From 52e8237bfc66a2a8324dbb558c1f0704aa0f8c0e Mon Sep 17 00:00:00 2001
From: Johannes Schindelin <johannes.schindelin@gmx.de>
Date: Fri, 23 Jun 2017 00:22:47 +0200
Subject: vtls: use the Curl_ssl struct to access all SSL backends'
 functionality

This is the first step to unify the SSL backend handling. Now all the
SSL backend-specific functionality is accessed via a global instance of
the Curl_ssl struct.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
---
 lib/vtls/axtls.c     |  2 ++
 lib/vtls/axtls.h     | 17 -----------------
 lib/vtls/cyassl.c    |  2 ++
 lib/vtls/cyassl.h    | 16 ----------------
 lib/vtls/darwinssl.c |  2 ++
 lib/vtls/darwinssl.h | 17 -----------------
 lib/vtls/gskit.c     |  2 ++
 lib/vtls/gskit.h     | 19 -------------------
 lib/vtls/gtls.c      |  1 +
 lib/vtls/gtls.h      | 17 -----------------
 lib/vtls/mbedtls.c   |  2 ++
 lib/vtls/mbedtls.h   | 16 ----------------
 lib/vtls/nss.c       |  1 +
 lib/vtls/nssg.h      | 21 ---------------------
 lib/vtls/openssl.c   |  2 ++
 lib/vtls/openssl.h   | 17 -----------------
 lib/vtls/polarssl.c  |  2 ++
 lib/vtls/polarssl.h  | 20 --------------------
 lib/vtls/schannel.c  |  2 ++
 lib/vtls/schannel.h  | 17 -----------------
 lib/vtls/vtls.c      | 51 +++++++++++++++++++--------------------------------
 lib/vtls/vtls.h      |  4 ++++
 22 files changed, 41 insertions(+), 209 deletions(-)

diff --git a/lib/vtls/axtls.c b/lib/vtls/axtls.c
index 0430d79a9..8004e4ad7 100644
--- a/lib/vtls/axtls.c
+++ b/lib/vtls/axtls.c
@@ -724,4 +724,6 @@ const struct Curl_ssl Curl_ssl_axtls = {
   Curl_none_false_start           /* false_start */
 };
 
+const struct Curl_ssl *Curl_ssl = &Curl_ssl_axtls;
+
 #endif /* USE_AXTLS */
diff --git a/lib/vtls/axtls.h b/lib/vtls/axtls.h
index 71f3c3d1c..8890972c1 100644
--- a/lib/vtls/axtls.h
+++ b/lib/vtls/axtls.h
@@ -51,23 +51,6 @@ extern const struct Curl_ssl Curl_ssl_axtls;
 /* Set the API backend definition to axTLS */
 #define CURL_SSL_BACKEND CURLSSLBACKEND_AXTLS
 
-/* API setup for axTLS */
-#define curlssl_init Curl_axtls_init
-#define curlssl_cleanup Curl_axtls_cleanup
-#define curlssl_connect Curl_axtls_connect
-#define curlssl_connect_nonblocking Curl_axtls_connect_nonblocking
-#define curlssl_session_free(x)  Curl_axtls_session_free(x)
-#define curlssl_close_all(x) ((void)x)
-#define curlssl_close Curl_axtls_close
-#define curlssl_shutdown(x,y) Curl_axtls_shutdown(x,y)
-#define curlssl_set_engine(x,y) ((void)x, (void)y, CURLE_NOT_BUILT_IN)
-#define curlssl_set_engine_default(x) ((void)x, CURLE_NOT_BUILT_IN)
-#define curlssl_engines_list(x) ((void)x, (struct curl_slist *)NULL)
-#define curlssl_version Curl_axtls_version
-#define curlssl_check_cxn(x) Curl_axtls_check_cxn(x)
-#define curlssl_data_pending(x,y) ((void)x, (void)y, 0)
-#define curlssl_random(x,y,z) Curl_axtls_random(x,y,z)
-
 #endif /* USE_AXTLS */
 #endif /* HEADER_CURL_AXTLS_H */
 
diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c
index 995cf629c..58c5d48b5 100644
--- a/lib/vtls/cyassl.c
+++ b/lib/vtls/cyassl.c
@@ -973,4 +973,6 @@ const struct Curl_ssl Curl_ssl_cyassl = {
   Curl_none_false_start            /* false_start */
 };
 
