Ciao,
sorry if this is a FAQ, with the following program:
#include <stdio.h>
#include <stdlib.h>
#include <curl/curl.h>
#define COK(CALL) \
do { \
e = (CALL); \
if (CURLE_OK != e) { \
fprintf(stderr, curl_easy_strerror(e)); \
exit(EXIT_FAILURE); \
} \
} while (0)
size_t
cb (void * buffer, size_t item_size, size_t item_number, void * custom)
{
/* fwrite(buffer, item_size, item_number, stderr); */
return (item_size * item_number);
}
int
main (int argc, const char *const argv[])
{
CURL * handle = curl_easy_init();
int num_certs = 0;
int e;
fprintf(stderr, "connecting to gna\n");
COK(curl_easy_setopt(handle, CURLOPT_URL, "https://gna.org/";));
COK(curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, cb));
COK(curl_easy_setopt(handle, CURLOPT_WRITEDATA, NULL));
COK(curl_easy_setopt(handle, CURLOPT_SSL_VERIFYPEER, 0));
COK(curl_easy_setopt(handle, CURLOPT_CERTINFO, 1));
COK(curl_easy_perform(handle));
COK(curl_easy_getinfo(handle, CURLINFO_CERTINFO, &num_certs));
fprintf(stderr, "num certs %d\n", num_certs);
exit(EXIT_SUCCESS);
}
I get outputs like:
connecting to gna
num certs 157484972
which is obviously bad; what am I doing wrong? When
issuing:
$ curl -v -k "https://gna.org";
I correctly get:
* Server certificate:
* subject: CN=gna.org
* start date: 2009-11-01 20:54:13 GMT
* expire date: 2010-04-30 20:54:13 GMT
* common name: gna.org (matched)
* issuer: O=Root CA; OU=http://www.cacert.org; CN=CA Cert Signing
Authority; [email protected]
The other operations with cURL I tested so far seem to
work fine. If I am not mistaken, the source of the "curl"
program does not make use of the CURLINFO_CERTINFO option;
it is not clear to me how it can print certinfos (I only see
code using GNU TLS).
My cURL is:
libcurl/7.19.7 OpenSSL/0.9.8i zlib/1.2.3 c-ares/1.6.0 libidn/1.12
version-info age: 3
version-info version: "7.19.7"
version-info version-num: "71307"
version-info host: "i686-pc-linux-gnu"
version-info features:
(CURLDEBUG CONV SSPI IDN LARGEFILE SPNEGO
ASYNCHDNS DEBUG GSSNEGOTIATE NTLM LIBZ SSL
KERBEROS4 IPV6)
version-info ssl-version: "OpenSSL/0.9.8i"
version-info ssl-version-num: 0
version-info libz-version: "1.2.3"
version-info protocols:
(tftp ftp telnet dict ldap http file https ftps)
version-info ares: "1.6.0"
version-info ares-num: 67072
version-info iconv: 0
version-info libssh-version: #f
and:
$ ldd /usr/local/bin/curl
linux-gate.so.1 => (0xb8016000)
libcurl.so.4 => /usr/local/lib/libcurl.so.4 (0xb7fb6000)
libfbopenssl.so => /usr/local/lib/libfbopenssl.so (0xb7fb2000)
libcares.so.2 => /usr/local/lib/libcares.so.2 (0xb7fa5000)
libidn.so.11 => /usr/local/lib/libidn.so.11 (0xb7f74000)
libiconv.so.2 => /usr/local/lib/libiconv.so.2 (0xb7e94000)
libldap-2.3.so.0 => /usr/lib/libldap-2.3.so.0 (0xb7e5e000)
liblber-2.3.so.0 => /usr/lib/liblber-2.3.so.0 (0xb7e51000)
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7e3a000)
libdl.so.2 => /lib/libdl.so.2 (0xb7e36000)
libresolv.so.2 => /lib/libresolv.so.2 (0xb7e23000)
libssl.so.0 => /usr/lib/libssl.so.0 (0xb7de2000)
libcrypto.so.0 => /usr/lib/libcrypto.so.0 (0xb7ca5000)
librt.so.1 => /lib/librt.so.1 (0xb7c9b000)
libz.so.1 => /usr/lib/libz.so.1 (0xb7c87000)
libc.so.6 => /lib/libc.so.6 (0xb7b3b000)
/lib/ld-linux.so.2 (0xb8017000)
libpthread.so.0 => /lib/libpthread.so.0 (0xb7b24000)
TIA
--
Marco Maggi
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
