mirror of
https://github.com/curl/curl.git
synced 2024-12-09 06:30:06 +08:00
vtls: remove obsolete declarations of SSL backend functionality
These functions are all available via the Curl_ssl struct now, no need
to declare them separately anymore.
As the global declarations are removed, the corresponding function
definitions are marked as file-local. The only two exceptions here are
Curl_mbedtls_shutdown() and Curl_polarssl_shutdown(): only the
declarations were removed, there are no function definitions to mark
file-local.
Please note that Curl_nss_force_init() is *still* declared globally, as
the only SSL backend-specific function, because it was introduced
specifically for the use case where cURL was compiled with
`--without-ssl --with-nss`. For details, see f3b77e561
(http_ntlm: add
support for NSS, 2010-06-27).
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
This commit is contained in:
parent
742ddc9d8f
commit
6f1eec14e0
@ -49,7 +49,7 @@
|
|||||||
|
|
||||||
|
|
||||||
/* Global axTLS init, called from Curl_ssl_init() */
|
/* Global axTLS init, called from Curl_ssl_init() */
|
||||||
int Curl_axtls_init(void)
|
static int Curl_axtls_init(void)
|
||||||
{
|
{
|
||||||
/* axTLS has no global init. Everything is done through SSL and SSL_CTX
|
/* axTLS has no global init. Everything is done through SSL and SSL_CTX
|
||||||
* structs stored in connectdata structure. Perhaps can move to axtls.h.
|
* structs stored in connectdata structure. Perhaps can move to axtls.h.
|
||||||
@ -57,7 +57,7 @@ int Curl_axtls_init(void)
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_axtls_cleanup(void)
|
static void Curl_axtls_cleanup(void)
|
||||||
{
|
{
|
||||||
/* axTLS has no global cleanup. Perhaps can move this to axtls.h. */
|
/* axTLS has no global cleanup. Perhaps can move this to axtls.h. */
|
||||||
}
|
}
|
||||||
@ -284,7 +284,7 @@ static CURLcode connect_prep(struct connectdata *conn, int sockindex)
|
|||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_axtls_close(struct connectdata *conn, int sockindex)
|
static void Curl_axtls_close(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
|
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
|
||||||
|
|
||||||
@ -424,10 +424,8 @@ static CURLcode connect_finish(struct connectdata *conn, int sockindex)
|
|||||||
* Use axTLS's non-blocking connection feature to open an SSL connection.
|
* Use axTLS's non-blocking connection feature to open an SSL connection.
|
||||||
* This is called after a TCP connection is already established.
|
* This is called after a TCP connection is already established.
|
||||||
*/
|
*/
|
||||||
CURLcode Curl_axtls_connect_nonblocking(
|
static CURLcode Curl_axtls_connect_nonblocking(struct connectdata *conn,
|
||||||
struct connectdata *conn,
|
int sockindex, bool *done)
|
||||||
int sockindex,
|
|
||||||
bool *done)
|
|
||||||
{
|
{
|
||||||
CURLcode conn_step;
|
CURLcode conn_step;
|
||||||
int ssl_fcn_return;
|
int ssl_fcn_return;
|
||||||
@ -491,10 +489,7 @@ CURLcode Curl_axtls_connect_nonblocking(
|
|||||||
* This function is called after the TCP connect has completed. Setup the TLS
|
* This function is called after the TCP connect has completed. Setup the TLS
|
||||||
* layer and do all necessary magic for a blocking connect.
|
* layer and do all necessary magic for a blocking connect.
|
||||||
*/
|
*/
|
||||||
CURLcode
|
static CURLcode Curl_axtls_connect(struct connectdata *conn, int sockindex)
|
||||||
Curl_axtls_connect(struct connectdata *conn,
|
|
||||||
int sockindex)
|
|
||||||
|
|
||||||
{
|
{
|
||||||
struct Curl_easy *data = conn->data;
|
struct Curl_easy *data = conn->data;
|
||||||
CURLcode conn_step = connect_prep(conn, sockindex);
|
CURLcode conn_step = connect_prep(conn, sockindex);
|
||||||
@ -563,7 +558,7 @@ static ssize_t axtls_send(struct connectdata *conn,
|
|||||||
* This function is called to shut down the SSL layer but keep the
|
* This function is called to shut down the SSL layer but keep the
|
||||||
* socket open (CCC - Clear Command Channel)
|
* socket open (CCC - Clear Command Channel)
|
||||||
*/
|
*/
|
||||||
int Curl_axtls_shutdown(struct connectdata *conn, int sockindex)
|
static int Curl_axtls_shutdown(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
/* Outline taken from openssl.c since functions are in axTLS compat layer.
