CURLINFO_CAPATH/CAINFO: get the default CA paths from libcurl

Closes #8888

docs/libcurl/curl_easy_getinfo.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -209,6 +209,12 @@ See \fICURLINFO_ACTIVESOCKET(3)\fP
 .IP CURLINFO_FTP_ENTRY_PATH
 The entry path after logging in to an FTP server.
 See \fICURLINFO_FTP_ENTRY_PATH(3)\fP
+.IP CURLINFO_CAPATH
+Get the default value for \fICURLOPT_CAPATH(3)\fP.
+See \fICURLINFO_CAPATH(3)\fP
+.IP CURLINFO_CAINFO
+Get the default value for \fICURLOPT_CAINFO(3)\fP.
+See \fICURLINFO_CAINFO(3)\fP
 .IP CURLINFO_CERTINFO
 Certificate chain.
 See \fICURLINFO_CERTINFO(3)\fP

docs/libcurl/opts/CURLINFO_CAINFO.3

@@ -0,0 +1,61 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLINFO_CAINFO 3 "20 May 2022" "libcurl 7.84.0" "curl_easy_getinfo options"
+.SH NAME
+CURLINFO_CAINFO \- get the default built-in CAINFO string
+.SH SYNOPSIS
+.nf
+#include <curl/curl.h>
+
+CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_CAINFO, char **path);
+.fi
+.SH DESCRIPTION
+Pass a pointer to a char pointer to receive the pointer to a null-terminated
+string holding the default built-in path used for the \fICURLOPT_CAINFO(3)\fP
+option unless set by the user.
+
+This is a path identifying a single file containing CA certificates.
+
+The \fBpath\fP pointer will be NULL if there is no default path.
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  CURLcode res;
+  char *cainfo = NULL;
+  curl_easy_getinfo(curl, CURLINFO_CAINFO, &cainfo);
+  if(cainfo)
+      printf("default ca info path: %s\\n", cainfo);
+  }
+  curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.84.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLINFO_CAPATH "(3), "
+.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), "

docs/libcurl/opts/CURLINFO_CAPATH.3

@@ -0,0 +1,61 @@
+.\" **************************************************************************
+.\" *                                  _   _ ____  _
+.\" *  Project                     ___| | | |  _ \| |
+.\" *                             / __| | | | |_) | |
+.\" *                            | (__| |_| |  _ <| |___
+.\" *                             \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at https://curl.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLINFO_CAPATH 3 "20 May 2022" "libcurl 7.84.0" "curl_easy_getinfo options"
+.SH NAME
+CURLINFO_CAPATH \- get the default built-in CAPATH string
+.SH SYNOPSIS
+.nf
+#include <curl/curl.h>
+
+CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_CAPATH, char **path);
+.fi
+.SH DESCRIPTION
+Pass a pointer to a char pointer to receive the pointer to a null-terminated
+string holding the default built-in path used for the \fICURLOPT_CAPATH(3)\fP
+option unless set by the user.
+
+This is a path identifying a directory.
+
+The \fBpath\fP pointer will be NULL if there is no default path.
+.SH PROTOCOLS
+All
+.SH EXAMPLE
+.nf
+CURL *curl = curl_easy_init();
+if(curl) {
+  CURLcode res;
+  char *capath = NULL;
+  curl_easy_getinfo(curl, CURLINFO_CAPATH, &capath);
+  if(capath)
+      printf("default ca path: %s\\n", capath);
+  }
+  curl_easy_cleanup(curl);
+}
+.fi
+.SH AVAILABILITY
+Added in 7.84.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
+.SH "SEE ALSO"
+.BR CURLINFO_CAINFO "(3), "
+.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), "

docs/libcurl/opts/CURLOPT_CAINFO.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -59,6 +59,8 @@ store of root certificates (the default for Schannel).
 
 The application does not have to keep the string around after setting this
 option.
+
+The default value for this can be figured out with \fICURLINFO_CAINFO(3)\fP.
 .SH DEFAULT
 Built-in system specific. When curl is built with Secure Transport or
 Schannel, this option is not set by default.
@@ -83,3 +85,4 @@ CURLE_OUT_OF_MEMORY if there was insufficient heap space.
 .SH "SEE ALSO"
 .BR CURLOPT_CAINFO_BLOB "(3), " CURLOPT_CAPATH "(3), "
 .BR CURLOPT_SSL_VERIFYPEER "(3), " CURLOPT_SSL_VERIFYHOST "(3), "
+.BR CURLINFO_CAINFO "(3), "

docs/libcurl/opts/CURLOPT_CAPATH.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -41,6 +41,8 @@ to some limitation in openssl.
 
