From 7362008c1cbd6bb3079eae2f8217cd905749dd57 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 22 Sep 2015 17:21:37 +0200 Subject: [PATCH] CURLINFO_TLS_SESSION: always return backend info ... even for those that don't support providing anything in the 'internals' struct member since it offers a convenient way for applications to figure this out. --- docs/libcurl/opts/CURLINFO_TLS_SESSION.3 | 12 ++++++++++-- lib/getinfo.c | 8 +++----- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/docs/libcurl/opts/CURLINFO_TLS_SESSION.3 b/docs/libcurl/opts/CURLINFO_TLS_SESSION.3 index 52dd8ad486..868ba73d83 100644 --- a/docs/libcurl/opts/CURLINFO_TLS_SESSION.3 +++ b/docs/libcurl/opts/CURLINFO_TLS_SESSION.3 @@ -38,8 +38,8 @@ internal TLS session structure of this underlying SSL library. This may then be used to extract certificate information in a format convenient for further processing, such as manual validation. NOTE: this option may not be available for all SSL backends; unsupported SSL backends -will return 'CURLSSLBACKEND_NONE' to indicate that they are not supported; -this does not mean that no SSL backend was used. +will always return NULL in the \fIinternals\fP pointer to indicate that they +are not supported. .nf struct curl_tlssessioninfo { @@ -48,6 +48,14 @@ struct curl_tlssessioninfo { }; .fi +The \fIbackend\fP struct member is one of the defines in the CURLSSLBACKEND_* +series: CURLSSLBACKEND_NONE (when built without TLS support), +CURLSSLBACKEND_OPENSSL, CURLSSLBACKEND_GNUTLS, CURLSSLBACKEND_NSS, +CURLSSLBACKEND_GSKIT, CURLSSLBACKEND_POLARSSL, CURLSSLBACKEND_CYASSL, +CURLSSLBACKEND_SCHANNEL, CURLSSLBACKEND_DARWINSSL or +CURLSSLBACKEND_AXTLS. (Note that the OpenSSL forks are all reported as just +OpenSSL here.) + The \fIinternals\fP struct member will point to a TLS library specific pointer with the following underlying types: .RS diff --git a/lib/getinfo.c b/lib/getinfo.c index 90ea454247..00873f6fb3 100644 --- a/lib/getinfo.c +++ b/lib/getinfo.c @@ -290,7 +290,7 @@ static CURLcode getinfo_slist(struct SessionHandle *data, CURLINFO info, void *internals = NULL; *tsip = tsi; - tsi->backend = CURLSSLBACKEND_NONE; + tsi->backend = Curl_ssl_backend(); tsi->internals = NULL; if(!conn) @@ -318,13 +318,11 @@ static CURLcode getinfo_slist(struct SessionHandle *data, CURLINFO info, internals = conn->ssl[sockindex].handle; #endif if(internals) { - tsi->backend = Curl_ssl_backend(); tsi->internals = internals; } /* NOTE: For other SSL backends, it is not immediately clear what data - to return from 'struct ssl_connect_data'; thus, for now we keep the - backend as CURLSSLBACKEND_NONE in those cases, which should be - interpreted as "not supported" */ + to return from 'struct ssl_connect_data'; thus we keep 'internals' to + NULL which should be interpreted as "not supported" */ } break; default: