diff options
Diffstat (limited to 'lib/vtls')
| -rw-r--r-- | lib/vtls/axtls.c | 10 | ||||
| -rw-r--r-- | lib/vtls/cyassl.c | 9 | ||||
| -rw-r--r-- | lib/vtls/darwinssl.c | 10 | ||||
| -rw-r--r-- | lib/vtls/gskit.c | 10 | ||||
| -rw-r--r-- | lib/vtls/gtls.c | 9 | ||||
| -rw-r--r-- | lib/vtls/mbedtls.c | 10 | ||||
| -rw-r--r-- | lib/vtls/nss.c | 11 | ||||
| -rw-r--r-- | lib/vtls/openssl.c | 10 | ||||
| -rw-r--r-- | lib/vtls/polarssl.c | 9 | ||||
| -rw-r--r-- | lib/vtls/schannel.c | 7 | ||||
| -rw-r--r-- | lib/vtls/vtls.c | 12 | ||||
| -rw-r--r-- | lib/vtls/vtls.h | 15 |
12 files changed, 43 insertions, 79 deletions
diff --git a/lib/vtls/axtls.c b/lib/vtls/axtls.c index 9294f49ed..5ed898b4f 100644 --- a/lib/vtls/axtls.c +++ b/lib/vtls/axtls.c @@ -6,7 +6,7 @@ * \___|\___/|_| \_\_____| * * Copyright (C) 2010, DirecTV, Contact: Eric Hu, <ehu@directv.com>. - * Copyright (C) 2010 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 2010 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -703,13 +703,7 @@ static void *Curl_axtls_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_axtls = { { CURLSSLBACKEND_AXTLS, "axtls" }, /* info */ - - 0, /* have_ca_path */ - 0, /* have_certinfo */ - 0, /* have_pinnedpubkey */ - 0, /* have_ssl_ctx */ - 0, /* support_https_proxy */ - + 0, /* no fancy stuff */ sizeof(struct ssl_backend_data), /* diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c index 491636dd5..b127dcca8 100644 --- a/lib/vtls/cyassl.c +++ b/lib/vtls/cyassl.c @@ -994,15 +994,10 @@ static void *Curl_cyassl_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_cyassl = { { CURLSSLBACKEND_WOLFSSL, "WolfSSL" }, /* info */ - 0, /* have_ca_path */ - 0, /* have_certinfo */ #ifdef KEEP_PEER_CERT - 1, /* have_pinnedpubkey */ -#else - 0, /* have_pinnedpubkey */ + SSLSUPP_PINNEDPUBKEY | #endif - 1, /* have_ssl_ctx */ - 0, /* support_https_proxy */ + SSLSUPP_SSL_CTX sizeof(struct ssl_backend_data), diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c index 0919f10dc..45fe49d82 100644 --- a/lib/vtls/darwinssl.c +++ b/lib/vtls/darwinssl.c @@ -6,7 +6,7 @@ * \___|\___/|_| \_\_____| * * Copyright (C) 2012 - 2017, Nick Zitzmann, <nickzman@gmail.com>. - * Copyright (C) 2012 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 2012 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -3029,15 +3029,11 @@ static void *Curl_darwinssl_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_darwinssl = { { CURLSSLBACKEND_DARWINSSL, "darwinssl" }, /* info */ - 0, /* have_ca_path */ - 0, /* have_certinfo */ #ifdef DARWIN_SSL_PINNEDPUBKEY - 1, /* have_pinnedpubkey */ + SSLSUPP_PINNEDPUBKEY, #else - 0, /* have_pinnedpubkey */ + 0, #endif /* DARWIN_SSL_PINNEDPUBKEY */ - 0, /* have_ssl_ctx */ - 0, /* support_https_proxy */ sizeof(struct ssl_backend_data), diff --git a/lib/vtls/gskit.c b/lib/vtls/gskit.c index afc90a859..a770565c1 100644 --- a/lib/vtls/gskit.c +++ b/lib/vtls/gskit.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -1353,12 +1353,8 @@ static void *Curl_gskit_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_gskit = { { CURLSSLBACKEND_GSKIT, "gskit" }, /* info */ - 0, /* have_ca_path */ - 1, /* have_certinfo */ - 1, /* have_pinnedpubkey */ - 0, /* have_ssl_ctx */ - /* TODO: convert to 1 and fix test #1014 (if need) */ - 0, /* support_https_proxy */ + SSLSUPP_CERTINFO | + SSLSUPP_PINNEDPUBKEY sizeof(struct ssl_backend_data), diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 688e83807..207b0fd1b 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -1802,11 +1802,10 @@ static void *Curl_gtls_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_gnutls = { { CURLSSLBACKEND_GNUTLS, "gnutls" }, /* info */ - 1, /* have_ca_path */ - 1, /* have_certinfo */ - 1, /* have_pinnedpubkey */ - 0, /* have_ssl_ctx */ - 1, /* support_https_proxy */ + SSLSUPP_CA_PATH | + SSLSUPP_CERTINFO | + SSLSUPP_PINNEDPUBKEY | + SSLSUPP_HTTPS_PROXY, sizeof(struct ssl_backend_data), diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index e76e19b09..4ec9fa18e 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -6,7 +6,7 @@ * \___|\___/|_| \_\_____| * * Copyright (C) 2010 - 2011, Hoi-Ho Chan, <hoiho.chan@gmail.com> - * Copyright (C) 2012 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 2012 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -1049,11 +1049,9 @@ static void *Curl_mbedtls_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_mbedtls = { { CURLSSLBACKEND_MBEDTLS, "mbedtls" }, /* info */ - 1, /* have_ca_path */ - 0, /* have_certinfo */ - 1, /* have_pinnedpubkey */ - 1, /* have_ssl_ctx */ - 0, /* support_https_proxy */ + SSLSUPP_CA_PATH | + SSLSUPP_PINNEDPUBKEY | + SSLSUPP_SSL_CTX, sizeof(struct ssl_backend_data), diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c index edbacc671..7cd450cda 100644 --- a/lib/vtls/nss.c +++ b/lib/vtls/nss.