+const struct Curl_ssl *Curl_ssl = &Curl_ssl_cyassl;
+
 #endif
diff --git a/lib/vtls/cyassl.h b/lib/vtls/cyassl.h
index 3e5049c40..23d7139be 100644
--- a/lib/vtls/cyassl.h
+++ b/lib/vtls/cyassl.h
@@ -72,22 +72,6 @@ extern const struct Curl_ssl Curl_ssl_cyassl;
 #define have_curlssl_pinnedpubkey 1
 #endif
 
-/* API setup for CyaSSL */
-#define curlssl_init Curl_cyassl_init
-#define curlssl_cleanup() Curl_nop_stmt
-#define curlssl_connect Curl_cyassl_connect
-#define curlssl_connect_nonblocking Curl_cyassl_connect_nonblocking
-#define curlssl_session_free(x)  Curl_cyassl_session_free(x)
-#define curlssl_close_all(x) ((void)x)
-#define curlssl_close Curl_cyassl_close
-#define curlssl_shutdown(x,y) Curl_cyassl_shutdown(x,y)
-#define curlssl_set_engine(x,y) ((void)x, (void)y, CURLE_NOT_BUILT_IN)
-#define curlssl_set_engine_default(x) ((void)x, CURLE_NOT_BUILT_IN)
-#define curlssl_engines_list(x) ((void)x, (struct curl_slist *)NULL)
-#define curlssl_version Curl_cyassl_version
-#define curlssl_check_cxn(x) ((void)x, -1)
-#define curlssl_data_pending(x,y) Curl_cyassl_data_pending(x,y)
-#define curlssl_random(x,y,z) Curl_cyassl_random(x,y,z)
 #define curlssl_sha256sum(a,b,c,d) Curl_cyassl_sha256sum(a,b,c,d)
 
 #endif /* USE_CYASSL */
diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c
index 90618bdce..cedd0e00e 100644
--- a/lib/vtls/darwinssl.c
+++ b/lib/vtls/darwinssl.c
@@ -2878,6 +2878,8 @@ const struct Curl_ssl Curl_ssl_darwinssl = {
   Curl_darwinssl_false_start          /* false_start */
 };
 
+const struct Curl_ssl *Curl_ssl = &Curl_ssl_darwinssl;
+
 #ifdef __clang__
 #pragma clang diagnostic pop
 #endif
diff --git a/lib/vtls/darwinssl.h b/lib/vtls/darwinssl.h
index 687ecb13a..967ba511f 100644
--- a/lib/vtls/darwinssl.h
+++ b/lib/vtls/darwinssl.h
@@ -78,25 +78,8 @@ extern const struct Curl_ssl Curl_ssl_darwinssl;
 #define have_curlssl_pinnedpubkey 1
 #endif /* DARWIN_SSL_PINNEDPUBKEY */
 
-/* API setup for SecureTransport */
-#define curlssl_init() (1)
-#define curlssl_cleanup() Curl_nop_stmt
-#define curlssl_connect Curl_darwinssl_connect
-#define curlssl_connect_nonblocking Curl_darwinssl_connect_nonblocking
-#define curlssl_session_free(x) Curl_darwinssl_session_free(x)
-#define curlssl_close_all(x) ((void)x)
-#define curlssl_close Curl_darwinssl_close
-#define curlssl_shutdown(x,y) 0
-#define curlssl_set_engine(x,y) ((void)x, (void)y, CURLE_NOT_BUILT_IN)
-#define curlssl_set_engine_default(x) ((void)x, CURLE_NOT_BUILT_IN)
-#define curlssl_engines_list(x) ((void)x, (struct curl_slist *)NULL)
-#define curlssl_version Curl_darwinssl_version
-#define curlssl_check_cxn Curl_darwinssl_check_cxn
-#define curlssl_data_pending(x,y) Curl_darwinssl_data_pending(x, y)
-#define curlssl_random(x,y,z) Curl_darwinssl_random(x, y,z)
 #define curlssl_md5sum(a,b,c,d) Curl_darwinssl_md5sum(a,b,c,d)
 #define curlssl_sha256sum(a,b,c,d) Curl_darwinssl_sha256sum(a, b, c, d)
-#define curlssl_false_start() Curl_darwinssl_false_start()
 
