diff options
| -rw-r--r-- | lib/urldata.h | 3 | ||||
| -rw-r--r-- | lib/vtls/mbedtls.c | 10 |
2 files changed, 8 insertions, 5 deletions
diff --git a/lib/urldata.h b/lib/urldata.h index e7341ac0f..ab26c0111 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -297,6 +297,7 @@ struct ssl_connect_data { mbedtls_x509_crl crl; mbedtls_pk_context pk; mbedtls_ssl_config config; + const char *protocols[3]; #elif defined(USE_POLARSSL) ctr_drbg_context ctr_drbg; entropy_context entropy; diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index cc71f59d9..cf8996786 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -384,19 +384,21 @@ mbedtls_connect_step1(struct connectdata *conn, #ifdef HAS_ALPN if(data->set.ssl_enable_alpn) { - const char *protocols[3]; - const char **p = protocols; + const char **p = &connssl->protocols[0]; #ifdef USE_NGHTTP2 if(data->set.httpversion >= CURL_HTTP_VERSION_2) *p++ = NGHTTP2_PROTO_VERSION_ID; #endif *p++ = ALPN_HTTP_1_1; *p = NULL; - if(mbedtls_ssl_conf_alpn_protocols(&connssl->config, protocols)) { + /* this function doesn't clone the protocols array, which is why we need + to keep it around */ + if(mbedtls_ssl_conf_alpn_protocols(&connssl->config, + &connssl->protocols[0])) { failf(data, "Failed setting ALPN protocols"); return CURLE_SSL_CONNECT_ERROR; } - for(p = protocols; *p; ++p) + for(p = &connssl->protocols[0]; *p; ++p) infof(data, "ALPN, offering %s\n", *p); } #endif |