 The application does not have to keep the string around after setting this
 option.
+
+The default value for this can be figured out with \fICURLINFO_CAPATH(3)\fP.
 .SH DEFAULT
 A default path detected at build time.
 .SH PROTOCOLS
@@ -69,3 +71,4 @@ CURLE_OUT_OF_MEMORY
 .SH "SEE ALSO"
 .BR CURLOPT_CAINFO "(3), "
 .BR CURLOPT_STDERR "(3), " CURLOPT_DEBUGFUNCTION "(3), "
+.BR CURLINFO_CAPATH "(3), "

docs/libcurl/opts/CURLOPT_PROXY_CAINFO.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -53,6 +53,8 @@ preferred method of verifying the peer's certificate chain.
 
 The application does not have to keep the string around after setting this
 option.
+
+The default value for this can be figured out with \fICURLINFO_CAINFO(3)\fP.
 .SH DEFAULT
 Built-in system specific
 .SH PROTOCOLS

docs/libcurl/opts/CURLOPT_PROXY_CAPATH.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -38,6 +38,8 @@ enabled (which it is by default).
 
 The application does not have to keep the string around after setting this
 option.
+
+The default value for this can be figured out with \fICURLINFO_CAPATH(3)\fP.
 .SH DEFAULT
 NULL
 .SH PROTOCOLS

docs/libcurl/opts/Makefile.inc

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -25,6 +25,8 @@ man_MANS =                                      \
   CURLINFO_ACTIVESOCKET.3                       \
   CURLINFO_APPCONNECT_TIME.3                    \
   CURLINFO_APPCONNECT_TIME_T.3                  \
+  CURLINFO_CAINFO.3                             \
+  CURLINFO_CAPATH.3                             \
   CURLINFO_CERTINFO.3                           \
   CURLINFO_CONDITION_UNMET.3                    \
   CURLINFO_CONNECT_TIME.3                       \

docs/libcurl/symbols-in-versions

@@ -404,6 +404,8 @@ CURLHSTS_READONLYFILE           7.74.0
 CURLINFO_ACTIVESOCKET           7.45.0
 CURLINFO_APPCONNECT_TIME        7.19.0
 CURLINFO_APPCONNECT_TIME_T      7.61.0
+CURLINFO_CAPATH                 7.84.0
+CURLINFO_CAINFO                 7.84.0
 CURLINFO_CERTINFO               7.19.1
 CURLINFO_CONDITION_UNMET        7.19.4
 CURLINFO_CONNECT_TIME           7.4.1

include/curl/curl.h

@@ -2799,8 +2799,9 @@ typedef enum {
   CURLINFO_EFFECTIVE_METHOD = CURLINFO_STRING + 58,
   CURLINFO_PROXY_ERROR      = CURLINFO_LONG + 59,
   CURLINFO_REFERER          = CURLINFO_STRING + 60,
-
-  CURLINFO_LASTONE          = 60
+  CURLINFO_CAINFO           = CURLINFO_STRING + 61,
+  CURLINFO_CAPATH           = CURLINFO_STRING + 62,
+  CURLINFO_LASTONE          = 62
 } CURLINFO;
 
 /* CURLINFO_RESPONSE_CODE is the new name for the option previously known as

lib/getinfo.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -164,6 +164,20 @@ static CURLcode getinfo_char(struct Curl_easy *data, CURLINFO info,
   case CURLINFO_SCHEME:
     *param_charp = data->info.conn_scheme;
     break;
+  case CURLINFO_CAPATH:
+#ifdef CURL_CA_PATH
+    *param_charp = CURL_CA_PATH;
+#else
+    *param_charp = NULL;
+#endif
+    break;
+  case CURLINFO_CAINFO:
+#ifdef CURL_CA_BUNDLE
+    *param_charp = CURL_CA_BUNDLE;
+#else
+    *param_charp = NULL;
+#endif
+    break;
 
   default:
     return CURLE_UNKNOWN_OPTION;