This may then be used to extract certificate information in a format
convenient for further processing, such as manual validation. NOTE: this
option may not be available for all SSL backends; unsupported SSL backends
-will return 'CURLSSLBACKEND_NONE' to indicate that they are not supported;
-this does not mean that no SSL backend was used.
+will always return NULL in the \fIinternals\fP pointer to indicate that they
+are not supported.
.nf
struct curl_tlssessioninfo {
};
.fi
+The \fIbackend\fP struct member is one of the defines in the CURLSSLBACKEND_*
+series: CURLSSLBACKEND_NONE (when built without TLS support),
+CURLSSLBACKEND_OPENSSL, CURLSSLBACKEND_GNUTLS, CURLSSLBACKEND_NSS,
+CURLSSLBACKEND_GSKIT, CURLSSLBACKEND_POLARSSL, CURLSSLBACKEND_CYASSL,
+CURLSSLBACKEND_SCHANNEL, CURLSSLBACKEND_DARWINSSL or
+CURLSSLBACKEND_AXTLS. (Note that the OpenSSL forks are all reported as just
+OpenSSL here.)
+
The \fIinternals\fP struct member will point to a TLS library specific pointer
with the following underlying types:
.RS
void *internals = NULL;
*tsip = tsi;
- tsi->backend = CURLSSLBACKEND_NONE;
+ tsi->backend = Curl_ssl_backend();
tsi->internals = NULL;
if(!conn)
internals = conn->ssl[sockindex].handle;
#endif
if(internals) {
- tsi->backend = Curl_ssl_backend();
tsi->internals = internals;
}
/* NOTE: For other SSL backends, it is not immediately clear what data
- to return from 'struct ssl_connect_data'; thus, for now we keep the
- backend as CURLSSLBACKEND_NONE in those cases, which should be
- interpreted as "not supported" */
+ to return from 'struct ssl_connect_data'; thus we keep 'internals' to
+ NULL which should be interpreted as "not supported" */
}
break;
default:
projects / curl / commitdiff