|
/* Outline taken from openssl.c since functions are in axTLS compat layer.
|
||||||
axTLS's error set is much smaller, so a lot of error-handling was removed.
|
axTLS's error set is much smaller, so a lot of error-handling was removed.
|
||||||
@ -662,7 +657,7 @@ static ssize_t axtls_recv(struct connectdata *conn, /* connection data */
|
|||||||
* 0 means the connection has been closed
|
* 0 means the connection has been closed
|
||||||
* -1 means the connection status is unknown
|
* -1 means the connection status is unknown
|
||||||
*/
|
*/
|
||||||
int Curl_axtls_check_cxn(struct connectdata *conn)
|
static int Curl_axtls_check_cxn(struct connectdata *conn)
|
||||||
{
|
{
|
||||||
/* openssl.c line: rc = SSL_peek(conn->ssl[FIRSTSOCKET].ssl, (void*)&buf, 1);
|
/* openssl.c line: rc = SSL_peek(conn->ssl[FIRSTSOCKET].ssl, (void*)&buf, 1);
|
||||||
axTLS compat layer always returns the last argument, so connection is
|
axTLS compat layer always returns the last argument, so connection is
|
||||||
@ -672,7 +667,7 @@ int Curl_axtls_check_cxn(struct connectdata *conn)
|
|||||||
return 1; /* connection still in place */
|
return 1; /* connection still in place */
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_axtls_session_free(void *ptr)
|
static void Curl_axtls_session_free(void *ptr)
|
||||||
{
|
{
|
||||||
(void)ptr;
|
(void)ptr;
|
||||||
/* free the ID */
|
/* free the ID */
|
||||||
@ -680,14 +675,13 @@ void Curl_axtls_session_free(void *ptr)
|
|||||||
compatibility layer does nothing, so we do nothing too. */
|
compatibility layer does nothing, so we do nothing too. */
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t Curl_axtls_version(char *buffer, size_t size)
|
static size_t Curl_axtls_version(char *buffer, size_t size)
|
||||||
{
|
{
|
||||||
return snprintf(buffer, size, "axTLS/%s", ssl_version());
|
return snprintf(buffer, size, "axTLS/%s", ssl_version());
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode Curl_axtls_random(struct Curl_easy *data,
|
static CURLcode Curl_axtls_random(struct Curl_easy *data,
|
||||||
unsigned char *entropy,
|
unsigned char *entropy, size_t length)
|
||||||
size_t length)
|
|
||||||
{
|
{
|
||||||
static bool ssl_seeded = FALSE;
|
static bool ssl_seeded = FALSE;
|
||||||
(void)data;
|
(void)data;
|
||||||
|
@ -27,25 +27,6 @@
|
|||||||
#include "curl/curl.h"
|
#include "curl/curl.h"
|
||||||
#include "urldata.h"
|
#include "urldata.h"
|
||||||
|
|
||||||
int Curl_axtls_init(void);
|
|
||||||
void Curl_axtls_cleanup(void);
|
|
||||||
CURLcode Curl_axtls_connect(struct connectdata *conn, int sockindex);
|
|
||||||
CURLcode Curl_axtls_connect_nonblocking(
|
|
||||||
struct connectdata *conn,
|
|
||||||
int sockindex,
|
|
||||||
bool *done);
|
|
||||||
|
|
||||||
/* close a SSL connection */
|
|
||||||
void Curl_axtls_close(struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
void Curl_axtls_session_free(void *ptr);
|
|
||||||
size_t Curl_axtls_version(char *buffer, size_t size);
|
|
||||||
int Curl_axtls_shutdown(struct connectdata *conn, int sockindex);
|
|
||||||
int Curl_axtls_check_cxn(struct connectdata *conn);
|
|
||||||
CURLcode Curl_axtls_random(struct Curl_easy *data,
|
|
||||||
unsigned char *entropy,
|
|
||||||
size_t length);
|
|
||||||
|
|
||||||
extern const struct Curl_ssl Curl_ssl_axtls;
|
extern const struct Curl_ssl Curl_ssl_axtls;
|
||||||
|
|
||||||
/* Set the API backend definition to axTLS */
|
/* Set the API backend definition to axTLS */
|
||||||
|
