From 4dcd25e138e9c18a4c96cb78bca5749d8431699f Mon Sep 17 00:00:00 2001
From: Alessandro Ghedini <alessandro@ghedini.me>
Date: Sat, 14 Feb 2015 16:57:07 +0100
Subject: url: add CURLOPT_SSL_FALSESTART option

This option can be used to enable/disable TLS False Start defined in the RFC
draft-bmoeller-tls-falsestart.
---
 lib/url.c       | 11 +++++++++++
 lib/urldata.h   |  1 +
 lib/vtls/vtls.c | 12 ++++++++++++
 lib/vtls/vtls.h |  3 +++
 4 files changed, 27 insertions(+)

(limited to 'lib')

diff --git a/lib/url.c b/lib/url.c
index 3be6a4a3b..82faaf18a 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -2027,6 +2027,17 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
     result = CURLE_NOT_BUILT_IN;
 #endif
     break;
+  case CURLOPT_SSL_FALSESTART:
+    /*
+     * Enable TLS false start.
+     */
+    if(!Curl_ssl_false_start()) {
+      result = CURLE_NOT_BUILT_IN;
+      break;
+    }
+
+    data->set.ssl.falsestart = (0 != va_arg(param, long))?TRUE:FALSE;
+    break;
   case CURLOPT_CERTINFO:
 #ifdef have_curlssl_certinfo
     data->set.ssl.certinfo = (0 != va_arg(param, long))?TRUE:FALSE;
diff --git a/lib/urldata.h b/lib/urldata.h
index caa5debf1..01415b6ab 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -351,6 +351,7 @@ struct ssl_config_data {
   void *fsslctxp;        /* parameter for call back */
   bool sessionid;        /* cache session IDs or not */
   bool certinfo;         /* gather lots of certificate info */
+  bool falsestart;
 
 #ifdef USE_TLS_SRP
   char *username; /* TLS username (for, e.g., SRP) */
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index 2230a0433..c551cca66 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -857,4 +857,16 @@ bool Curl_ssl_cert_status_request(void)
 #endif
 }
 
+/*
+ * Check whether the SSL backend supports false start.
+ */
+bool Curl_ssl_false_start(void)
+{
+#ifdef curlssl_false_start
+  return curlssl_false_start();
+#else
+  return FALSE;
+#endif
+}
+
 #endif /* USE_SSL */
diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h
index bbaa8505f..1a5f54fe4 100644
--- a/lib/vtls/vtls.h
+++ b/lib/vtls/vtls.h
@@ -118,6 +118,8 @@ CURLcode Curl_pin_peer_pubkey(const char *pinnedpubkey,
 
 bool Curl_ssl_cert_status_request(void);
 
+bool Curl_ssl_false_start(void);
+
 #define SSL_SHUTDOWN_TIMEOUT 10000 /* ms */
 
 #else
@@ -145,6 +147,7 @@ bool Curl_ssl_cert_status_request(void);
 #define Curl_ssl_kill_session(x) Curl_nop_stmt
 #define Curl_ssl_random(x,y,z) ((void)x, CURLE_NOT_BUILT_IN)
 #define Curl_ssl_cert_status_request() FALSE
+#define Curl_ssl_false_start() FALSE
 #endif
 
 #endif /* HEADER_CURL_VTLS_H */
-- 
cgit v1.2.3