aboutsummaryrefslogtreecommitdiff
path: root/src/IO
diff options
context:
space:
mode:
Diffstat (limited to 'src/IO')
-rw-r--r--src/IO/tls.c18
-rw-r--r--src/IO/tls.h3
-rw-r--r--src/IO/tls_mbedtls.c11
-rw-r--r--src/IO/tls_mbedtls.h3
-rw-r--r--src/IO/tls_openssl.c21
-rw-r--r--src/IO/tls_openssl.h3
6 files changed, 55 insertions, 4 deletions
diff --git a/src/IO/tls.c b/src/IO/tls.c
index 4c0cfe7e..e91162da 100644
--- a/src/IO/tls.c
+++ b/src/IO/tls.c
@@ -4,7 +4,7 @@
* Copyright (C) 2011 Benjamin Johnson <obeythepenguin@users.sourceforge.net>
* (for the https code offered from dplus browser that formed the basis...)
* Copyright 2016 corvid
- * Copyright (C) 2023 Rodrigo Arias Mallo <rodarima@gmail.com>
+ * Copyright (C) 2023-2024 Rodrigo Arias Mallo <rodarima@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -26,6 +26,22 @@
#include "tls_mbedtls.h"
/**
+ * Get the version of the TLS library.
+ */
+const char *a_Tls_version(char *buf, int n)
+{
+#if ! defined(ENABLE_TLS)
+ return NULL;
+#elif defined(HAVE_OPENSSL)
+ return a_Tls_openssl_version(buf, n);
+#elif defined(HAVE_MBEDTLS)
+ return a_Tls_mbedtls_version(buf, n);
+#else
+# error "no TLS library found but ENABLE_TLS set"
+#endif
+}
+
+/**
* Initialize TLS library.
*/
void a_Tls_init(void)
diff --git a/src/IO/tls.h b/src/IO/tls.h
index 500b2421..0d50c05b 100644
--- a/src/IO/tls.h
+++ b/src/IO/tls.h
@@ -4,7 +4,7 @@
* Copyright (C) 2011 Benjamin Johnson <obeythepenguin@users.sourceforge.net>
* (for the https code offered from dplus browser that formed the basis...)
* Copyright 2016 corvid
- * Copyright (C) 2023 Rodrigo Arias Mallo <rodarima@gmail.com>
+ * Copyright (C) 2023-2024 Rodrigo Arias Mallo <rodarima@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -31,6 +31,7 @@ extern "C" {
#define TLS_CONNECT_NOT_YET 0
#define TLS_CONNECT_READY 1
+const char *a_Tls_version(char *buf, int n);
void a_Tls_init(void);
int a_Tls_certificate_is_clean(const DilloUrl *url);
int a_Tls_connect_ready(const DilloUrl *url);
diff --git a/src/IO/tls_mbedtls.c b/src/IO/tls_mbedtls.c
index fed7bd01..3e877e4a 100644
--- a/src/IO/tls_mbedtls.c
+++ b/src/IO/tls_mbedtls.c
@@ -355,6 +355,17 @@ static void Tls_remove_psk_ciphersuites()
mbedtls_ssl_conf_ciphersuites(&ssl_conf, our_ciphers);
}
+const char *a_Tls_mbedtls_version(char *buf, int n)
+{
+ char ver[128]; /* Only 9 characters needed */
+ mbedtls_version_get_string(ver);
+
+ int k = snprintf(buf, n, "mbedTLS/%s", ver);
+ if (k >= n)
+ return "mbedTLS/?";
+ return buf;
+}
+
/*
* Initialize the mbed TLS library.
*/
diff --git a/src/IO/tls_mbedtls.h b/src/IO/tls_mbedtls.h
index 8ce16318..16e50803 100644
--- a/src/IO/tls_mbedtls.h
+++ b/src/IO/tls_mbedtls.h
@@ -4,7 +4,7 @@
* Copyright (C) 2011 Benjamin Johnson <obeythepenguin@users.sourceforge.net>
* (for the https code offered from dplus browser that formed the basis...)
* Copyright 2016 corvid
- * Copyright (C) 2023 Rodrigo Arias Mallo <rodarima@gmail.com>
+ * Copyright (C) 2023-2024 Rodrigo Arias Mallo <rodarima@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -21,6 +21,7 @@ extern "C" {
#include "../url.h"
+const char *a_Tls_mbedtls_version(char *buf, int n);
void a_Tls_mbedtls_init(void);
int a_Tls_mbedtls_certificate_is_clean(const DilloUrl *url);
int a_Tls_mbedtls_connect_ready(const DilloUrl *url);
diff --git a/src/IO/tls_openssl.c b/src/IO/tls_openssl.c
index 5ad12b8c..9098287a 100644
--- a/src/IO/tls_openssl.c
+++ b/src/IO/tls_openssl.c
@@ -246,6 +246,27 @@ static void Tls_load_certificates(void)
;
}
+const char *a_Tls_openssl_version(char *buf, int n)
+{
+ /* Ugly hack to replace "OpenSSL 3.4.0 22 Oct 2024" with
+ * "OpenSSL/3.4.0". It also works for LibreSSL. */
+ const char *ver = OpenSSL_version(OPENSSL_VERSION);
+ if (snprintf(buf, n, "%s", ver) >= n)
+ return "OpenSSL/?";
+
+ char *ossl = buf;
+ char *sp1 = strchr(ossl, ' ');
+ if (sp1) {
+ *sp1 = '/';
+ char *sp2 = strchr(ossl, ' ');
+ if (sp2) {
+ *sp2 = '\0';
+ }
+ }
+
+ return buf;
+}
+
/*
* Initialize the OpenSSL library.
*/
diff --git a/src/IO/tls_openssl.h b/src/IO/tls_openssl.h
index edde93ef..c7fa4167 100644
--- a/src/IO/tls_openssl.h
+++ b/src/IO/tls_openssl.h
@@ -8,7 +8,7 @@
* (for the certificate hostname checking from wget)
* Copyright (C) 2011 Benjamin Johnson <obeythepenguin@users.sourceforge.net>
* (for the https code offered from dplus browser that formed the basis...)
- * Copyright (C) 2023 Rodrigo Arias Mallo <rodarima@gmail.com>
+ * Copyright (C) 2023-2024 Rodrigo Arias Mallo <rodarima@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -31,6 +31,7 @@ extern "C" {
#include "../url.h"
+const char *a_Tls_openssl_version(char *buf, int n);
void a_Tls_openssl_init(void);
int a_Tls_openssl_certificate_is_clean(const DilloUrl *url);
int a_Tls_openssl_connect_ready(const DilloUrl *url);