 #endif /* USE_DARWINSSL */
 #endif /* HEADER_CURL_DARWINSSL_H */
diff --git a/lib/vtls/gskit.c b/lib/vtls/gskit.c
index 3da7bf297..ee09f4d88 100644
--- a/lib/vtls/gskit.c
+++ b/lib/vtls/gskit.c
@@ -1357,4 +1357,6 @@ const struct Curl_ssl Curl_ssl_gskit = {
   Curl_none_false_start           /* false_start */
 };
 
+const struct Curl_ssl *Curl_ssl = &Curl_ssl_gskit;
+
 #endif /* USE_GSKIT */
diff --git a/lib/vtls/gskit.h b/lib/vtls/gskit.h
index b329104d5..42856d329 100644
--- a/lib/vtls/gskit.h
+++ b/lib/vtls/gskit.h
@@ -52,25 +52,6 @@ extern const struct Curl_ssl Curl_ssl_gskit;
 /* this backend supports CURLOPT_CERTINFO */
 #define have_curlssl_certinfo 1
 
-/* API setup for GSKit */
-#define curlssl_init Curl_gskit_init
-#define curlssl_cleanup Curl_gskit_cleanup
-#define curlssl_connect Curl_gskit_connect
-#define curlssl_connect_nonblocking Curl_gskit_connect_nonblocking
-
-/*  No session handling for GSKit */
-#define curlssl_session_free(x) Curl_nop_stmt
-#define curlssl_close_all(x) ((void)x)
-#define curlssl_close Curl_gskit_close
-#define curlssl_shutdown(x,y) Curl_gskit_shutdown(x,y)
-#define curlssl_set_engine(x,y) CURLE_NOT_BUILT_IN
-#define curlssl_set_engine_default(x) CURLE_NOT_BUILT_IN
-#define curlssl_engines_list(x) NULL
-#define curlssl_version Curl_gskit_version
-#define curlssl_check_cxn(x) Curl_gskit_check_cxn(x)
-#define curlssl_data_pending(x,y) 0
-#define curlssl_random(x,y,z) (x=x, y=y, z=z, CURLE_NOT_BUILT_IN)
-
 #endif /* USE_GSKIT */
 
 #endif /* HEADER_CURL_GSKIT_H */
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index 495c8514d..303afafba 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -1807,4 +1807,5 @@ const struct Curl_ssl Curl_ssl_gnutls = {
   Curl_none_false_start          /* false_start */
 };
 
+const struct Curl_ssl *Curl_ssl = &Curl_ssl_gnutls;
 #endif /* USE_GNUTLS */
diff --git a/lib/vtls/gtls.h b/lib/vtls/gtls.h
index 24578b06e..555759c60 100644
--- a/lib/vtls/gtls.h
+++ b/lib/vtls/gtls.h
@@ -74,25 +74,8 @@ extern const struct Curl_ssl Curl_ssl_gnutls;
 /* this backend supports CURLOPT_PINNEDPUBLICKEY */
 #define have_curlssl_pinnedpubkey 1
 
