1 /***************************************************************************
2  *                                  _   _ ____  _
3  *  Project                     ___| | | |  _ \| |
4  *                             / __| | | | |_) | |
5  *                            | (__| |_| |  _ <| |___
6  *                             \___|\___/|_| \_\_____|
7  *
8  * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
9  *
10  * This software is licensed as described in the file COPYING, which
11  * you should have received as part of this distribution. The terms
12  * are also available at http://curl.haxx.se/docs/copyright.html.
13  *
14  * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15  * copies of the Software, and permit persons to whom the Software is
16  * furnished to do so, under the terms of the COPYING file.
17  *
18  * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19  * KIND, either express or implied.
20  *
21  ***************************************************************************/
22 
23 /* Note that this example currently requires cURL to be linked against
24    GnuTLS (and this program must also be linked against -lgnutls). */
25 
26 #include <stdio.h>
27 
28 #include <curl/curl.h>
29 #include <gnutls/gnutls.h>
30 
31 static CURL *curl;
32 
wrfu(void * ptr,size_t size,size_t nmemb,void * stream)33 static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream)
34 {
35   const struct curl_tlssessioninfo *info;
36   unsigned int cert_list_size;
37   const gnutls_datum_t *chainp;
38   CURLcode res;
39 
40   (void)stream;
41   (void)ptr;
42 
43   res = curl_easy_getinfo(curl, CURLINFO_TLS_SESSION, &info);
44 
45   if(!res) {
46     switch(info->backend) {
47     case CURLSSLBACKEND_GNUTLS:
48       /* info->internals is now the gnutls_session_t */
49       chainp = gnutls_certificate_get_peers(info->internals, &cert_list_size);
50       if((chainp) && (cert_list_size)) {
51         unsigned int i;
52 
53         for(i = 0; i < cert_list_size; i++) {
54           gnutls_x509_crt_t cert;
55           gnutls_datum_t dn;
56 
57           if(GNUTLS_E_SUCCESS == gnutls_x509_crt_init(&cert)) {
58             if(GNUTLS_E_SUCCESS ==
59                gnutls_x509_crt_import(cert, &chainp[i], GNUTLS_X509_FMT_DER)) {
60               if(GNUTLS_E_SUCCESS ==
61                  gnutls_x509_crt_print(cert, GNUTLS_CRT_PRINT_FULL, &dn)) {
62                 fprintf(stderr, "Certificate #%d: %.*s", i, dn.size, dn.data);
63 
64                 gnutls_free(dn.data);
65               }
66             }
67 
68             gnutls_x509_crt_deinit(cert);
69           }
70         }
71       }
72       break;
73     case CURLSSLBACKEND_NONE:
74     default:
75       break;
76     }
77   }
78 
79   return size * nmemb;
80 }
81 
main(void)82 int main(void)
83 {
84   curl_global_init(CURL_GLOBAL_DEFAULT);
85 
86   curl = curl_easy_init();
87   if(curl) {
88     curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/");
89 
90     curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, wrfu);
91 
92     curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
93     curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
94 
95     curl_easy_setopt(curl, CURLOPT_VERBOSE, 0L);
96 
97     (void) curl_easy_perform(curl);
98 
99     curl_easy_cleanup(curl);
100   }
101 
102   curl_global_cleanup();
103 
104   return 0;
105 }
106