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -2357,11 +2357,10 @@ static void *Curl_nss_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_nss = { { CURLSSLBACKEND_NSS, "nss" }, /* info */ - 1, /* have_ca_path */ - 1, /* have_certinfo */ - 1, /* have_pinnedpubkey */ - 0, /* have_ssl_ctx */ - 1, /* support_https_proxy */ + SSLSUPP_CA_PATH | + SSLSUPP_CERTINFO | + SSLSUPP_PINNEDPUBKEY | + SSLSUPP_HTTPS_PROXY, sizeof(struct ssl_backend_data), diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 80e9bf940..f6d647e1e 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -3724,11 +3724,11 @@ static void *Curl_ossl_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_openssl = { { CURLSSLBACKEND_OPENSSL, "openssl" }, /* info */ - 1, /* have_ca_path */ - 1, /* have_certinfo */ - 1, /* have_pinnedpubkey */ - 1, /* have_ssl_ctx */ - 1, /* support_https_proxy */ + SSLSUPP_CA_PATH | + SSLSUPP_CERTINFO | + SSLSUPP_PINNEDPUBKEY | + SSLSUPP_SSL_CTX | + SSLSUPP_HTTPS_PROXY, sizeof(struct ssl_backend_data), diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c index 811cdc2fb..604cb4c86 100644 --- a/lib/vtls/polarssl.c +++ b/lib/vtls/polarssl.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2012 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 2012 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 2010 - 2011, Hoi-Ho Chan, <hoiho.chan@gmail.com> * * This software is licensed as described in the file COPYING, which @@ -900,11 +900,8 @@ static void *Curl_polarssl_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_polarssl = { { CURLSSLBACKEND_POLARSSL, "polarssl" }, /* info */ - 1, /* have_ca_path */ - 0, /* have_certinfo */ - 1, /* have_pinnedpubkey */ - 0, /* have_ssl_ctx */ - 0, /* support_https_proxy */ + SSLSUPP_CA_PATH | + SSLSUPP_PINNEDPUBKEY, sizeof(struct ssl_backend_data), diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 01f6f6691..548f4e316 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -1923,11 +1923,8 @@ static void *Curl_schannel_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_schannel = { { CURLSSLBACKEND_SCHANNEL, "schannel" }, /* info */ - 0, /* have_ca_path */ - 1, /* have_certinfo */ - 1, /* have_pinnedpubkey */ - 0, /* have_ssl_ctx */ - 0, /* support_https_proxy */ + SSLSUPP_CERTINFO | + SSLSUPP_PINNEDPUBKEY sizeof(struct ssl_backend_data), diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index 1745fd882..ee5bc7a0a 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -211,7 +211,7 @@ ssl_connect_init_proxy(struct connectdata *conn, int sockindex) !conn->proxy_ssl[sockindex].use) { struct ssl_backend_data *pbdata; - if(!Curl_ssl->support_https_proxy) + if(!(Curl_ssl->supports & SSLSUPP_HTTPS_PROXY)) return CURLE_NOT_BUILT_IN; /* The pointers to the ssl backend data, which is opaque here, are swapped @@ -1131,13 +1131,7 @@ static void Curl_multissl_close(struct connectdata *conn, int sockindex) static const struct Curl_ssl Curl_ssl_multi = { { CURLSSLBACKEND_NONE, "multi" }, /* info */ - - 0, /* have_ca_path */ - 0, /* have_certinfo */ - 0, /* have_pinnedpubkey */ - 0, /* have_ssl_ctx */ - 0, /* support_https_proxy */ - + 0, /* supports nothing */ (size_t)-1, /* something insanely large to be on the safe side */ Curl_multissl_init, /* init */ diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h index 5c3146ee9..e7b87c4d3 100644 --- a/lib/vtls/vtls.h +++ b/lib/vtls/vtls.h @@ -26,20 +26,19 @@ struct connectdata; struct ssl_connect_data; +#define SSLSUPP_CA_PATH (1<<0) /* supports CAPATH */ +#define SSLSUPP_CERTINFO (1<<1) /* supports CURLOPT_CERTINFO */ +#define SSLSUPP_PINNEDPUBKEY (1<<2) /* supports CURLOPT_PINNEDPUBLICKEY */ +#define SSLSUPP_SSL_CTX (1<<3) /* supports CURLOPT_SSL_CTX */ +#define SSLSUPP_HTTPS_PROXY (1<<4) /* supports access via HTTPS proxies */ + struct Curl_ssl { /* * This *must* be the first entry to allow returning the list of available * backends in curl_global_sslset(). */ curl_ssl_backend info; - - unsigned have_ca_path:1; /* supports CAPATH */ - unsigned have_certinfo:1; /* supports CURLOPT_CERTINFO */ - unsigned have_pinnedpubkey:1; /* supports CURLOPT_PINNEDPUBLICKEY */ - unsigned have_ssl_ctx:1; /* supports CURLOPT_SSL_CTX_* */ - - unsigned support_https_proxy:1; /* supports access via HTTPS proxies */ - + unsigned int supports; /* bitfield, see above */ size_t sizeof_ssl_backend_data; int (*init)(void); |