-/* API setup for GnuTLS */
-#define curlssl_init Curl_gtls_init
-#define curlssl_cleanup Curl_gtls_cleanup
-#define curlssl_connect Curl_gtls_connect
-#define curlssl_connect_nonblocking Curl_gtls_connect_nonblocking
-#define curlssl_session_free(x)  Curl_gtls_session_free(x)
-#define curlssl_close_all(x) ((void)x)
-#define curlssl_close Curl_gtls_close
-#define curlssl_shutdown(x,y) Curl_gtls_shutdown(x,y)
-#define curlssl_set_engine(x,y) ((void)x, (void)y, CURLE_NOT_BUILT_IN)
-#define curlssl_set_engine_default(x) ((void)x, CURLE_NOT_BUILT_IN)
-#define curlssl_engines_list(x) ((void)x, (struct curl_slist *)NULL)
-#define curlssl_version Curl_gtls_version
-#define curlssl_check_cxn(x) ((void)x, -1)
-#define curlssl_data_pending(x,y) Curl_gtls_data_pending(x,y)
-#define curlssl_random(x,y,z) Curl_gtls_random(x,y,z)
 #define curlssl_md5sum(a,b,c,d) Curl_gtls_md5sum(a,b,c,d)
 #define curlssl_sha256sum(a,b,c,d) Curl_gtls_sha256sum(a,b,c,d)
-#define curlssl_cert_status_request() Curl_gtls_cert_status_request()
 
 #endif /* USE_GNUTLS */
 #endif /* HEADER_CURL_GTLS_H */
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index 2d5e87d08..907077a6c 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -1029,4 +1029,6 @@ const struct Curl_ssl Curl_ssl_mbedtls = {
   Curl_none_false_start             /* false_start */
 };
 
+const struct Curl_ssl *Curl_ssl = &Curl_ssl_mbedtls;
+
 #endif /* USE_MBEDTLS */
diff --git a/lib/vtls/mbedtls.h b/lib/vtls/mbedtls.h
index 70bbcb58a..1df297a5d 100644
--- a/lib/vtls/mbedtls.h
+++ b/lib/vtls/mbedtls.h
@@ -61,24 +61,8 @@ CURLcode Curl_mbedtls_random(struct Curl_easy *data, unsigned char *entropy,
 
 extern const struct Curl_ssl Curl_ssl_mbedtls;
 
-/* API setup for mbedTLS */
-#define curlssl_init() Curl_mbedtls_init()
-#define curlssl_cleanup() Curl_mbedtls_cleanup()
-#define curlssl_connect Curl_mbedtls_connect
-#define curlssl_connect_nonblocking Curl_mbedtls_connect_nonblocking
-#define curlssl_session_free(x)  Curl_mbedtls_session_free(x)
-#define curlssl_close_all Curl_mbedtls_close_all
-#define curlssl_close Curl_mbedtls_close
-#define curlssl_shutdown(x,y) 0
-#define curlssl_set_engine(x,y) (x=x, y=y, CURLE_NOT_BUILT_IN)
-#define curlssl_set_engine_default(x) (x=x, CURLE_NOT_BUILT_IN)
-#define curlssl_engines_list(x) (x=x, (struct curl_slist *)NULL)
-#define curlssl_version Curl_mbedtls_version
-#define curlssl_check_cxn(x) (x=x, -1)
-#define curlssl_data_pending(x,y) Curl_mbedtls_data_pending(x, y)
 #define CURL_SSL_BACKEND CURLSSLBACKEND_MBEDTLS
 #define curlssl_sha256sum(a,b,c,d) mbedtls_sha256(a,b,c,0)
-#define curlssl_random(x,y,z) Curl_mbedtls_random(x, y, z)
 
 #endif /* USE_MBEDTLS */
 #endif /* HEADER_CURL_MBEDTLS_H */
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index d6797eedf..17109b48d 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -2346,4 +2346,5 @@ const struct Curl_ssl Curl_ssl_nss = {
   Curl_nss_false_start          /* false_start */
 };
 
