getinfo: access SSL internals via Curl_ssl

In the ongoing endeavor to abstract out all SSL backend-specific functionality, this is the next step: Instead of hard-coding how the different SSL backends access their internal data in getinfo.c, let's implement backend-specific functions to do that task. This will also allow for switching SSL backends as a runtime option. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2025-02-28 09:21:50 -05:00 · 2017-06-23 16:05:26 +02:00 · 2017-06-23 16:05:26 +02:00 · 69039fd1fa
commit 69039fd1fa
parent 118b074fba
12 changed files with 88 additions and 26 deletions
--- a/lib/getinfo.c
+++ b/lib/getinfo.c
@ -360,46 +360,25 @@ static CURLcode getinfo_slist(struct Curl_easy *data, CURLINFO info,
      struct curl_tlssessioninfo **tsip = (struct curl_tlssessioninfo **)
                                          param_slistp;
      struct curl_tlssessioninfo *tsi = &data->tsi;
 #ifdef USE_SSL
      struct connectdata *conn = data->easy_conn;
 #endif
      *tsip = tsi;
      tsi->backend = Curl_ssl_backend();
      tsi->internals = NULL;
 #ifdef USE_SSL
      if(conn && tsi->backend != CURLSSLBACKEND_NONE) {
        unsigned int i;
        for(i = 0; i < (sizeof(conn->ssl) / sizeof(conn->ssl[0])); ++i) {
          if(conn->ssl[i].use) {
-#if defined(USE_AXTLS)
+            tsi->internals = Curl_ssl->get_internals(&conn->ssl[i], info);
            tsi->internals = (void *)conn->ssl[i].ssl;
 #elif defined(USE_CYASSL)
            tsi->internals = (void *)conn->ssl[i].handle;
 #elif defined(USE_DARWINSSL)
            tsi->internals = (void *)conn->ssl[i].ssl_ctx;
 #elif defined(USE_GNUTLS)
            tsi->internals = (void *)conn->ssl[i].session;
 #elif defined(USE_GSKIT)
            tsi->internals = (void *)conn->ssl[i].handle;
 #elif defined(USE_MBEDTLS)
            tsi->internals = (void *)&conn->ssl[i].ssl;
 #elif defined(USE_NSS)
            tsi->internals = (void *)conn->ssl[i].handle;
 #elif defined(USE_OPENSSL)
            /* Legacy: CURLINFO_TLS_SESSION must return an SSL_CTX pointer. */
            tsi->internals = ((info == CURLINFO_TLS_SESSION) ?
                              (void *)conn->ssl[i].ctx :
                              (void *)conn->ssl[i].handle);
 #elif defined(USE_POLARSSL)
            tsi->internals = (void *)&conn->ssl[i].ssl;
 #elif defined(USE_SCHANNEL)
            tsi->internals = (void *)&conn->ssl[i].ctxt->ctxt_handle;
 #elif defined(USE_SSL)
 #error "SSL backend specific information missing for CURLINFO_TLS_SSL_PTR"
 #endif
            break;
          }
        }
      }
 #endif
    }
    break;
  default:
--- a/lib/vtls/axtls.c
+++ b/lib/vtls/axtls.c
@ -681,6 +681,13 @@ static CURLcode Curl_axtls_random(struct Curl_easy *data,
  return CURLE_OK;
 }
 static void *Curl_axtls_get_internals(struct ssl_connect_data *connssl,
                                      CURLINFO info UNUSED_PARAM)
 {
  (void)info;
  return connssl->ssl;
 }
 const struct Curl_ssl Curl_ssl_axtls = {
  "axtls",                        /* name */
@ -705,6 +712,7 @@ const struct Curl_ssl Curl_ssl_axtls = {
  Curl_none_cert_status_request,  /* cert_status_request */
  Curl_axtls_connect,             /* connect */
  Curl_axtls_connect_nonblocking, /* connect_nonblocking */
  Curl_axtls_get_internals,       /* get_internals */
  Curl_axtls_close,               /* close */
  Curl_none_close_all,            /* close_all */
  Curl_axtls_session_free,        /* session_free */
--- a/lib/vtls/cyassl.c
+++ b/lib/vtls/cyassl.c
@ -959,6 +959,13 @@ static void Curl_cyassl_sha256sum(const unsigned char *tmp, /* input */
  Sha256Final(&SHA256pw, sha256sum);
 }
 static void *Curl_cyassl_get_internals(struct ssl_connect_data *connssl,
                                       CURLINFO info UNUSED_PARAM)
 {
  (void)info;
  return connssl->handle;
 }
 const struct Curl_ssl Curl_ssl_cyassl = {
  "cyassl",                        /* name */
@ -982,6 +989,7 @@ const struct Curl_ssl Curl_ssl_cyassl = {
  Curl_none_cert_status_request,   /* cert_status_request */
  Curl_cyassl_connect,             /* connect */
  Curl_cyassl_connect_nonblocking, /* connect_nonblocking */
  Curl_cyassl_get_internals,       /* get_internals */
  Curl_cyassl_close,               /* close */
  Curl_none_close_all,             /* close_all */
  Curl_cyassl_session_free,        /* session_free */
--- a/lib/vtls/darwinssl.c
+++ b/lib/vtls/darwinssl.c
@ -2871,6 +2871,13 @@ static ssize_t darwinssl_recv(struct connectdata *conn,
  return (ssize_t)processed;
 }
