summaryrefslogtreecommitdiffstats
path: root/Utilities/cmcurl/lib/vtls/vtls.c
diff options
context:
space:
mode:
Diffstat (limited to 'Utilities/cmcurl/lib/vtls/vtls.c')
-rw-r--r--Utilities/cmcurl/lib/vtls/vtls.c185
1 files changed, 78 insertions, 107 deletions
diff --git a/Utilities/cmcurl/lib/vtls/vtls.c b/Utilities/cmcurl/lib/vtls/vtls.c
index 3bd51fd..b8ab749 100644
--- a/Utilities/cmcurl/lib/vtls/vtls.c
+++ b/Utilities/cmcurl/lib/vtls/vtls.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -75,17 +75,21 @@
(1<<CURL_LOCK_DATA_SSL_SESSION)))
#define CLONE_STRING(var) \
- if(source->var) { \
- dest->var = strdup(source->var); \
- if(!dest->var) \
- return FALSE; \
- } \
- else \
- dest->var = NULL;
-
-#define CLONE_BLOB(var) \
- if(blobdup(&dest->var, source->var)) \
- return FALSE;
+ do { \
+ if(source->var) { \
+ dest->var = strdup(source->var); \
+ if(!dest->var) \
+ return FALSE; \
+ } \
+ else \
+ dest->var = NULL; \
+ } while(0)
+
+#define CLONE_BLOB(var) \
+ do { \
+ if(blobdup(&dest->var, source->var)) \
+ return FALSE; \
+ } while(0)
static CURLcode blobdup(struct curl_blob **dest,
struct curl_blob *src)
@@ -185,13 +189,13 @@ void Curl_free_primary_ssl_config(struct ssl_primary_config *sslc)
}
#ifdef USE_SSL
-static int multissl_init(const struct Curl_ssl *backend);
+static int multissl_setup(const struct Curl_ssl *backend);
#endif
int Curl_ssl_backend(void)
{
#ifdef USE_SSL
- multissl_init(NULL);
+ multissl_setup(NULL);
return Curl_ssl->info.id;
#else
return (int)CURLSSLBACKEND_NONE;
@@ -287,7 +291,8 @@ ssl_connect_init_proxy(struct connectdata *conn, int sockindex)
#endif
CURLcode
-Curl_ssl_connect(struct connectdata *conn, int sockindex)
+Curl_ssl_connect(struct Curl_easy *data, struct connectdata *conn,
+ int sockindex)
{
CURLcode result;
@@ -299,26 +304,27 @@ Curl_ssl_connect(struct connectdata *conn, int sockindex)
}
#endif
- if(!ssl_prefs_check(conn->data))
+ if(!ssl_prefs_check(data))
return CURLE_SSL_CONNECT_ERROR;
/* mark this is being ssl-enabled from here on. */
conn->ssl[sockindex].use = TRUE;
conn->ssl[sockindex].state = ssl_connection_negotiating;
- result = Curl_ssl->connect_blocking(conn, sockindex);
+ result = Curl_ssl->connect_blocking(data, conn, sockindex);
if(!result)
- Curl_pgrsTime(conn->data, TIMER_APPCONNECT); /* SSL is connected */
+ Curl_pgrsTime(data, TIMER_APPCONNECT); /* SSL is connected */
return result;
}
CURLcode
-Curl_ssl_connect_nonblocking(struct connectdata *conn, int sockindex,
- bool *done)
+Curl_ssl_connect_nonblocking(struct Curl_easy *data, struct connectdata *conn,
+ int sockindex, bool *done)
{