+const struct Curl_ssl *Curl_ssl = &Curl_ssl_nss;
 #endif /* USE_NSS */
diff --git a/lib/vtls/nssg.h b/lib/vtls/nssg.h
index 6117486e2..c5b3353cf 100644
--- a/lib/vtls/nssg.h
+++ b/lib/vtls/nssg.h
@@ -82,29 +82,8 @@ extern const struct Curl_ssl Curl_ssl_nss;
 /* this backends supports CURLOPT_PINNEDPUBLICKEY */
 #define have_curlssl_pinnedpubkey 1
 
-/* API setup for NSS */
-#define curlssl_init Curl_nss_init
-#define curlssl_cleanup Curl_nss_cleanup
-#define curlssl_connect Curl_nss_connect
-#define curlssl_connect_nonblocking Curl_nss_connect_nonblocking
-
-/* NSS has its own session ID cache */
-#define curlssl_session_free(x) Curl_nop_stmt
-#define curlssl_close_all(x) ((void)x)
-#define curlssl_close Curl_nss_close
-/* NSS has no shutdown function provided and thus always fail */
-#define curlssl_shutdown(x,y) ((void)x, (void)y, 1)
-#define curlssl_set_engine(x,y) ((void)x, (void)y, CURLE_NOT_BUILT_IN)
-#define curlssl_set_engine_default(x) ((void)x, CURLE_NOT_BUILT_IN)
-#define curlssl_engines_list(x) ((void)x, (struct curl_slist *)NULL)
-#define curlssl_version Curl_nss_version
-#define curlssl_check_cxn(x) Curl_nss_check_cxn(x)
-#define curlssl_data_pending(x,y) ((void)x, (void)y, 0)
-#define curlssl_random(x,y,z) Curl_nss_random(x,y,z)
 #define curlssl_md5sum(a,b,c,d) Curl_nss_md5sum(a,b,c,d)
 #define curlssl_sha256sum(a,b,c,d) Curl_nss_sha256sum(a,b,c,d)
-#define curlssl_cert_status_request() Curl_nss_cert_status_request()
-#define curlssl_false_start() Curl_nss_false_start()
 
 #endif /* USE_NSS */
 #endif /* HEADER_CURL_NSSG_H */
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 28e31baea..1484b9b1c 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -3408,4 +3408,6 @@ const struct Curl_ssl Curl_ssl_openssl = {
   Curl_none_false_start          /* false_start */
 };
 
+const struct Curl_ssl *Curl_ssl = &Curl_ssl_openssl;
+
 #endif /* USE_OPENSSL */
diff --git a/lib/vtls/openssl.h b/lib/vtls/openssl.h
index 92d418f84..a62a2e7ff 100644
--- a/lib/vtls/openssl.h
+++ b/lib/vtls/openssl.h
@@ -99,27 +99,10 @@ extern const struct Curl_ssl Curl_ssl_openssl;
 /* this backend supports CURLOPT_PINNEDPUBLICKEY */
 #define have_curlssl_pinnedpubkey 1
 
-/* API setup for OpenSSL */
-#define curlssl_init Curl_ossl_init
-#define curlssl_cleanup Curl_ossl_cleanup
-#define curlssl_connect Curl_ossl_connect
-#define curlssl_connect_nonblocking Curl_ossl_connect_nonblocking
-#define curlssl_session_free(x) Curl_ossl_session_free(x)
-#define curlssl_close_all Curl_ossl_close_all
-#define curlssl_close Curl_ossl_close
-#define curlssl_shutdown(x,y) Curl_ossl_shutdown(x,y)
-#define curlssl_set_engine(x,y) Curl_ossl_set_engine(x,y)
-#define curlssl_set_engine_default(x) Curl_ossl_set_engine_default(x)
-#define curlssl_engines_list(x) Curl_ossl_engines_list(x)
-#define curlssl_version Curl_ossl_version
-#define curlssl_check_cxn Curl_ossl_check_cxn
-#define curlssl_data_pending(x,y) Curl_ossl_data_pending(x,y)
-#define curlssl_random(x,y,z) Curl_ossl_random(x,y,z)
 #define curlssl_md5sum(a,b,c,d) Curl_ossl_md5sum(a,b,c,d)
 #if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) && !defined(OPENSSL_NO_SHA256)
 #define curlssl_sha256sum(a,b,c,d) Curl_ossl_sha256sum(a,b,c,d)
 #endif
-#define curlssl_cert_status_request() Curl_ossl_cert_status_request()
 
