diff options
author | Daniel Stenberg <daniel@haxx.se> | 2016-05-09 16:50:11 +0200 |
---|---|---|
committer | Jay Satiro <raysatiro@yahoo.com> | 2016-05-09 15:30:25 -0400 |
commit | f6767f5435f4c8230b382f18d4a2917ae37641d5 (patch) | |
tree | 40839e6a1367ede5506d77484a7b30e818d4709c /lib/urldata.h | |
parent | 5bf5f6ebfcede78ef7c2b16daa41c4b7ba266087 (diff) |
TLS: move the ALPN/NPN enable bits to the connection
Only protocols that actually have a protocol registered for ALPN and NPN
should try to get that negotiated in the TLS handshake. That is only
HTTPS (well, http/1.1 and http/2) right now. Previously ALPN and NPN
would wrongly be used in all handshakes if libcurl was built with it
enabled.
Reported-by: Jay Satiro
Fixes #789
Diffstat (limited to 'lib/urldata.h')
-rw-r--r-- | lib/urldata.h | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/lib/urldata.h b/lib/urldata.h index c0b2e2f7f..25594d3b5 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -544,6 +544,8 @@ struct ConnectBits { bool multiplex; /* connection is multiplexed */ bool tcp_fastopen; /* use TCP Fast Open */ + bool tls_enable_npn; /* TLS NPN extension? */ + bool tls_enable_alpn; /* TLS ALPN extension? */ }; struct hostname { @@ -815,7 +817,7 @@ struct Curl_handler { url query strings (?foo=bar) ! */ #define PROTOPT_CREDSPERREQUEST (1<<7) /* requires login credentials per request instead of per connection */ - +#define PROTOPT_ALPN_NPN (1<<8) /* set ALPN and/or NPN for this */ /* return the count of bytes sent, or -1 on error */ typedef ssize_t (Curl_send)(struct connectdata *conn, /* connection data */ @@ -1671,8 +1673,8 @@ struct UserDefined { size_t maxconnects; /* Max idle connections in the connection cache */ - bool ssl_enable_npn; /* TLS NPN extension? */ - bool ssl_enable_alpn; /* TLS ALPN extension? */ + bool ssl_enable_npn; /* TLS NPN extension? */ + bool ssl_enable_alpn; /* TLS ALPN extension? */ bool path_as_is; /* allow dotdots? */ bool pipewait; /* wait for pipe/multiplex status before starting a new connection */ |