CURLcode result;
+
#ifndef CURL_DISABLE_PROXY
if(conn->bits.proxy_ssl_connected[sockindex]) {
result = ssl_connect_init_proxy(conn, sockindex);
@@ -326,47 +332,46 @@ Curl_ssl_connect_nonblocking(struct connectdata *conn, int sockindex,
return result;
}
#endif
- if(!ssl_prefs_check(conn->data))
+ if(!ssl_prefs_check(data))
return CURLE_SSL_CONNECT_ERROR;
/* mark this is being ssl requested from here on. */
conn->ssl[sockindex].use = TRUE;
- result = Curl_ssl->connect_nonblocking(conn, sockindex, done);
+ result = Curl_ssl->connect_nonblocking(data, conn, sockindex, done);
if(!result && *done)
- Curl_pgrsTime(conn->data, TIMER_APPCONNECT); /* SSL is connected */
+ Curl_pgrsTime(data, TIMER_APPCONNECT); /* SSL is connected */
return result;
}
/*
* Lock shared SSL session data
*/
-void Curl_ssl_sessionid_lock(struct connectdata *conn)
+void Curl_ssl_sessionid_lock(struct Curl_easy *data)
{
- if(SSLSESSION_SHARED(conn->data))
- Curl_share_lock(conn->data,
- CURL_LOCK_DATA_SSL_SESSION, CURL_LOCK_ACCESS_SINGLE);
+ if(SSLSESSION_SHARED(data))
+ Curl_share_lock(data, CURL_LOCK_DATA_SSL_SESSION, CURL_LOCK_ACCESS_SINGLE);
}
/*
* Unlock shared SSL session data
*/
-void Curl_ssl_sessionid_unlock(struct connectdata *conn)
+void Curl_ssl_sessionid_unlock(struct Curl_easy *data)
{
- if(SSLSESSION_SHARED(conn->data))
- Curl_share_unlock(conn->data, CURL_LOCK_DATA_SSL_SESSION);
+ if(SSLSESSION_SHARED(data))
+ Curl_share_unlock(data, CURL_LOCK_DATA_SSL_SESSION);
}
/*
* Check if there's a session ID for the given connection in the cache, and if
* there's one suitable, it is provided. Returns TRUE when no entry matched.
*/
-bool Curl_ssl_getsessionid(struct connectdata *conn,
+bool Curl_ssl_getsessionid(struct Curl_easy *data,
+ struct connectdata *conn,
void **ssl_sessionid,
size_t *idsize, /* set 0 if unknown */
int sockindex)
{
struct Curl_ssl_session *check;
- struct Curl_easy *data = conn->data;
size_t i;
long *general_age;
bool no_match = TRUE;
@@ -453,10 +458,9 @@ void Curl_ssl_kill_session(struct Curl_ssl_session *session)
/*
* Delete the given session ID from the cache.
*/
-void Curl_ssl_delsessionid(struct connectdata *conn, void *ssl_sessionid)
+void Curl_ssl_delsessionid(struct Curl_easy *data, void *ssl_sessionid)
{
size_t i;
- struct Curl_easy *data = conn->data;
for(i = 0; i < data->set.general_ssl.max_ssl_sessions; i++) {
struct Curl_ssl_session *check = &data->state.session[i];
@@ -474,13 +478,13 @@ void Curl_ssl_delsessionid(struct connectdata *conn, void *ssl_sessionid)
* layer. Curl_XXXX_session_free() will be called to free/kill the session ID
* later on.
