diff options
Diffstat (limited to 'Utilities/cmcurl/lib/vtls/schannel.c')
| -rw-r--r-- | Utilities/cmcurl/lib/vtls/schannel.c | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/Utilities/cmcurl/lib/vtls/schannel.c b/Utilities/cmcurl/lib/vtls/schannel.c index 0f6f734..0818d94 100644 --- a/Utilities/cmcurl/lib/vtls/schannel.c +++ b/Utilities/cmcurl/lib/vtls/schannel.c @@ -7,7 +7,7 @@ * * Copyright (C) 2012 - 2016, Marc Hoersken, <info@marc-hoersken.de> * Copyright (C) 2012, Mark Salisbury, <mark.salisbury@hp.com> - * Copyright (C) 2012 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 2012 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -554,10 +554,6 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) switch(conn->ssl_config.version) { case CURL_SSLVERSION_DEFAULT: case CURL_SSLVERSION_TLSv1: - schannel_cred.grbitEnabledProtocols = SP_PROT_TLS1_0_CLIENT | - SP_PROT_TLS1_1_CLIENT | - SP_PROT_TLS1_2_CLIENT; - break; case CURL_SSLVERSION_TLSv1_0: case CURL_SSLVERSION_TLSv1_1: case CURL_SSLVERSION_TLSv1_2: @@ -722,7 +718,7 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) unsigned short* list_len = NULL; /* The first four bytes will be an unsigned int indicating number - of bytes of data in the rest of the the buffer. */ + of bytes of data in the rest of the buffer. */ extension_len = (unsigned int *)(&alpn_buffer[cur]); cur += sizeof(unsigned int); @@ -1181,6 +1177,7 @@ struct Adder_args struct connectdata *conn; CURLcode result; int idx; + int certs_count; }; static bool @@ -1191,7 +1188,9 @@ add_cert_to_certinfo(const CERT_CONTEXT *ccert_context, void *raw_arg) if(valid_cert_encoding(ccert_context)) { const char *beg = (const char *) ccert_context->pbCertEncoded; const char *end = beg + ccert_context->cbCertEncoded; - args->result = Curl_extract_certinfo(args->conn, (args->idx)++, beg, end); + int insert_index = (args->certs_count - 1) - args->idx; + args->result = Curl_extract_certinfo(args->conn, insert_index, beg, end); + args->idx++; } return args->result == CURLE_OK; } @@ -1326,6 +1325,7 @@ schannel_connect_step3(struct connectdata *conn, int sockindex) struct Adder_args args; args.conn = conn; args.idx = 0; + args.certs_count = certs_count; traverse_cert_store(ccert_context, add_cert_to_certinfo, &args); result = args.result; } @@ -1347,7 +1347,7 @@ schannel_connect_common(struct connectdata *conn, int sockindex, struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; curl_socket_t sockfd = conn->sock[sockindex]; - time_t timeout_ms; + timediff_t timeout_ms; int what; /* check if the connection has already been established */ @@ -1394,7 +1394,7 @@ schannel_connect_common(struct connectdata *conn, int sockindex, connssl->connecting_state ? sockfd : CURL_SOCKET_BAD; what = Curl_socket_check(readfd, CURL_SOCKET_BAD, writefd, - nonblocking ? 0 : timeout_ms); + nonblocking ? 0 : (time_t)timeout_ms); if(what < 0) { /* fatal error */ failf(data, "select/poll on SSL/TLS socket, errno: %d", SOCKERRNO); @@ -1544,7 +1544,7 @@ schannel_send(struct connectdata *conn, int sockindex, /* send entire message or fail */ while(len > (size_t)written) { ssize_t this_write; - time_t timeleft; + timediff_t timeleft; int what; this_write = 0; @@ -1855,7 +1855,9 @@ schannel_recv(struct connectdata *conn, int sockindex, goto cleanup; } else { +#ifndef CURL_DISABLE_VERBOSE_STRINGS char buffer[STRERROR_LEN]; +#endif *err = CURLE_RECV_ERROR; infof(data, "schannel: failed to read data from server: %s\n", Curl_sspi_strerror(sspi_status, buffer, sizeof(buffer))); |