 static void *Curl_darwinssl_get_internals(struct ssl_connect_data *connssl,
                                          CURLINFO info UNUSED_PARAM)
 {
  (void)info;
  return connssl->ssl_ctx;
 }
 const struct Curl_ssl Curl_ssl_darwinssl = {
  "darwinssl",                        /* name */
@ -2894,6 +2901,7 @@ const struct Curl_ssl Curl_ssl_darwinssl = {
  Curl_none_cert_status_request,      /* cert_status_request */
  Curl_darwinssl_connect,             /* connect */
  Curl_darwinssl_connect_nonblocking, /* connect_nonblocking */
  Curl_darwinssl_get_internals,       /* get_internals */
  Curl_darwinssl_close,               /* close */
  Curl_none_close_all,                /* close_all */
  Curl_darwinssl_session_free,        /* session_free */
--- a/lib/vtls/gskit.c
+++ b/lib/vtls/gskit.c
@ -1333,6 +1333,13 @@ static int Curl_gskit_check_cxn(struct connectdata *cxn)
  return -1;  /* connection status unknown */
 }
 static void *Curl_gskit_get_internals(struct ssl_connect_data *connssl,
                                      CURLINFO info UNUSED_PARAM)
 {
  (void)info;
  return connssl->handle;
 }
 const struct Curl_ssl Curl_ssl_gskit = {
  "gskit",                        /* name */
@ -1354,6 +1361,7 @@ const struct Curl_ssl Curl_ssl_gskit = {
  Curl_none_cert_status_request,  /* cert_status_request */
  Curl_gskit_connect,             /* connect */
  Curl_gskit_connect_nonblocking, /* connect_nonblocking */
  Curl_gskit_get_internals,       /* get_internals */
  Curl_gskit_close,               /* close */
  Curl_none_close_all,            /* close_all */
  /* No session handling for GSKit */
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@ -1782,6 +1782,13 @@ static bool Curl_gtls_cert_status_request(void)
 #endif
 }
 static void *Curl_gtls_get_internals(struct ssl_connect_data *connssl,
                                     CURLINFO info UNUSED_PARAM)
 {
  (void)info;
  return connssl->session;
 }
 const struct Curl_ssl Curl_ssl_gnutls = {
  "gnutls",                      /* name */
@ -1801,6 +1808,7 @@ const struct Curl_ssl Curl_ssl_gnutls = {
  Curl_gtls_cert_status_request, /* cert_status_request */
  Curl_gtls_connect,             /* connect */
  Curl_gtls_connect_nonblocking, /* connect_nonblocking */
  Curl_gtls_get_internals,       /* get_internals */
  Curl_gtls_close,               /* close */
  Curl_none_close_all,           /* close_all */
  Curl_glts_session_free,        /* session_free */
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@ -1012,6 +1012,13 @@ static void Curl_mbedtls_sha256sum(const unsigned char *input,
  mbedtls_sha256(input, inputlen, sha256sum, 0);
 }
 static void *Curl_mbedtls_get_internals(struct ssl_connect_data *connssl,
                                        CURLINFO info UNUSED_PARAM)
 {
  (void)info;
  return &connssl->ssl;
 }
 const struct Curl_ssl Curl_ssl_mbedtls = {
  "mbedtls",                        /* name */
@ -1031,6 +1038,7 @@ const struct Curl_ssl Curl_ssl_mbedtls = {
  Curl_none_cert_status_request,    /* cert_status_request */
  Curl_mbedtls_connect,             /* connect */
  Curl_mbedtls_connect_nonblocking, /* connect_nonblocking */
  Curl_mbedtls_get_internals,       /* get_internals */
  Curl_mbedtls_close,               /* close */
  Curl_mbedtls_close_all,           /* close_all */
  Curl_mbedtls_session_free,        /* session_free */
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@ -2323,6 +2323,13 @@ static bool Curl_nss_false_start(void)
 #endif
 }
 static void *Curl_nss_get_internals(struct ssl_connect_data *connssl,
                                    CURLINFO info UNUSED_PARAM)
 {
  (void)info;
  return connssl->handle;
 }
 const struct Curl_ssl Curl_ssl_nss = {
  "nss",                        /* name */
@ -2343,6 +2350,7 @@ const struct Curl_ssl Curl_ssl_nss = {
  Curl_nss_cert_status_request, /* cert_status_request */
  Curl_nss_connect,             /* connect */
  Curl_nss_connect_nonblocking, /* connect_nonblocking */
  Curl_nss_get_internals,       /* get_internals */
  Curl_nss_close,               /* close */
  Curl_none_close_all,          /* close_all */
  /* NSS has its own session ID cache */
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@ -3394,6 +3394,14 @@ static bool Curl_ossl_cert_status_request(void)
 #endif
 }
 static void *Curl_ossl_get_internals(struct ssl_connect_data *connssl,
                                     CURLINFO info)
 {
  /* Legacy: CURLINFO_TLS_SESSION must return an SSL_CTX pointer. */
  return info == CURLINFO_TLS_SESSION ?
