From 4127062a3eaf9938aafc7b3c4909d3298e11a156 Mon Sep 17 00:00:00 2001
From: Juan Lang <juan.lang@gmail.com>
Date: Wed, 29 Sep 2010 09:54:34 -0700
Subject: [PATCH] winhttp: Support querying the cipher strength of an SSL
 connection.

---
 dlls/winhttp/net.c             | 19 +++++++++++++++++++
 dlls/winhttp/session.c         |  4 ++--
 dlls/winhttp/winhttp_private.h |  1 +
 3 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/dlls/winhttp/net.c b/dlls/winhttp/net.c
index 4812979199c..7db7a66ca82 100644
--- a/dlls/winhttp/net.c
+++ b/dlls/winhttp/net.c
@@ -124,6 +124,8 @@ MAKE_FUNCPTR( SSL_get_ex_data_X509_STORE_CTX_idx );
 MAKE_FUNCPTR( SSL_get_peer_certificate );
 MAKE_FUNCPTR( SSL_CTX_set_default_verify_paths );
 MAKE_FUNCPTR( SSL_CTX_set_verify );
+MAKE_FUNCPTR( SSL_get_current_cipher );
+MAKE_FUNCPTR( SSL_CIPHER_get_bits );
 
 MAKE_FUNCPTR( CRYPTO_num_locks );
 MAKE_FUNCPTR( CRYPTO_set_id_callback );
@@ -464,6 +466,8 @@ BOOL netconn_init( netconn_t *conn, BOOL secure )
     LOAD_FUNCPTR( SSL_get_peer_certificate );
     LOAD_FUNCPTR( SSL_CTX_set_default_verify_paths );
     LOAD_FUNCPTR( SSL_CTX_set_verify );
+    LOAD_FUNCPTR( SSL_get_current_cipher );
+    LOAD_FUNCPTR( SSL_CIPHER_get_bits );
 #undef LOAD_FUNCPTR
 
 #define LOAD_FUNCPTR(x) \
@@ -1067,3 +1071,18 @@ const void *netconn_get_certificate( netconn_t *conn )
     return NULL;
 #endif
 }
+
+int netconn_get_cipher_strength( netconn_t *conn )
+{
+#ifdef SONAME_LIBSSL
+    SSL_CIPHER *cipher;
+    int bits = 0;
+
+    if (!conn->secure) return 0;
+    if (!(cipher = pSSL_get_current_cipher( conn->ssl_conn ))) return 0;
+    pSSL_CIPHER_get_bits( cipher, &bits );
+    return bits;
+#else
+    return 0;
+#endif
+}
diff --git a/dlls/winhttp/session.c b/dlls/winhttp/session.c
index 7f6350f7ea5..ef4ef086b1f 100644
--- a/dlls/winhttp/session.c
+++ b/dlls/winhttp/session.c
@@ -641,7 +641,7 @@ static BOOL request_query_option( object_header_t *hdr, DWORD option, LPVOID buf
         else
             ci->lpszSignatureAlgName  = NULL;
         ci->lpszEncryptionAlgName = NULL;
-        ci->dwKeySize = 128;
+        ci->dwKeySize = netconn_get_cipher_strength( &request->netconn );
 
         CertFreeCertificateContext( cert );
         *buflen = sizeof(*ci);
@@ -656,7 +656,7 @@ static BOOL request_query_option( object_header_t *hdr, DWORD option, LPVOID buf
             return FALSE;
         }
 
-        *(DWORD *)buffer = 128; /* FIXME */
+        *(DWORD *)buffer = netconn_get_cipher_strength( &request->netconn );
         *buflen = sizeof(DWORD);
         return TRUE;
     }
diff --git a/dlls/winhttp/winhttp_private.h b/dlls/winhttp/winhttp_private.h
index c2dfdbe390f..5da3ae1d547 100644
--- a/dlls/winhttp/winhttp_private.h
+++ b/dlls/winhttp/winhttp_private.h
@@ -229,6 +229,7 @@ BOOL netconn_secure_connect( netconn_t *, WCHAR * );
 BOOL netconn_send( netconn_t *, const void *, size_t, int, int * );
 DWORD netconn_set_timeout( netconn_t *, BOOL, int );
 const void *netconn_get_certificate( netconn_t * );
+int netconn_get_cipher_strength( netconn_t * );
 
 BOOL set_cookies( request_t *, const WCHAR * );
 BOOL add_cookie_headers( request_t * );