 #define DEFAULT_CIPHER_SELECTION \
   "ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH"
diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c
index 8cfbce9bf..8feaa95af 100644
--- a/lib/vtls/polarssl.c
+++ b/lib/vtls/polarssl.c
@@ -895,4 +895,6 @@ const struct Curl_ssl Curl_ssl_polarssl = {
   Curl_none_false_start              /* false_start */
 };
 
+const struct Curl_ssl *Curl_ssl = &Curl_ssl_polarssl;
+
 #endif /* USE_POLARSSL */
diff --git a/lib/vtls/polarssl.h b/lib/vtls/polarssl.h
index 632377a16..fc0a7ccd9 100644
--- a/lib/vtls/polarssl.h
+++ b/lib/vtls/polarssl.h
@@ -58,27 +58,7 @@ extern const struct Curl_ssl Curl_ssl_polarssl;
 /* this backends supports CURLOPT_PINNEDPUBLICKEY */
 #define have_curlssl_pinnedpubkey 1
 
-/* API setup for PolarSSL */
-#define curlssl_init() Curl_polarssl_init()
-#define curlssl_cleanup() Curl_polarssl_cleanup()
-#define curlssl_connect Curl_polarssl_connect
-#define curlssl_connect_nonblocking Curl_polarssl_connect_nonblocking
-#define curlssl_session_free(x)  Curl_polarssl_session_free(x)
-#define curlssl_close_all(x) ((void)x)
-#define curlssl_close Curl_polarssl_close
-#define curlssl_shutdown(x,y) 0
-#define curlssl_set_engine(x,y) ((void)x, (void)y, CURLE_NOT_BUILT_IN)
-#define curlssl_set_engine_default(x) ((void)x, CURLE_NOT_BUILT_IN)
-#define curlssl_engines_list(x) ((void)x, (struct curl_slist *)NULL)
-#define curlssl_version Curl_polarssl_version
-#define curlssl_check_cxn(x) ((void)x, -1)
-#define curlssl_data_pending(x,y) Curl_polarssl_data_pending(x, y)
 #define curlssl_sha256sum(a,b,c,d) sha256(a,b,c,0)
 
-/* This might cause libcurl to use a weeker random!
-   TODO: implement proper use of Polarssl's CTR-DRBG or HMAC-DRBG and use that
-*/
-#define curlssl_random(x,y,z) ((void)x, (void)y, (void)z, CURLE_NOT_BUILT_IN)
-
 #endif /* USE_POLARSSL */
 #endif /* HEADER_CURL_POLARSSL_H */
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index 3e148efad..b8c11d5f8 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -1748,4 +1748,6 @@ const struct Curl_ssl Curl_ssl_schannel = {
   Curl_none_false_start              /* false_start */
 };
 
+const struct Curl_ssl *Curl_ssl = &Curl_ssl_schannel;
+
 #endif /* USE_SCHANNEL */
diff --git a/lib/vtls/schannel.h b/lib/vtls/schannel.h
index 0ea30c209..1314445c0 100644
--- a/lib/vtls/schannel.h
+++ b/lib/vtls/schannel.h
@@ -103,22 +103,5 @@ extern const struct Curl_ssl Curl_ssl_schannel;
 /* this backend supports CURLOPT_CERTINFO */
 #define have_curlssl_certinfo 1
 