         (void *)connssl->ctx : (void *)connssl->handle;
 }
 const struct Curl_ssl Curl_ssl_openssl = {
  "openssl",                     /* name */
@ -3413,6 +3421,7 @@ const struct Curl_ssl Curl_ssl_openssl = {
  Curl_ossl_cert_status_request, /* cert_status_request */
  Curl_ossl_connect,             /* connect */
  Curl_ossl_connect_nonblocking, /* connect_nonblocking */
  Curl_ossl_get_internals,       /* get_internals */
  Curl_ossl_close,               /* close */
  Curl_ossl_close_all,           /* close_all */
  Curl_ossl_session_free,        /* session_free */
--- a/lib/vtls/polarssl.c
+++ b/lib/vtls/polarssl.c
@ -874,6 +874,13 @@ static void Curl_polarssl_sha256sum(const unsigned char *input,
  sha256(input, inputlen, sha256sum, 0);
 }
 static void *Curl_polarssl_get_internals(struct ssl_connect_data *connssl,
                                         CURLINFO info UNUSED_PARAM)
 {
  (void)info;
  return &connssl->ssl;
 }
 const struct Curl_ssl Curl_ssl_polarssl = {
  "polarssl",                        /* name */
@ -896,6 +903,7 @@ const struct Curl_ssl Curl_ssl_polarssl = {
  Curl_none_cert_status_request,     /* cert_status_request */
  Curl_polarssl_connect,             /* connect */
  Curl_polarssl_connect_nonblocking, /* connect_nonblocking */
  Curl_polarssl_get_internals,       /* get_internals */
  Curl_polarssl_close,               /* close */
  Curl_none_close_all,               /* close_all */
  Curl_polarssl_session_free,        /* session_free */
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@ -1773,6 +1773,13 @@ static CURLcode verify_certificate(struct connectdata *conn, int sockindex)
 }
 #endif /* _WIN32_WCE */
 static void *Curl_schannel_get_internals(struct ssl_connect_data *connssl,
                                         CURLINFO info UNUSED_PARAM)
 {
  (void)info;
  return &connssl->ctxt->ctxt_handle;
 }
 const struct Curl_ssl Curl_ssl_schannel = {
  "schannel",                        /* name */
@ -1792,6 +1799,7 @@ const struct Curl_ssl Curl_ssl_schannel = {
  Curl_none_cert_status_request,     /* cert_status_request */
  Curl_schannel_connect,             /* connect */
  Curl_schannel_connect_nonblocking, /* connect_nonblocking */
  Curl_schannel_get_internals,       /* get_internals */
  Curl_schannel_close,               /* close */
  Curl_none_close_all,               /* close_all */
  Curl_schannel_session_free,        /* session_free */
--- a/lib/vtls/vtls.h
+++ b/lib/vtls/vtls.h
@ -24,6 +24,7 @@
 #include "curl_setup.h"
 struct connectdata;
 struct ssl_connect_data;
 struct Curl_ssl {
  const char *name;
@ -52,6 +53,7 @@ struct Curl_ssl {
  CURLcode (*connect)(struct connectdata *conn, int sockindex);
  CURLcode (*connect_nonblocking)(struct connectdata *conn, int sockindex,
                                  bool *done);
  void *(*get_internals)(struct ssl_connect_data *connssl, CURLINFO info);
  void (*close)(struct connectdata *conn, int sockindex);
  void (*close_all)(struct Curl_easy *data);
  void (*session_free)(void *ptr);