From 887aeb6a097b73165658e00313eeec8728022d8e Mon Sep 17 00:00:00 2001
From: Juan Lang <juan.lang@gmail.com>
Date: Thu, 30 Sep 2010 13:18:07 -0700
Subject: [PATCH] wininet: Support querying the cipher strength of an SSL
 connection.

---
 dlls/wininet/http.c          |  1 +
 dlls/wininet/internet.h      |  1 +
 dlls/wininet/netconnection.c | 22 ++++++++++++++++++++++
 dlls/wininet/tests/http.c    |  4 ----
 4 files changed, 24 insertions(+), 4 deletions(-)

diff --git a/dlls/wininet/http.c b/dlls/wininet/http.c
index 992a82742cd..a15977a2a1b 100644
--- a/dlls/wininet/http.c
+++ b/dlls/wininet/http.c
@@ -1847,6 +1847,7 @@ static DWORD HTTPREQ_QueryOption(object_header_t *hdr, DWORD option, void *buffe
                 CertNameToStrA(context->dwCertEncodingType,
                          &context->pCertInfo->Issuer, CERT_SIMPLE_NAME_STR,
                          info->lpszIssuerInfo, len);
+            info->dwKeySize = NETCON_GetCipherStrength(&req->netConnection);
             CertFreeCertificateContext(context);
             return ERROR_SUCCESS;
         }
diff --git a/dlls/wininet/internet.h b/dlls/wininet/internet.h
index 109179fa63e..86b16bda2a6 100644
--- a/dlls/wininet/internet.h
+++ b/dlls/wininet/internet.h
@@ -460,6 +460,7 @@ DWORD NETCON_recv(WININET_NETCONNECTION *connection, void *buf, size_t len, int
 		int *recvd /* out */);
 BOOL NETCON_query_data_available(WININET_NETCONNECTION *connection, DWORD *available);
 LPCVOID NETCON_GetCert(WININET_NETCONNECTION *connection);
+int NETCON_GetCipherStrength(WININET_NETCONNECTION *connection);
 DWORD NETCON_set_timeout(WININET_NETCONNECTION *connection, BOOL send, int value);
 int sock_get_error(int);
 
diff --git a/dlls/wininet/netconnection.c b/dlls/wininet/netconnection.c
index 004b213020e..a1c30903f90 100644
--- a/dlls/wininet/netconnection.c
+++ b/dlls/wininet/netconnection.c
@@ -150,6 +150,8 @@ MAKE_FUNCPTR(SSL_CTX_get_timeout);
 MAKE_FUNCPTR(SSL_CTX_set_timeout);
 MAKE_FUNCPTR(SSL_CTX_set_default_verify_paths);
 MAKE_FUNCPTR(SSL_CTX_set_verify);
+MAKE_FUNCPTR(SSL_get_current_cipher);
+MAKE_FUNCPTR(SSL_CIPHER_get_bits);
 MAKE_FUNCPTR(X509_STORE_CTX_get_ex_data);
 
 /* OpenSSL's libcrypto functions that we use */
@@ -427,6 +429,8 @@ DWORD NETCON_init(WININET_NETCONNECTION *connection, BOOL useSSL)
 	DYNSSL(SSL_CTX_set_timeout);
 	DYNSSL(SSL_CTX_set_default_verify_paths);
 	DYNSSL(SSL_CTX_set_verify);
+        DYNSSL(SSL_get_current_cipher);
+        DYNSSL(SSL_CIPHER_get_bits);
 	DYNSSL(X509_STORE_CTX_get_ex_data);
 #undef DYNSSL
 
@@ -868,6 +872,24 @@ LPCVOID NETCON_GetCert(WININET_NETCONNECTION *connection)
 #endif
 }
 
+int NETCON_GetCipherStrength(WININET_NETCONNECTION *connection)
+{
+#ifdef SONAME_LIBSSL
+    SSL_CIPHER *cipher;
+    int bits = 0;
+
+    if (!connection->useSSL)
+        return 0;
+    cipher = pSSL_get_current_cipher(connection->ssl_s);
+    if (!cipher)
+        return 0;
+    pSSL_CIPHER_get_bits(cipher, &bits);
+    return bits;
+#else
+    return 0;
+#endif
+}
+
 DWORD NETCON_set_timeout(WININET_NETCONNECTION *connection, BOOL send, int value)
 {
     int result;
diff --git a/dlls/wininet/tests/http.c b/dlls/wininet/tests/http.c
index d06cdf233df..1236d3020f3 100644
--- a/dlls/wininet/tests/http.c
+++ b/dlls/wininet/tests/http.c
@@ -2622,7 +2622,6 @@ static void test_secure_connection(void)
            "unexpected encryption algorithm name\n");
         ok(!certificate_structA->lpszProtocolName,
            "unexpected protocol name\n");
-        todo_wine
         ok(certificate_structA->dwKeySize, "expected a non-zero key size\n");
     }
     HeapFree(GetProcessHeap(), 0, certificate_structA);
@@ -2653,7 +2652,6 @@ static void test_secure_connection(void)
            "unexpected encryption algorithm name\n");
         ok(!certificate_structA->lpszProtocolName,
            "unexpected protocol name\n");
-        todo_wine
         ok(certificate_structA->dwKeySize, "expected a non-zero key size\n");
     }
     HeapFree(GetProcessHeap(), 0, certificate_structW);
@@ -2705,7 +2703,6 @@ static void test_secure_connection(void)
            "unexpected encryption algorithm name\n");
         ok(!certificate_structA->lpszProtocolName,
            "unexpected protocol name\n");
-        todo_wine
         ok(certificate_structA->dwKeySize, "expected a non-zero key size\n");
     }
     HeapFree(GetProcessHeap(), 0, certificate_structA);
@@ -2736,7 +2733,6 @@ static void test_secure_connection(void)
            "unexpected encryption algorithm name\n");
         ok(!certificate_structA->lpszProtocolName,
            "unexpected protocol name\n");
-        todo_wine
         ok(certificate_structA->dwKeySize, "expected a non-zero key size\n");
     }
     HeapFree(GetProcessHeap(), 0, certificate_structW);