winhttp: Support querying the cipher strength of an SSL connection.

2024-10-14 21:39:43 +00:00 · 2010-09-29 09:54:34 -07:00 · 2010-09-29 09:54:34 -07:00 · 4127062a3e
parent 302dd345fe
commit 4127062a3e
3 changed files with 22 additions and 2 deletions
--- a/dlls/winhttp/net.c
+++ b/dlls/winhttp/net.c
@ -124,6 +124,8 @@ MAKE_FUNCPTR( SSL_get_ex_data_X509_STORE_CTX_idx );
 MAKE_FUNCPTR( SSL_get_peer_certificate );
 MAKE_FUNCPTR( SSL_CTX_set_default_verify_paths );
 MAKE_FUNCPTR( SSL_CTX_set_verify );
+MAKE_FUNCPTR( SSL_get_current_cipher );
+MAKE_FUNCPTR( SSL_CIPHER_get_bits );

 MAKE_FUNCPTR( CRYPTO_num_locks );
 MAKE_FUNCPTR( CRYPTO_set_id_callback );
@ -464,6 +466,8 @@ BOOL netconn_init( netconn_t *conn, BOOL secure )
    LOAD_FUNCPTR( SSL_get_peer_certificate );
    LOAD_FUNCPTR( SSL_CTX_set_default_verify_paths );
    LOAD_FUNCPTR( SSL_CTX_set_verify );
+    LOAD_FUNCPTR( SSL_get_current_cipher );
+    LOAD_FUNCPTR( SSL_CIPHER_get_bits );
 #undef LOAD_FUNCPTR

 #define LOAD_FUNCPTR(x) \
@ -1067,3 +1071,18 @@ const void *netconn_get_certificate( netconn_t *conn )
    return NULL;
 #endif
 }
+
+int netconn_get_cipher_strength( netconn_t *conn )
+{
+#ifdef SONAME_LIBSSL
+    SSL_CIPHER *cipher;
+    int bits = 0;
+
+    if (!conn->secure) return 0;
+    if (!(cipher = pSSL_get_current_cipher( conn->ssl_conn ))) return 0;
+    pSSL_CIPHER_get_bits( cipher, &bits );
+    return bits;
+#else
+    return 0;
+#endif
+}
--- a/dlls/winhttp/session.c
+++ b/dlls/winhttp/session.c
@ -641,7 +641,7 @@ static BOOL request_query_option( object_header_t *hdr, DWORD option, LPVOID buf
        else
            ci->lpszSignatureAlgName  = NULL;
        ci->lpszEncryptionAlgName = NULL;
-        ci->dwKeySize = 128;
+        ci->dwKeySize = netconn_get_cipher_strength( &request->netconn );

        CertFreeCertificateContext( cert );
        *buflen = sizeof(*ci);
@ -656,7 +656,7 @@ static BOOL request_query_option( object_header_t *hdr, DWORD option, LPVOID buf
            return FALSE;
        }

-        *(DWORD *)buffer = 128; /* FIXME */
+        *(DWORD *)buffer = netconn_get_cipher_strength( &request->netconn );
        *buflen = sizeof(DWORD);
        return TRUE;
    }
--- a/dlls/winhttp/winhttp_private.h
+++ b/dlls/winhttp/winhttp_private.h
@ -229,6 +229,7 @@ BOOL netconn_secure_connect( netconn_t *, WCHAR * );
 BOOL netconn_send( netconn_t *, const void *, size_t, int, int * );
 DWORD netconn_set_timeout( netconn_t *, BOOL, int );
 const void *netconn_get_certificate( netconn_t * );
+int netconn_get_cipher_strength( netconn_t * );

 BOOL set_cookies( request_t *, const WCHAR * );
 BOOL add_cookie_headers( request_t * );