diff options
author | Johannes Schindelin <johannes.schindelin@gmx.de> | 2017-06-20 11:32:53 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2017-08-28 14:56:56 +0200 |
commit | 937899a3b8e1124df7a66b83925349d5c9f9e5a9 (patch) | |
tree | 8669ed778f44b2e382de82a177cc576e933f2d8f /lib/vtls/darwinssl.c | |
parent | 0a083a66bcae51a485d45ba416eac1d1fbe4ca15 (diff) |
vtls: convert the have_curlssl_* constants to runtime flags
The entire idea of introducing the Curl_ssl struct to describe SSL
backends is to prepare for choosing the SSL backend at runtime.
To that end, convert all the #ifdef have_curlssl_* style conditionals
to use bit flags instead.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Diffstat (limited to 'lib/vtls/darwinssl.c')
-rw-r--r-- | lib/vtls/darwinssl.c | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c index 23be96a20..4d755d6b6 100644 --- a/lib/vtls/darwinssl.c +++ b/lib/vtls/darwinssl.c @@ -118,6 +118,24 @@ #define ioErr -36 #define paramErr -50 +/* pinned public key support tests */ + +/* version 1 supports macOS 10.12+ and iOS 10+ */ +#if ((TARGET_OS_IPHONE && __IPHONE_OS_VERSION_MIN_REQUIRED >= 100000) || \ + (!TARGET_OS_IPHONE && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101200)) +#define DARWIN_SSL_PINNEDPUBKEY_V1 1 +#endif + +/* version 2 supports MacOSX 10.7+ */ +#if (!TARGET_OS_IPHONE && __MAC_OS_X_VERSION_MIN_REQUIRED >= 1070) +#define DARWIN_SSL_PINNEDPUBKEY_V2 1 +#endif + +#if defined(DARWIN_SSL_PINNEDPUBKEY_V1) || defined(DARWIN_SSL_PINNEDPUBKEY_V2) +/* this backend supports CURLOPT_PINNEDPUBLICKEY */ +#define DARWIN_SSL_PINNEDPUBKEY 1 +#endif /* DARWIN_SSL_PINNEDPUBKEY */ + #ifdef DARWIN_SSL_PINNEDPUBKEY /* both new and old APIs return rsa keys missing the spki header (not DER) */ static const unsigned char rsa4096SpkiHeader[] = { @@ -2860,6 +2878,15 @@ static ssize_t darwinssl_recv(struct connectdata *conn, const struct Curl_ssl Curl_ssl_darwinssl = { "darwinssl", /* name */ + 0, /* have_ca_path */ + 0, /* have_certinfo */ +#ifdef DARWIN_SSL_PINNEDPUBKEY + 1, /* have_pinnedpubkey */ +#else + 0, /* have_pinnedpubkey */ +#endif /* DARWIN_SSL_PINNEDPUBKEY */ + 0, /* have_ssl_ctx */ + Curl_none_init, /* init */ Curl_none_cleanup, /* cleanup */ Curl_darwinssl_version, /* version */ |