sessioninfo.c: Added sample code for CURLINFO_TLS_SESSION

Added a simple example to show how one can use CURLINFO_TLS_SESSION for obtaining extensive TLS certificate information.
2013-11-27 23:37:09 +01:00 · 2013-11-27 23:37:09 +01:00 · 889cb9c982
commit 889cb9c982
parent 26ff1ea6c3
2 changed files with 108 additions and 1 deletions
--- a/docs/examples/Makefile.inc
+++ b/docs/examples/Makefile.inc
@ -13,4 +13,4 @@ COMPLICATED_EXAMPLES = curlgtk.c curlx.c htmltitle.cpp cacertinmem.c	   \
  ftpuploadresume.c ghiper.c hiperfifo.c htmltidy.c multithread.c	   \
  opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c evhiperfifo.c \
  smooth-gtk-thread.c version-check.pl href_extractor.c asiohiper.cpp \
-  multi-uv.c xmlstream.c usercertinmem.c
+  multi-uv.c xmlstream.c usercertinmem.c sessioninfo.c
--- a/docs/examples/sessioninfo.c
+++ b/docs/examples/sessioninfo.c
@ -0,0 +1,107 @@
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
 /* Note that this example currently requires cURL to be linked against
   GnuTLS (and this program must also be linked against -lgnutls). */
 #include <stdio.h>
 #include <curl/curl.h>
 #include <gnutls/gnutls.h>
 static CURL *curl;
 static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream)
 {
  const struct curl_tlsinfo *tlsinfo;
  unsigned int cert_list_size;
  const gnutls_datum_t *chainp;
  CURLcode res;
  (void)stream;
  (void)ptr;
  res = curl_easy_getinfo(curl, CURLINFO_TLS_SESSION, &tlsinfo);
  if(!res) {
    switch(tlsinfo->ssl_backend) {
    case CURLSSLBACKEND_GNUTLS:
      /* tlsinfo->internals is now the gnutls_session_t */
      chainp = gnutls_certificate_get_peers(tlsinfo->internals,
                                            &cert_list_size);
      if((chainp) && (cert_list_size)) {
        unsigned int i;
        for(i = 0; i < cert_list_size; i++) {
          gnutls_x509_crt_t cert;
          gnutls_datum_t dn;
          if(GNUTLS_E_SUCCESS == gnutls_x509_crt_init(&cert)) {
            if(GNUTLS_E_SUCCESS ==
               gnutls_x509_crt_import(cert, &chainp[i],
                                      GNUTLS_X509_FMT_DER)) {
              if(GNUTLS_E_SUCCESS ==
                 gnutls_x509_crt_print(cert, GNUTLS_CRT_PRINT_FULL, &dn)) {
                fprintf(stderr, "Certificate #%d: %.*s", i, dn.size, dn.data);
                gnutls_free(dn.data);
              }
            }
            gnutls_x509_crt_deinit(cert);
          }
        }
      }
      break;
    case CURLSSLBACKEND_NONE:
    default:
      break;
    }
  }
  return size * nmemb;
 }
 int main(void)
 {
  curl_global_init(CURL_GLOBAL_DEFAULT);
  curl = curl_easy_init();
  if(curl) {
    curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/");
    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, wrfu);
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
    curl_easy_setopt(curl, CURLOPT_VERBOSE, 0L);
    (void) curl_easy_perform(curl);
    curl_easy_cleanup(curl);
  }
  curl_global_cleanup();
  return 0;
 }