-/* API setup for Schannel */
-#define curlssl_init Curl_schannel_init
-#define curlssl_cleanup Curl_schannel_cleanup
-#define curlssl_connect Curl_schannel_connect
-#define curlssl_connect_nonblocking Curl_schannel_connect_nonblocking
-#define curlssl_session_free Curl_schannel_session_free
-#define curlssl_close_all(x) ((void)x)
-#define curlssl_close Curl_schannel_close
-#define curlssl_shutdown Curl_schannel_shutdown
-#define curlssl_set_engine(x,y) ((void)x, (void)y, CURLE_NOT_BUILT_IN)
-#define curlssl_set_engine_default(x) ((void)x, CURLE_NOT_BUILT_IN)
-#define curlssl_engines_list(x) ((void)x, (struct curl_slist *)NULL)
-#define curlssl_version Curl_schannel_version
-#define curlssl_check_cxn(x) ((void)x, -1)
-#define curlssl_data_pending Curl_schannel_data_pending
-#define curlssl_random(x,y,z) Curl_schannel_random(x,y,z)
-
 #endif /* USE_SCHANNEL */
 #endif /* HEADER_CURL_SCHANNEL_H */
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index 9c166d25d..44faf1c33 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -37,8 +37,8 @@
    Curl_schannel_ - prefix for Schannel SSPI ones
    Curl_darwinssl_ - prefix for SecureTransport (Darwin) ones
 
-   Note that this source code uses curlssl_* functions, and they are all
-   defines/macros #defined by the lib-specific header files.
+   Note that this source code uses the functions of the configured SSL
+   backend via the global Curl_ssl instance.
 
    "SSL/TLS Strong Encryption: An Introduction"
    https://httpd.apache.org/docs/2.0/ssl/ssl_intro.html
@@ -161,7 +161,7 @@ int Curl_ssl_init(void)
     return 1;
   init_ssl = TRUE; /* never again */
 
-  return curlssl_init();
+  return Curl_ssl->init();
 }
 
 
@@ -170,7 +170,7 @@ void Curl_ssl_cleanup(void)
 {
   if(init_ssl) {
     /* only cleanup if we did a previous init */
-    curlssl_cleanup();
+    Curl_ssl->cleanup();
     init_ssl = FALSE;
   }
 }
@@ -233,7 +233,7 @@ Curl_ssl_connect(struct connectdata *conn, int sockindex)
   conn->ssl[sockindex].use = TRUE;
   conn->ssl[sockindex].state = ssl_connection_negotiating;
 
-  result = curlssl_connect(conn, sockindex);
+  result = Curl_ssl->connect(conn, sockindex);
 
   if(!result)
     Curl_pgrsTime(conn->data, TIMER_APPCONNECT); /* SSL is connected */
@@ -257,12 +257,7 @@ Curl_ssl_connect_nonblocking(struct connectdata *conn, int sockindex,
 
   /* mark this is being ssl requested from here on. */
   conn->ssl[sockindex].use = TRUE;
-#ifdef curlssl_connect_nonblocking
-  result = curlssl_connect_nonblocking(conn, sockindex, done);
-#else
-  *done = TRUE; /* fallback to BLOCKING */
-  result = curlssl_connect(conn, sockindex);
-#endif /* non-blocking connect support */
+  result = Curl_ssl->connect_nonblocking(conn, sockindex, done);
   if(!result && *done)
     Curl_pgrsTime(conn->data, TIMER_APPCONNECT); /* SSL is connected */
   return result;
@@ -361,7 +356,7 @@ void Curl_ssl_kill_session(struct curl_ssl_session *session)
     /* defensive check */
 
     /* free the ID the SSL-layer specific way */
-    curlssl_session_free(session->sessionid);
+    Curl_ssl->session_free(session->sessionid);
 
     session->sessionid = NULL;
     session->age = 0; /* fresh */
@@ -499,7 +494,7 @@ void Curl_ssl_close_all(struct Curl_easy *data)
     Curl_safefree(data->state.session);
   }
 
