diff options
author | Brad King <brad.king@kitware.com> | 2018-05-18 14:16:50 (GMT) |
---|---|---|
committer | Brad King <brad.king@kitware.com> | 2018-05-18 14:16:50 (GMT) |
commit | 3e913b819d8d8118d5e8dc3b7289f622e9ca92e5 (patch) | |
tree | 82c19f5ec814c84b986e54e3fc6fa0a83622fd81 /Utilities/cmcurl/lib/vtls/cyassl.c | |
parent | f3c73b878c594d40119e480ca1074e733d7ba1ce (diff) | |
parent | d431136e029c652f5913bcebeaab3b9236b114c4 (diff) | |
download | CMake-3e913b819d8d8118d5e8dc3b7289f622e9ca92e5.zip CMake-3e913b819d8d8118d5e8dc3b7289f622e9ca92e5.tar.gz CMake-3e913b819d8d8118d5e8dc3b7289f622e9ca92e5.tar.bz2 |
Merge branch 'upstream-curl' into update-curl
* upstream-curl:
curl 2018-05-15 (cb013830)
Diffstat (limited to 'Utilities/cmcurl/lib/vtls/cyassl.c')
-rw-r--r-- | Utilities/cmcurl/lib/vtls/cyassl.c | 31 |
1 files changed, 21 insertions, 10 deletions
diff --git a/Utilities/cmcurl/lib/vtls/cyassl.c b/Utilities/cmcurl/lib/vtls/cyassl.c index 46b71bf..20ce460 100644 --- a/Utilities/cmcurl/lib/vtls/cyassl.c +++ b/Utilities/cmcurl/lib/vtls/cyassl.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -187,8 +187,13 @@ cyassl_connect_step1(struct connectdata *conn, use_sni(TRUE); break; case CURL_SSLVERSION_TLSv1_0: +#ifdef WOLFSSL_ALLOW_TLSV10 req_method = TLSv1_client_method(); use_sni(TRUE); +#else + failf(data, "CyaSSL does not support TLS 1.0"); + return CURLE_NOT_BUILT_IN; +#endif break; case CURL_SSLVERSION_TLSv1_1: req_method = TLSv1_1_client_method(); @@ -199,8 +204,14 @@ cyassl_connect_step1(struct connectdata *conn, use_sni(TRUE); break; case CURL_SSLVERSION_TLSv1_3: +#ifdef WOLFSSL_TLS13 + req_method = wolfTLSv1_3_client_method(); + use_sni(TRUE); + break; +#else failf(data, "CyaSSL: TLS 1.3 is not yet supported"); return CURLE_SSL_CONNECT_ERROR; +#endif case CURL_SSLVERSION_SSLv3: #ifdef WOLFSSL_ALLOW_SSLV3 req_method = SSLv3_client_method(); @@ -245,7 +256,11 @@ cyassl_connect_step1(struct connectdata *conn, */ if((wolfSSL_CTX_SetMinVersion(BACKEND->ctx, WOLFSSL_TLSV1) != 1) && (wolfSSL_CTX_SetMinVersion(BACKEND->ctx, WOLFSSL_TLSV1_1) != 1) && - (wolfSSL_CTX_SetMinVersion(BACKEND->ctx, WOLFSSL_TLSV1_2) != 1)) { + (wolfSSL_CTX_SetMinVersion(BACKEND->ctx, WOLFSSL_TLSV1_2) != 1) +#ifdef WOLFSSL_TLS13 + && (wolfSSL_CTX_SetMinVersion(BACKEND->ctx, WOLFSSL_TLSV1_3) != 1) +#endif + ) { failf(data, "SSL: couldn't set the minimum protocol version"); return CURLE_SSL_CONNECT_ERROR; } @@ -956,7 +971,7 @@ static CURLcode Curl_cyassl_random(struct Curl_easy *data, return CURLE_OK; } -static void Curl_cyassl_sha256sum(const unsigned char *tmp, /* input */ +static CURLcode Curl_cyassl_sha256sum(const unsigned char *tmp, /* input */ size_t tmplen, unsigned char *sha256sum /* output */, size_t unused) @@ -966,6 +981,7 @@ static void Curl_cyassl_sha256sum(const unsigned char *tmp, /* input */ InitSha256(&SHA256pw); Sha256Update(&SHA256pw, tmp, (word32)tmplen); Sha256Final(&SHA256pw, sha256sum); + return CURLE_OK; } static void *Curl_cyassl_get_internals(struct ssl_connect_data *connssl, @@ -978,15 +994,10 @@ static void *Curl_cyassl_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_cyassl = { { CURLSSLBACKEND_WOLFSSL, "WolfSSL" }, /* info */ - 0, /* have_ca_path */ - 0, /* have_certinfo */ #ifdef KEEP_PEER_CERT - 1, /* have_pinnedpubkey */ -#else - 0, /* have_pinnedpubkey */ + SSLSUPP_PINNEDPUBKEY | #endif - 1, /* have_ssl_ctx */ - 0, /* support_https_proxy */ + SSLSUPP_SSL_CTX, sizeof(struct ssl_backend_data), |