diff options
author | Daniel Stenberg <daniel@haxx.se> | 2014-10-29 20:43:44 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2014-10-29 22:42:46 +0100 |
commit | 697aa67d1837e830f109186fbd63966081d8ef24 (patch) | |
tree | 1145a0f20457247500f5b747e61b376357ed19dd | |
parent | e62e77426f3c71311dd1522ceb59b1c7298da105 (diff) |
openssl: enable NPN separately from ALPN
... and allow building with nghttp2 but completely without NPN and ALPN,
as nghttp2 can still be used for plain-text HTTP.
Reported-by: Lucas Pardue
-rw-r--r-- | lib/vtls/openssl.c | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index f0f076e41..189ad508f 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -1423,13 +1423,19 @@ static void ssl_tls_trace(int direction, int ssl_ver, int content_type, /* Check for OpenSSL 1.0.2 which has ALPN support. */ #undef HAS_ALPN #if OPENSSL_VERSION_NUMBER >= 0x10002000L \ - && !defined(OPENSSL_NO_NEXTPROTONEG) \ && !defined(OPENSSL_NO_TLSEXT) -# define HAS_ALPN -#else -# error http2 builds require OpenSSL with ALPN support! +# define HAS_ALPN 1 +#endif + +/* Check for OpenSSL 1.0.1 which has NPN support. */ +#undef HAS_NPN +#if OPENSSL_VERSION_NUMBER >= 0x10001000L \ + && !defined(OPENSSL_NO_TLSEXT) \ + && !defined(OPENSSL_NO_NEXTPROTONEG) +# define HAS_NPN 1 #endif +#ifdef HAS_NPN /* * in is a list of lenght prefixed strings. this function has to select @@ -1464,6 +1470,7 @@ select_next_proto_cb(SSL *ssl, return SSL_TLSEXT_ERR_OK; } +#endif /* HAS_NPN */ #endif static const char * @@ -1711,10 +1718,12 @@ ossl_connect_step1(struct connectdata *conn, #ifdef USE_NGHTTP2 if(data->set.httpversion == CURL_HTTP_VERSION_2_0) { +#ifdef HAS_NPN if(data->set.ssl_enable_npn) { SSL_CTX_set_next_proto_select_cb(connssl->ctx, select_next_proto_cb, - conn); + conn); } +#endif #ifdef HAS_ALPN if(data->set.ssl_enable_alpn) { |