mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2024-12-27 06:59:43 +08:00
Code Issues Packages Projects Releases Wiki Activity

vtls: provide a unified APLN-disagree string for all backends

Browse Source 
Also rephrase to make it sound less dangerous:

 "ALPN: server did not agree on a protocol. Uses default."

Reported-by: Nick Coghlan
Fixes #8643
Closes #8651
This commit is contained in:
Daniel Stenberg 2022-03-30 11:02:57 +02:00
parent 08ca1f2b97
commit 3bc5b32db5
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
10 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/vtls/bearssl.c
View File

@ -884,7 +884,7 @@ static CURLcode bearssl_connect_step3(struct Curl_easy *data,
BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE);
}
else
infof(data, "ALPN, server did not agree to a protocol");
infof(data, VTLS_INFOF_NO_ALPN);
}
if(SSL_SET_OPTION(primary.sessionid)) {

2
lib/vtls/gtls.c
View File

@ -1280,7 +1280,7 @@ Curl_gtls_verifyserver(struct Curl_easy *data,
}
}
else
infof(data, "ALPN, server did not agree to a protocol");
infof(data, VTLS_INFOF_NO_ALPN);
Curl_multiuse_state(data, conn->negnpn == CURL_HTTP_VERSION_2 ?
BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE);

2
lib/vtls/mbedtls.c
View File

@ -828,7 +828,7 @@ mbed_connect_step2(struct Curl_easy *data, struct connectdata *conn,
}
}
else {
infof(data, "ALPN, server did not agree to a protocol");
infof(data, VTLS_INFOF_NO_ALPN);
}
Curl_multiuse_state(data, conn->negnpn == CURL_HTTP_VERSION_2 ?
BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE);

2
lib/vtls/nss.c
View File

@ -862,7 +862,7 @@ static void HandshakeCallback(PRFileDesc *sock, void *arg)
#endif
case SSL_NEXT_PROTO_NO_SUPPORT:
case SSL_NEXT_PROTO_NO_OVERLAP:
infof(data, "ALPN/NPN, server did not agree to a protocol");
infof(data, VTLS_INFOF_NO_ALPN);
return;
#ifdef SSL_ENABLE_ALPN
case SSL_NEXT_PROTO_SELECTED:

2
lib/vtls/openssl.c
View File

@ -3472,7 +3472,7 @@ static CURLcode ossl_connect_step2(struct Curl_easy *data,
}
}
else
infof(data, "ALPN, server did not agree to a protocol");
infof(data, VTLS_INFOF_NO_ALPN);
Curl_multiuse_state(data, conn->negnpn == CURL_HTTP_VERSION_2 ?
BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE);

2
lib/vtls/rustls.c
View File

@ -406,7 +406,7 @@ cr_set_negotiated_alpn(struct Curl_easy *data, struct connectdata *conn,
rustls_connection_get_alpn_protocol(rconn, &protocol, &len);
if(!protocol) {
infof(data, "ALPN, server did not agree to a protocol");
infof(data, VTLS_INFOF_NO_ALPN);
return;
}

2
lib/vtls/schannel.c
View File

@ -1433,7 +1433,7 @@ schannel_connect_step3(struct Curl_easy *data, struct connectdata *conn,
}
}
else
infof(data, "ALPN, server did not agree to a protocol");
infof(data, VTLS_INFOF_NO_ALPN);
Curl_multiuse_state(data, conn->negnpn == CURL_HTTP_VERSION_2 ?
BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE);
}

2
lib/vtls/sectransp.c
View File

@ -2853,7 +2853,7 @@ sectransp_connect_step2(struct Curl_easy *data, struct connectdata *conn,
conn->negnpn = CURL_HTTP_VERSION_1_1;
}
else
infof(data, "ALPN, server did not agree to a protocol");
infof(data, VTLS_INFOF_NO_ALPN);
Curl_multiuse_state(data, conn->negnpn == CURL_HTTP_VERSION_2 ?
BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE);

3
lib/vtls/vtls.h
View File

@ -34,6 +34,9 @@ struct ssl_connect_data;
#define SSLSUPP_TLS13_CIPHERSUITES (1<<5) /* supports TLS 1.3 ciphersuites */
#define SSLSUPP_CAINFO_BLOB (1<<6)
#define VTLS_INFOF_NO_ALPN \
"ALPN: server did not agree on a protocol. Uses default."
struct Curl_ssl {
/*
* This *must* be the first entry to allow returning the list of available

2
lib/vtls/wolfssl.c
View File

@ -776,7 +776,7 @@ wolfssl_connect_step2(struct Curl_easy *data, struct connectdata *conn,
BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE);
}
else if(rc == SSL_ALPN_NOT_FOUND)
infof(data, "ALPN, server did not agree to a protocol");
infof(data, VTLS_INFOF_NO_ALPN);
else {
failf(data, "ALPN, failure getting protocol, error %d", rc);
return CURLE_SSL_CONNECT_ERROR;