@ -696,7 +696,7 @@ static ssize_t cyassl_send(struct connectdata *conn,
|
|||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_cyassl_close(struct connectdata *conn, int sockindex)
|
static void Curl_cyassl_close(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
struct ssl_connect_data *conssl = &conn->ssl[sockindex];
|
struct ssl_connect_data *conssl = &conn->ssl[sockindex];
|
||||||
|
|
||||||
@ -744,14 +744,14 @@ static ssize_t cyassl_recv(struct connectdata *conn,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void Curl_cyassl_session_free(void *ptr)
|
static void Curl_cyassl_session_free(void *ptr)
|
||||||
{
|
{
|
||||||
(void)ptr;
|
(void)ptr;
|
||||||
/* CyaSSL reuses sessions on own, no free */
|
/* CyaSSL reuses sessions on own, no free */
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
size_t Curl_cyassl_version(char *buffer, size_t size)
|
static size_t Curl_cyassl_version(char *buffer, size_t size)
|
||||||
{
|
{
|
||||||
#if LIBCYASSL_VERSION_HEX >= 0x03006000
|
#if LIBCYASSL_VERSION_HEX >= 0x03006000
|
||||||
return snprintf(buffer, size, "wolfSSL/%s", wolfSSL_lib_version());
|
return snprintf(buffer, size, "wolfSSL/%s", wolfSSL_lib_version());
|
||||||
@ -765,13 +765,14 @@ size_t Curl_cyassl_version(char *buffer, size_t size)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int Curl_cyassl_init(void)
|
static int Curl_cyassl_init(void)
|
||||||
{
|
{
|
||||||
return (CyaSSL_Init() == SSL_SUCCESS);
|
return (CyaSSL_Init() == SSL_SUCCESS);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
bool Curl_cyassl_data_pending(const struct connectdata* conn, int connindex)
|
static bool Curl_cyassl_data_pending(const struct connectdata* conn,
|
||||||
|
int connindex)
|
||||||
{
|
{
|
||||||
if(conn->ssl[connindex].handle) /* SSL is in use */
|
if(conn->ssl[connindex].handle) /* SSL is in use */
|
||||||
return (0 != SSL_pending(conn->ssl[connindex].handle)) ? TRUE : FALSE;
|
return (0 != SSL_pending(conn->ssl[connindex].handle)) ? TRUE : FALSE;
|
||||||
@ -784,7 +785,7 @@ bool Curl_cyassl_data_pending(const struct connectdata* conn, int connindex)
|
|||||||
* This function is called to shut down the SSL layer but keep the
|
* This function is called to shut down the SSL layer but keep the
|
||||||
* socket open (CCC - Clear Command Channel)
|
* socket open (CCC - Clear Command Channel)
|
||||||
*/
|
*/
|
||||||
int Curl_cyassl_shutdown(struct connectdata *conn, int sockindex)
|
static int Curl_cyassl_shutdown(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
int retval = 0;
|
int retval = 0;
|
||||||
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
|
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
|
||||||
@ -911,18 +912,14 @@ cyassl_connect_common(struct connectdata *conn,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
CURLcode
|
static CURLcode Curl_cyassl_connect_nonblocking(struct connectdata *conn,
|
||||||
Curl_cyassl_connect_nonblocking(struct connectdata *conn,
|
int sockindex, bool *done)
|
||||||
int sockindex,
|
|
||||||
bool *done)
|
|
||||||
{
|
{
|
||||||
return cyassl_connect_common(conn, sockindex, TRUE, done);
|
return cyassl_connect_common(conn, sockindex, TRUE, done);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
CURLcode
|
static CURLcode Curl_cyassl_connect(struct connectdata *conn, int sockindex)
|
||||||
Curl_cyassl_connect(struct connectdata *conn,
|
|
||||||
int sockindex)
|
|
||||||
{
|
{
|
||||||
CURLcode result;
|
CURLcode result;
|
||||||
bool done = FALSE;
|
bool done = FALSE;
|
