1/***************************************************************************
2 *                                  _   _ ____  _
3 *  Project                     ___| | | |  _ \| |
4 *                             / __| | | | |_) | |
5 *                            | (__| |_| |  _ <| |___
6 *                             \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at http://curl.haxx.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 ***************************************************************************/
22
23/* Note that this example currently requires cURL to be linked against
24   GnuTLS (and this program must also be linked against -lgnutls). */
25
26#include <stdio.h>
27
28#include <curl/curl.h>
29#include <gnutls/gnutls.h>
30
31static CURL *curl;
32
33static size_t wrfu(void *ptr, size_t size, size_t nmemb, void *stream)
34{
35  const struct curl_tlssessioninfo *info;
36  unsigned int cert_list_size;
37  const gnutls_datum_t *chainp;
38  CURLcode res;
39
40  (void)stream;
41  (void)ptr;
42
43  res = curl_easy_getinfo(curl, CURLINFO_TLS_SESSION, &info);
44
45  if(!res) {
46    switch(info->backend) {
47    case CURLSSLBACKEND_GNUTLS:
48      /* info->internals is now the gnutls_session_t */
49      chainp = gnutls_certificate_get_peers(info->internals, &cert_list_size);
50      if((chainp) && (cert_list_size)) {
51        unsigned int i;
52
53        for(i = 0; i < cert_list_size; i++) {
54          gnutls_x509_crt_t cert;
55          gnutls_datum_t dn;
56
57          if(GNUTLS_E_SUCCESS == gnutls_x509_crt_init(&cert)) {
58            if(GNUTLS_E_SUCCESS ==
59               gnutls_x509_crt_import(cert, &chainp[i], GNUTLS_X509_FMT_DER)) {
60              if(GNUTLS_E_SUCCESS ==
61                 gnutls_x509_crt_print(cert, GNUTLS_CRT_PRINT_FULL, &dn)) {
62                fprintf(stderr, "Certificate #%d: %.*s", i, dn.size, dn.data);
63
64                gnutls_free(dn.data);
65              }
66            }
67
68            gnutls_x509_crt_deinit(cert);
69          }
70        }
71      }
72      break;
73    case CURLSSLBACKEND_NONE:
74    default:
75      break;
76    }
77  }
78
79  return size * nmemb;
80}
81
82int main(void)
83{
84  curl_global_init(CURL_GLOBAL_DEFAULT);
85
86  curl = curl_easy_init();
87  if(curl) {
88    curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/");
89
90    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, wrfu);
91
92    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
93    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
94
95    curl_easy_setopt(curl, CURLOPT_VERBOSE, 0L);
96
97    (void) curl_easy_perform(curl);
98
99    curl_easy_cleanup(curl);
100  }
101
102  curl_global_cleanup();
103
104  return 0;
105}
106