From 69039fd1fa3e65e2f5737b2a4044dcb8fbabb76d Mon Sep 17 00:00:00 2001 From: Johannes Schindelin Date: Fri, 23 Jun 2017 16:05:26 +0200 Subject: getinfo: access SSL internals via Curl_ssl In the ongoing endeavor to abstract out all SSL backend-specific functionality, this is the next step: Instead of hard-coding how the different SSL backends access their internal data in getinfo.c, let's implement backend-specific functions to do that task. This will also allow for switching SSL backends as a runtime option. Signed-off-by: Johannes Schindelin --- lib/getinfo.c | 31 +++++-------------------------- lib/vtls/axtls.c | 8 ++++++++ lib/vtls/cyassl.c | 8 ++++++++ lib/vtls/darwinssl.c | 8 ++++++++ lib/vtls/gskit.c | 8 ++++++++ lib/vtls/gtls.c | 8 ++++++++ lib/vtls/mbedtls.c | 8 ++++++++ lib/vtls/nss.c | 8 ++++++++ lib/vtls/openssl.c | 9 +++++++++ lib/vtls/polarssl.c | 8 ++++++++ lib/vtls/schannel.c | 8 ++++++++ lib/vtls/vtls.h | 2 ++ 12 files changed, 88 insertions(+), 26 deletions(-) diff --git a/lib/getinfo.c b/lib/getinfo.c index 9c6f3b731..862ced019 100644 --- a/lib/getinfo.c +++ b/lib/getinfo.c @@ -360,46 +360,25 @@ static CURLcode getinfo_slist(struct Curl_easy *data, CURLINFO info, struct curl_tlssessioninfo **tsip = (struct curl_tlssessioninfo **) param_slistp; struct curl_tlssessioninfo *tsi = &data->tsi; +#ifdef USE_SSL struct connectdata *conn = data->easy_conn; +#endif *tsip = tsi; tsi->backend = Curl_ssl_backend(); tsi->internals = NULL; +#ifdef USE_SSL if(conn && tsi->backend != CURLSSLBACKEND_NONE) { unsigned int i; for(i = 0; i < (sizeof(conn->ssl) / sizeof(conn->ssl[0])); ++i) { if(conn->ssl[i].use) { -#if defined(USE_AXTLS) - tsi->internals = (void *)conn->ssl[i].ssl; -#elif defined(USE_CYASSL) - tsi->internals = (void *)conn->ssl[i].handle; -#elif defined(USE_DARWINSSL) - tsi->internals = (void *)conn->ssl[i].ssl_ctx; -#elif defined(USE_GNUTLS) - tsi->internals = (void *)conn->ssl[i].session; -#elif defined(USE_GSKIT) - tsi->internals = (void *)conn->ssl[i].handle; -#elif defined(USE_MBEDTLS) - tsi->internals = (void *)&conn->ssl[i].ssl; -#elif defined(USE_NSS) - tsi->internals = (void *)conn->ssl[i].handle; -#elif defined(USE_OPENSSL) - /* Legacy: CURLINFO_TLS_SESSION must return an SSL_CTX pointer. */ - tsi->internals = ((info == CURLINFO_TLS_SESSION) ? - (void *)conn->ssl[i].ctx : - (void *)conn->ssl[i].handle); -#elif defined(USE_POLARSSL) - tsi->internals = (void *)&conn->ssl[i].ssl; -#elif defined(USE_SCHANNEL) - tsi->internals = (void *)&conn->ssl[i].ctxt->ctxt_handle; -#elif defined(USE_SSL) -#error "SSL backend specific information missing for CURLINFO_TLS_SSL_PTR" -#endif + tsi->internals = Curl_ssl->get_internals(&conn->ssl[i], info); break; } } } +#endif } break; default: diff --git a/lib/vtls/axtls.c b/lib/vtls/axtls.c index ceebc9a7a..2b904fcd0 100644 --- a/lib/vtls/axtls.c +++ b/lib/vtls/axtls.c @@ -681,6 +681,13 @@ static CURLcode Curl_axtls_random(struct Curl_easy *data, return CURLE_OK; } +static void *Curl_axtls_get_internals(struct ssl_connect_data *connssl, + CURLINFO info UNUSED_PARAM) +{ + (void)info; + return connssl->ssl; +} + const struct Curl_ssl Curl_ssl_axtls = { "axtls", /* name */ @@ -705,6 +712,7 @@ const struct Curl_ssl Curl_ssl_axtls = { Curl_none_cert_status_request, /* cert_status_request */ Curl_axtls_connect, /* connect */ Curl_axtls_connect_nonblocking, /* connect_nonblocking */ + Curl_axtls_get_internals, /* get_internals */ Curl_axtls_close, /* close */ Curl_none_close_all, /* close_all */ Curl_axtls_session_free, /* session_free */ diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c index 7cc294b1d..0fbb6ff67 100644 --- a/lib/vtls/cyassl.c +++ b/lib/vtls/cyassl.c @@ -959,6 +959,13 @@ static void Curl_cyassl_sha256sum(const unsigned char *tmp, /* input */ Sha256Final(&SHA256pw, sha256sum); } +static void *Curl_cyassl_get_internals(struct ssl_connect_data *connssl, + CURLINFO info UNUSED_PARAM) +{ + (void)info; + return