-  curlssl_close_all(data);
+  Curl_ssl->close_all(data);
 }
 
 #if defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \
@@ -542,12 +537,12 @@ int Curl_ssl_getsock(struct connectdata *conn,
 void Curl_ssl_close(struct connectdata *conn, int sockindex)
 {
   DEBUGASSERT((sockindex <= 1) && (sockindex >= -1));
-  curlssl_close(conn, sockindex);
+  Curl_ssl->close(conn, sockindex);
 }
 
 CURLcode Curl_ssl_shutdown(struct connectdata *conn, int sockindex)
 {
-  if(curlssl_shutdown(conn, sockindex))
+  if(Curl_ssl->shutdown(conn, sockindex))
     return CURLE_SSL_SHUTDOWN_FAILED;
 
   conn->ssl[sockindex].use = FALSE; /* get back to ordinary socket usage */
@@ -563,20 +558,20 @@ CURLcode Curl_ssl_shutdown(struct connectdata *conn, int sockindex)
  */
 CURLcode Curl_ssl_set_engine(struct Curl_easy *data, const char *engine)
 {
-  return curlssl_set_engine(data, engine);
+  return Curl_ssl->set_engine(data, engine);
 }
 
 /* Selects the default SSL crypto engine
  */
 CURLcode Curl_ssl_set_engine_default(struct Curl_easy *data)
 {
-  return curlssl_set_engine_default(data);
+  return Curl_ssl->set_engine_default(data);
 }
 
 /* Return list of OpenSSL crypto engine names. */
 struct curl_slist *Curl_ssl_engines_list(struct Curl_easy *data)
 {
-  return curlssl_engines_list(data);
+  return Curl_ssl->engines_list(data);
 }
 
 /*
@@ -604,7 +599,7 @@ CURLcode Curl_ssl_initsessions(struct Curl_easy *data, size_t amount)
 
 size_t Curl_ssl_version(char *buffer, size_t size)
 {
-  return curlssl_version(buffer, size);
+  return Curl_ssl->version(buffer, size);
 }
 
 /*
@@ -617,13 +612,13 @@ size_t Curl_ssl_version(char *buffer, size_t size)
  */
 int Curl_ssl_check_cxn(struct connectdata *conn)
 {
-  return curlssl_check_cxn(conn);
+  return Curl_ssl->check_cxn(conn);
 }
 
 bool Curl_ssl_data_pending(const struct connectdata *conn,
                            int connindex)
 {
-  return curlssl_data_pending(conn, connindex);
+  return Curl_ssl->data_pending(conn, connindex);
 }
 
 void Curl_ssl_free_certinfo(struct Curl_easy *data)
@@ -721,7 +716,7 @@ CURLcode Curl_ssl_random(struct Curl_easy *data,
                          unsigned char *entropy,
                          size_t length)
 {
-  return curlssl_random(data, entropy, length);
+  return Curl_ssl->random(data, entropy, length);
 }
 
 /*
@@ -965,11 +960,7 @@ CURLcode Curl_ssl_md5sum(unsigned char *tmp, /* input */
  */
 bool Curl_ssl_cert_status_request(void)
 {
-#ifdef curlssl_cert_status_request
-  return curlssl_cert_status_request();
-#else
-  return FALSE;
-#endif
+  return Curl_ssl->cert_status_request();
 }
 
 /*
@@ -977,11 +968,7 @@ bool Curl_ssl_cert_status_request(void)
  */
 bool Curl_ssl_false_start(void)
 {
-#ifdef curlssl_false_start
-  return curlssl_false_start();
-#else
-  return FALSE;
-#endif
+  return Curl_ssl->false_start();
 }
 
 /*
diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h
index 9093462da..a568999e8 100644
--- a/lib/vtls/vtls.h
+++ b/lib/vtls/vtls.h
@@ -56,6 +56,10 @@ struct Curl_ssl {
   bool (*false_start)(void);
 };
 
+#ifdef USE_SSL
+extern const struct Curl_ssl *Curl_ssl;
+#endif
+
 int Curl_none_init(void);
 void Curl_none_cleanup(void);
 int Curl_none_shutdown(struct connectdata *conn, int sockindex);
-- 
cgit v1.2.3