]; slist; slist = slist->next)
+            printf("%s\n", slist->data);
+
+        }
+      }
+
+    }
+
+
+    curl_easy_cleanup(curl);
+  }
+
+  curl_global_cleanup();
+
+  return 0;
+}