connssl->handle; +} + const struct Curl_ssl Curl_ssl_cyassl = { "cyassl", /* name */ @@ -982,6 +989,7 @@ const struct Curl_ssl Curl_ssl_cyassl = { Curl_none_cert_status_request, /* cert_status_request */ Curl_cyassl_connect, /* connect */ Curl_cyassl_connect_nonblocking, /* connect_nonblocking */ + Curl_cyassl_get_internals, /* get_internals */ Curl_cyassl_close, /* close */ Curl_none_close_all, /* close_all */ Curl_cyassl_session_free, /* session_free */ diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c index aef644457..d6558e358 100644 --- a/lib/vtls/darwinssl.c +++ b/lib/vtls/darwinssl.c @@ -2871,6 +2871,13 @@ static ssize_t darwinssl_recv(struct connectdata *conn, return (ssize_t)processed; } +static void *Curl_darwinssl_get_internals(struct ssl_connect_data *connssl, + CURLINFO info UNUSED_PARAM) +{ + (void)info; + return connssl->ssl_ctx; +} + const struct Curl_ssl Curl_ssl_darwinssl = { "darwinssl", /* name */ @@ -2894,6 +2901,7 @@ const struct Curl_ssl Curl_ssl_darwinssl = { Curl_none_cert_status_request, /* cert_status_request */ Curl_darwinssl_connect, /* connect */ Curl_darwinssl_connect_nonblocking, /* connect_nonblocking */ + Curl_darwinssl_get_internals, /* get_internals */ Curl_darwinssl_close, /* close */ Curl_none_close_all, /* close_all */ Curl_darwinssl_session_free, /* session_free */ diff --git a/lib/vtls/gskit.c b/lib/vtls/gskit.c index dab114912..196cbb3ba 100644 --- a/lib/vtls/gskit.c +++ b/lib/vtls/gskit.c @@ -1333,6 +1333,13 @@ static int Curl_gskit_check_cxn(struct connectdata *cxn) return -1; /* connection status unknown */ } +static void *Curl_gskit_get_internals(struct ssl_connect_data *connssl, + CURLINFO info UNUSED_PARAM) +{ + (void)info; + return connssl->handle; +} + const struct Curl_ssl Curl_ssl_gskit = { "gskit", /* name */ @@ -1354,6 +1361,7 @@ const struct Curl_ssl Curl_ssl_gskit = { Curl_none_cert_status_request, /* cert_status_request */ Curl_gskit_connect, /* connect */ Curl_gskit_connect_nonblocking, /* connect_nonblocking */ + Curl_gskit_get_internals, /* get_internals */ Curl_gskit_close, /* close */ Curl_none_close_all, /* close_all */ /* No session handling for GSKit */ diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 54fda5467..1e57b4588 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -1782,6 +1782,13 @@ static bool Curl_gtls_cert_status_request(void) #endif } +static void *Curl_gtls_get_internals(struct ssl_connect_data *connssl, + CURLINFO info UNUSED_PARAM) +{ + (void)info; + return connssl->session; +} + const struct Curl_ssl Curl_ssl_gnutls = { "gnutls", /* name */ @@ -1801,6 +1808,7 @@ const struct Curl_ssl Curl_ssl_gnutls = { Curl_gtls_cert_status_request, /* cert_status_request */ Curl_gtls_connect, /* connect */ Curl_gtls_connect_nonblocking, /* connect_nonblocking */ + Curl_gtls_get_internals, /* get_internals */ Curl_gtls_close, /* close */ Curl_none_close_all, /* close_all */ Curl_glts_session_free, /* session_free */ diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index ea8f3c6d5..803932c6f 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -1012,6 +1012,13 @@ static void Curl_mbedtls_sha256sum(const unsigned char *input, mbedtls_sha256(input, inputlen, sha256sum, 0); } +static void *Curl_mbedtls_get_internals(struct ssl_connect_data *connssl, + CURLINFO info UNUSED_PARAM) +{ + (void)info; + return &connssl->ssl; +} + const struct Curl_ssl Curl_ssl_mbedtls = { "mbedtls", /* name */ @@ -1031,6 +1038,7 @@ const struct Curl_ssl Curl_ssl_mbedtls = { Curl_none_cert_status_request, /* cert_status_request */ Curl_mbedtls_connect, /* connect */ Curl_mbedtls_connect_nonblocking, /* connect_nonblocking */ + Curl_mbedtls_get_internals, /* get_internals */ Curl_mbedtls_close, /* close */ Curl_mbedtls_close_all, /* close_all */ Curl_mbedtls_session_free, /* session_free */ diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c index 3f3d59f0d..d7d49b673 100644 --- a/lib/vtls/nss.c +++ b/lib/vtls/nss.c @@ -2323,6 +2323,13 @@ static bool Curl_nss_false_start(void) #endif } +static void *Curl_nss_get_internals(struct ssl_connect_data *connssl, + CURLINFO info UNUSED_PARAM) +{ + (void)info; + return connssl->handle; +} + const struct Curl_ssl Curl_ssl_nss = { "nss", /* name */ @@ -2343,6 +2350,7 @@ const struct Curl_ssl Curl_ssl_nss = { Curl_nss_cert_status_request, /* cert_status_request */ Curl_nss_connect, /* connect */ Curl_nss_connect_nonblocking, /* connect_nonblocking */ + Curl_nss_get_internals, /* get_internals */ Curl_nss_close, /* close */ Curl_none_close_all, /* close_all */ /* NSS has its own session ID cache */ diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index fcd4539d5..40bd8ee86 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -3394,6 +3394,14 @@ static bool Curl_ossl_cert_status_request(void) #endif } +static void *Curl_ossl_get_internals(struct ssl_connect_data *connssl, + CURLINFO info) +{ + /* Legacy: CURLINFO_TLS_SESSION must return an SSL_CTX pointer. */ + return info == CURLINFO_TLS_SESSION ? + (void *)connssl->ctx : (void *)connssl->handle; +} + const struct Curl_ssl Curl_ssl_openssl = { "openssl", /* name */ @@ -3413,6 +3421,7 @@ const struct Curl_ssl Curl_ssl_openssl = { Curl_ossl_cert_status_request, /* cert_status_request */ Curl_ossl_connect, /* connect */ Curl_ossl_connect_nonblocking, /* connect_nonblocking */ + Curl_ossl_get_internals, /* get_internals */ Curl_ossl_close, /* close */ Curl_ossl_close_all, /* close_all */ Curl_ossl_session_free, /* session_free */ diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c index e12a50d6a..3cffb9f4b 100644 --- a/lib/vtls/polarssl.c +++ b/lib/vtls/polarssl.c @@ -874,6 +874,13 @@ static void Curl_polarssl_sha256sum(const unsigned char *input, sha256(input, inputlen, sha256sum, 0); } +static void *Curl_polarssl_get_internals(struct ssl_connect_data *connssl, + CURLINFO info UNUSED_PARAM) +{ + (void)info; + return &connssl->ssl; +} + const struct Curl_ssl Curl_ssl_polarssl = { "polarssl", /* name */ @@ -896,6 +903,7 @@ const struct Curl_ssl Curl_ssl_polarssl = { Curl_none_cert_status_request, /* cert_status_request */ Curl_polarssl_connect, /* connect */ Curl_polarssl_connect_nonblocking, /* connect_nonblocking */ + Curl_polarssl_get_internals, /* get_internals */ Curl_polarssl_close, /* close */ Curl_none_close_all, /* close_all */ Curl_polarssl_session_free, /* session_free */ diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index d01a224c9..1296267ef 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -1773,6 +1773,13 @@ static CURLcode verify_certificate(struct connectdata *conn, int sockindex) } #endif /* _WIN32_WCE */ +static void *Curl_schannel_get_internals(struct ssl_connect_data *connssl, + CURLINFO info UNUSED_PARAM) +{ + (void)info; + return &connssl->ctxt->ctxt_handle; +} + const struct Curl_ssl Curl_ssl_schannel = { "schannel", /* name */ @@ -1792,6 +1799,7 @@ const struct Curl_ssl Curl_ssl_schannel = { Curl_none_cert_status_request, /* cert_status_request */ Curl_schannel_connect, /* connect */ Curl_schannel_connect_nonblocking, /* connect_nonblocking */ + Curl_schannel_get_internals, /* get_internals */ Curl_schannel_close, /* close */ Curl_none_close_all, /* close_all */ Curl_schannel_session_free, /* session_free */ diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h index de98df027..a814b72fb 100644 --- a/lib/vtls/vtls.h +++ b/lib/vtls/vtls.h @@ -24,6 +24,7 @@ #include "curl_setup.h" struct connectdata; +struct ssl_connect_data; struct Curl_ssl { const char *name; @@ -52,6 +53,7 @@ struct Curl_ssl { CURLcode (*connect)(struct connectdata *conn, int sockindex); CURLcode (*connect_nonblocking)(struct connectdata *conn, int sockindex, bool *done); + void *(*get_internals)(struct ssl_connect_data *connssl, CURLINFO info); void (*close)(struct connectdata *conn, int sockindex); void (*close_all)(struct Curl_easy *data); void (*session_free)(void *ptr); -- cgit v1.2.3