*/
-CURLcode Curl_ssl_addsessionid(struct connectdata *conn,
+CURLcode Curl_ssl_addsessionid(struct Curl_easy *data,
+ struct connectdata *conn,
void *ssl_sessionid,
size_t idsize,
int sockindex)
{
size_t i;
- struct Curl_easy *data = conn->data; /* the mother of all structs */
struct Curl_ssl_session *store = &data->state.session[0];
long oldest_age = data->state.session[0].age; /* zero if unused */
char *clone_host;
@@ -620,16 +624,18 @@ int Curl_ssl_getsock(struct connectdata *conn,
/* USE_OPENSSL || USE_GNUTLS || USE_SCHANNEL || USE_SECTRANSP || USE_NSS */
#endif
-void Curl_ssl_close(struct connectdata *conn, int sockindex)
+void Curl_ssl_close(struct Curl_easy *data, struct connectdata *conn,
+ int sockindex)
{
DEBUGASSERT((sockindex <= 1) && (sockindex >= -1));
- Curl_ssl->close_one(conn, sockindex);
+ Curl_ssl->close_one(data, conn, sockindex);
conn->ssl[sockindex].state = ssl_connection_none;
}
-CURLcode Curl_ssl_shutdown(struct connectdata *conn, int sockindex)
+CURLcode Curl_ssl_shutdown(struct Curl_easy *data, struct connectdata *conn,
+ int sockindex)
{
- if(Curl_ssl->shut_down(conn, sockindex))
+ if(Curl_ssl->shut_down(data, conn, sockindex))
return CURLE_SSL_SHUTDOWN_FAILED;
conn->ssl[sockindex].use = FALSE; /* get back to ordinary socket usage */
@@ -684,12 +690,12 @@ CURLcode Curl_ssl_initsessions(struct Curl_easy *data, size_t amount)
return CURLE_OK;
}
-static size_t Curl_multissl_version(char *buffer, size_t size);
+static size_t multissl_version(char *buffer, size_t size);
size_t Curl_ssl_version(char *buffer, size_t size)
{
#ifdef CURL_WITH_MULTI_SSL
- return Curl_multissl_version(buffer, size);
+ return multissl_version(buffer, size);
#else
return Curl_ssl->version(buffer, size);
#endif
@@ -1030,16 +1036,6 @@ CURLcode Curl_pin_peer_pubkey(struct Curl_easy *data,
return result;
}
-#ifndef CURL_DISABLE_CRYPTO_AUTH
-CURLcode Curl_ssl_md5sum(unsigned char *tmp, /* input */
- size_t tmplen,
- unsigned char *md5sum, /* output */
- size_t md5len)
-{
- return Curl_ssl->md5sum(tmp, tmplen, md5sum, md5len);
-}
-#endif
-
/*
* Check whether the SSL backend supports the status_request extension.
*/
@@ -1076,9 +1072,11 @@ int Curl_none_init(void)
void Curl_none_cleanup(void)
{ }
-int Curl_none_shutdown(struct connectdata *conn UNUSED_PARAM,
+int Curl_none_shutdown(struct Curl_easy *data UNUSED_PARAM,
+ struct connectdata *conn UNUSED_PARAM,
int sockindex UNUSED_PARAM)
{
+ (void)data;
(void)conn;
(void)sockindex;
return 0;
@@ -1148,70 +1146,44 @@ bool Curl_none_false_start(void)
return FALSE;
}
-#ifndef CURL_DISABLE_CRYPTO_AUTH
-CURLcode Curl_none_md5sum(unsigned char *input, size_t inputlen,
- unsigned char *md5sum, size_t md5len UNUSED_PARAM)
+static int multissl_init(void)
{
- struct MD5_context *MD5pw;
-
- (void)md5len;
-
- MD5pw = Curl_MD5_init(Curl_DIGEST_MD5);
- if(!MD5pw)
- return CURLE_OUT_OF_MEMORY;
- Curl_MD5_update(MD5pw, input, curlx_uztoui(inputlen));
- Curl_MD5_final(MD5pw, md5sum);
- return CURLE_OK;
-}
-#else
-CURLcode Curl_none_md5sum(unsigned char *input UNUSED_PARAM,
- size_t inputlen UNUSED_PARAM,
- unsigned char *md5sum UNUSED_PARAM,
- size_t md5len UNUSED_PARAM)
-{
- (void)input;
- (void)inputlen;
- (void)md5sum;
- (void)md5len;
- return CURLE_NOT_BUILT_IN;
-}
-#endif
-
-static int Curl_multissl_init(void)
-{
- if(multissl_init(NULL))
+ if(multissl_setup(NULL))
return 1;
return Curl_ssl->init();
}
-static CURLcode Curl_multissl_connect(struct connectdata *conn, int sockindex)
+static CURLcode multissl_connect(struct Curl_easy *data,