||||||
@ -936,9 +933,8 @@ Curl_cyassl_connect(struct connectdata *conn,
|
|||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode Curl_cyassl_random(struct Curl_easy *data,
|
static CURLcode Curl_cyassl_random(struct Curl_easy *data,
|
||||||
unsigned char *entropy,
|
unsigned char *entropy, size_t length)
|
||||||
size_t length)
|
|
||||||
{
|
{
|
||||||
RNG rng;
|
RNG rng;
|
||||||
(void)data;
|
(void)data;
|
||||||
|
@ -25,24 +25,6 @@
|
|||||||
|
|
||||||
#ifdef USE_CYASSL
|
#ifdef USE_CYASSL
|
||||||
|
|
||||||
CURLcode Curl_cyassl_connect(struct connectdata *conn, int sockindex);
|
|
||||||
bool Curl_cyassl_data_pending(const struct connectdata* conn, int connindex);
|
|
||||||
int Curl_cyassl_shutdown(struct connectdata* conn, int sockindex);
|
|
||||||
|
|
||||||
/* close a SSL connection */
|
|
||||||
void Curl_cyassl_close(struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
void Curl_cyassl_session_free(void *ptr);
|
|
||||||
size_t Curl_cyassl_version(char *buffer, size_t size);
|
|
||||||
int Curl_cyassl_shutdown(struct connectdata *conn, int sockindex);
|
|
||||||
int Curl_cyassl_init(void);
|
|
||||||
CURLcode Curl_cyassl_connect_nonblocking(struct connectdata *conn,
|
|
||||||
int sockindex,
|
|
||||||
bool *done);
|
|
||||||
CURLcode Curl_cyassl_random(struct Curl_easy *data,
|
|
||||||
unsigned char *entropy,
|
|
||||||
size_t length);
|
|
||||||
|
|
||||||
extern const struct Curl_ssl Curl_ssl_cyassl;
|
extern const struct Curl_ssl Curl_ssl_cyassl;
|
||||||
|
|
||||||
/* Set the API backend definition to CyaSSL */
|
/* Set the API backend definition to CyaSSL */
|
||||||
|
@ -2568,17 +2568,13 @@ darwinssl_connect_common(struct connectdata *conn,
|
|||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode
|
static CURLcode Curl_darwinssl_connect_nonblocking(struct connectdata *conn,
|
||||||
Curl_darwinssl_connect_nonblocking(struct connectdata *conn,
|
int sockindex, bool *done)
|
||||||
int sockindex,
|
|
||||||
bool *done)
|
|
||||||
{
|
{
|
||||||
return darwinssl_connect_common(conn, sockindex, TRUE, done);
|
return darwinssl_connect_common(conn, sockindex, TRUE, done);
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode
|
static CURLcode Curl_darwinssl_connect(struct connectdata *conn, int sockindex)
|
||||||
Curl_darwinssl_connect(struct connectdata *conn,
|
|
||||||
int sockindex)
|
|
||||||
{
|
{
|
||||||
CURLcode result;
|
CURLcode result;
|
||||||
bool done = FALSE;
|
bool done = FALSE;
|
||||||
@ -2593,7 +2589,7 @@ Curl_darwinssl_connect(struct connectdata *conn,
|
|||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_darwinssl_close(struct connectdata *conn, int sockindex)
|
static void Curl_darwinssl_close(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
|
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
|
||||||
|
|
||||||
@ -2614,7 +2610,7 @@ void Curl_darwinssl_close(struct connectdata *conn, int sockindex)
|
|||||||
connssl->ssl_sockfd = 0;
|
connssl->ssl_sockfd = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int Curl_darwinssl_shutdown(struct connectdata *conn, int sockindex)
|
static int Curl_darwinssl_shutdown(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
|
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
|
||||||
struct Curl_easy *data = conn->data;
|
struct Curl_easy *data = conn->data;
|
||||||
@ -2667,7 +2663,7 @@ int Curl_darwinssl_shutdown(struct connectdata *conn, int sockindex)
|
|||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_darwinssl_session_free(void *ptr)
