Hi everyone, I got into a situation where i want to check what protocol version and cipher was used for an SSL connection. (HTTPS)
I found CURLINFO_TLS_SESSION and it looked like it might give me access to the information i need, but it does not. When using the OpenSSL backend CURLINFO_TLS_SESSION returns the SSL_CTX. While the CTX contains information that affected the creation of the SSL session. It does not contain any information about the established connection. It contains the list of acceptable ciphers, but not the information what cipher or protocol version was actually used. To probe that information from OpenSSL you need a pointer to the SSL object, which holds the SSL_CTX and not the other way around. Was there a reason for not returning the SSL object, or was it an oversight? Changing the behaviour now feels like a really bad idea, due to the code breaking potential. Is there any alternative? I did not check the other backends as to how consistent the nature of the returned value is. I am only somewhat familiar with CURLSSLBACKEND_SCHANNEL and could check that. Greetings Michael ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