+ struct connectdata *conn, int sockindex)
{
- if(multissl_init(NULL))
+ if(multissl_setup(NULL))
return CURLE_FAILED_INIT;
- return Curl_ssl->connect_blocking(conn, sockindex);
+ return Curl_ssl->connect_blocking(data, conn, sockindex);
}
-static CURLcode Curl_multissl_connect_nonblocking(struct connectdata *conn,
- int sockindex, bool *done)
+static CURLcode multissl_connect_nonblocking(struct Curl_easy *data,
+ struct connectdata *conn,
+ int sockindex, bool *done)
{
- if(multissl_init(NULL))
+ if(multissl_setup(NULL))
return CURLE_FAILED_INIT;
- return Curl_ssl->connect_nonblocking(conn, sockindex, done);
+ return Curl_ssl->connect_nonblocking(data, conn, sockindex, done);
}
-static void *Curl_multissl_get_internals(struct ssl_connect_data *connssl,
- CURLINFO info)
+static void *multissl_get_internals(struct ssl_connect_data *connssl,
+ CURLINFO info)
{
- if(multissl_init(NULL))
+ if(multissl_setup(NULL))
return NULL;
return Curl_ssl->get_internals(connssl, info);
}
-static void Curl_multissl_close(struct connectdata *conn, int sockindex)
+static void multissl_close(struct Curl_easy *data, struct connectdata *conn,
+ int sockindex)
{
- if(multissl_init(NULL))
+ if(multissl_setup(NULL))
return;
- Curl_ssl->close_one(conn, sockindex);
+ Curl_ssl->close_one(data, conn, sockindex);
}
static const struct Curl_ssl Curl_ssl_multi = {
@@ -1219,25 +1191,24 @@ static const struct Curl_ssl Curl_ssl_multi = {
0, /* supports nothing */
(size_t)-1, /* something insanely large to be on the safe side */
- Curl_multissl_init, /* init */
+ multissl_init, /* init */
Curl_none_cleanup, /* cleanup */
- Curl_multissl_version, /* version */
+ multissl_version, /* version */
Curl_none_check_cxn, /* check_cxn */
Curl_none_shutdown, /* shutdown */
Curl_none_data_pending, /* data_pending */
Curl_none_random, /* random */
Curl_none_cert_status_request, /* cert_status_request */
- Curl_multissl_connect, /* connect */
- Curl_multissl_connect_nonblocking, /* connect_nonblocking */
- Curl_multissl_get_internals, /* get_internals */
- Curl_multissl_close, /* close_one */
+ multissl_connect, /* connect */
+ multissl_connect_nonblocking, /* connect_nonblocking */
+ multissl_get_internals, /* get_internals */
+ multissl_close, /* close_one */
Curl_none_close_all, /* close_all */
Curl_none_session_free, /* session_free */
Curl_none_set_engine, /* set_engine */
Curl_none_set_engine_default, /* set_engine_default */
Curl_none_engines_list, /* engines_list */
Curl_none_false_start, /* false_start */
- Curl_none_md5sum, /* md5sum */
NULL /* sha256sum */
};
@@ -1302,7 +1273,7 @@ static const struct Curl_ssl *available_backends[] = {
NULL
};
-static size_t Curl_multissl_version(char *buffer, size_t size)
+static size_t multissl_version(char *buffer, size_t size)
{
static const struct Curl_ssl *selected;
static char backends[200];
@@ -1346,7 +1317,7 @@ static size_t Curl_multissl_version(char *buffer, size_t size)
return backends_len;
}
-static int multissl_init(const struct Curl_ssl *backend)
+static int multissl_setup(const struct Curl_ssl *backend)
{
const char *env;
char *env_tmp;
@@ -1405,7 +1376,7 @@ CURLsslset curl_global_sslset(curl_sslbackend id, const char *name,
for(i = 0; available_backends[i]; i++) {
if(available_backends[i]->info.id == id ||
(name && strcasecompare(available_backends[i]->info.name, name))) {
- multissl_init(available_backends[i]);
+ multissl_setup(available_backends[i]);
return CURLSSLSET_OK;
}
}
generated by cgit v0.12 at 2025-02-04 15:25:06 (GMT)