diff options
author | Daniel Stenberg <daniel@haxx.se> | 2016-05-09 16:50:11 +0200 |
---|---|---|
committer | Jay Satiro <raysatiro@yahoo.com> | 2016-05-09 15:30:25 -0400 |
commit | f6767f5435f4c8230b382f18d4a2917ae37641d5 (patch) | |
tree | 40839e6a1367ede5506d77484a7b30e818d4709c /lib/vtls/mbedtls.c | |
parent | 5bf5f6ebfcede78ef7c2b16daa41c4b7ba266087 (diff) |
TLS: move the ALPN/NPN enable bits to the connection
Only protocols that actually have a protocol registered for ALPN and NPN
should try to get that negotiated in the TLS handshake. That is only
HTTPS (well, http/1.1 and http/2) right now. Previously ALPN and NPN
would wrongly be used in all handshakes if libcurl was built with it
enabled.
Reported-by: Jay Satiro
Fixes #789
Diffstat (limited to 'lib/vtls/mbedtls.c')
-rw-r--r-- | lib/vtls/mbedtls.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index 6b26a9747..f0048ef49 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -401,7 +401,7 @@ mbed_connect_step1(struct connectdata *conn, } #ifdef HAS_ALPN - if(data->set.ssl_enable_alpn) { + if(conn->bits.tls_enable_alpn) { const char **p = &connssl->protocols[0]; #ifdef USE_NGHTTP2 if(data->set.httpversion >= CURL_HTTP_VERSION_2) @@ -561,7 +561,7 @@ mbed_connect_step2(struct connectdata *conn, } #ifdef HAS_ALPN - if(data->set.ssl_enable_alpn) { + if(conn->bits.tls_enable_alpn) { next_protocol = mbedtls_ssl_get_alpn_protocol(&connssl->ssl); if(next_protocol) { |