|
static void Curl_darwinssl_session_free(void *ptr)
|
||||||
{
|
{
|
||||||
/* ST, as of iOS 5 and Mountain Lion, has no public method of deleting a
|
/* ST, as of iOS 5 and Mountain Lion, has no public method of deleting a
|
||||||
cached session ID inside the Security framework. There is a private
|
cached session ID inside the Security framework. There is a private
|
||||||
@ -2678,7 +2674,7 @@ void Curl_darwinssl_session_free(void *ptr)
|
|||||||
Curl_safefree(ptr);
|
Curl_safefree(ptr);
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t Curl_darwinssl_version(char *buffer, size_t size)
|
static size_t Curl_darwinssl_version(char *buffer, size_t size)
|
||||||
{
|
{
|
||||||
return snprintf(buffer, size, "SecureTransport");
|
return snprintf(buffer, size, "SecureTransport");
|
||||||
}
|
}
|
||||||
@ -2691,7 +2687,7 @@ size_t Curl_darwinssl_version(char *buffer, size_t size)
|
|||||||
* 0 means the connection has been closed
|
* 0 means the connection has been closed
|
||||||
* -1 means the connection status is unknown
|
* -1 means the connection status is unknown
|
||||||
*/
|
*/
|
||||||
int Curl_darwinssl_check_cxn(struct connectdata *conn)
|
static int Curl_darwinssl_check_cxn(struct connectdata *conn)
|
||||||
{
|
{
|
||||||
struct ssl_connect_data *connssl = &conn->ssl[FIRSTSOCKET];
|
struct ssl_connect_data *connssl = &conn->ssl[FIRSTSOCKET];
|
||||||
OSStatus err;
|
OSStatus err;
|
||||||
@ -2706,8 +2702,8 @@ int Curl_darwinssl_check_cxn(struct connectdata *conn)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool Curl_darwinssl_data_pending(const struct connectdata *conn,
|
static bool Curl_darwinssl_data_pending(const struct connectdata *conn,
|
||||||
int connindex)
|
int connindex)
|
||||||
{
|
{
|
||||||
const struct ssl_connect_data *connssl = &conn->ssl[connindex];
|
const struct ssl_connect_data *connssl = &conn->ssl[connindex];
|
||||||
OSStatus err;
|
OSStatus err;
|
||||||
@ -2723,8 +2719,8 @@ bool Curl_darwinssl_data_pending(const struct connectdata *conn,
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode Curl_darwinssl_random(struct Curl_easy *data UNUSED_PARAM,
|
static CURLcode Curl_darwinssl_random(struct Curl_easy *data UNUSED_PARAM,
|
||||||
unsigned char *entropy, size_t length)
|
unsigned char *entropy, size_t length)
|
||||||
{
|
{
|
||||||
/* arc4random_buf() isn't available on cats older than Lion, so let's
|
/* arc4random_buf() isn't available on cats older than Lion, so let's
|
||||||
do this manually for the benefit of the older cats. */
|
do this manually for the benefit of the older cats. */
|
||||||
@ -2760,7 +2756,7 @@ static void Curl_darwinssl_sha256sum(const unsigned char *tmp, /* input */
|
|||||||
(void)CC_SHA256(tmp, (CC_LONG)tmplen, sha256sum);
|
(void)CC_SHA256(tmp, (CC_LONG)tmplen, sha256sum);
|
||||||
}
|
}
|
||||||
|
|
||||||
bool Curl_darwinssl_false_start(void)
|
static bool Curl_darwinssl_false_start(void)
|
||||||
{
|
{
|
||||||
#if CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7
|
#if CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7
|
||||||
if(SSLSetSessionOption != NULL)
|
if(SSLSetSessionOption != NULL)
|
||||||
|
@ -26,26 +26,6 @@
|
|||||||
|
|
||||||
#ifdef USE_DARWINSSL
|
#ifdef USE_DARWINSSL
|
||||||
|
|
||||||
CURLcode Curl_darwinssl_connect(struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
CURLcode Curl_darwinssl_connect_nonblocking(struct connectdata *conn,
|
|
||||||
int sockindex,
|
|
||||||
bool *done);
|
|
||||||
|
|
||||||
/* close a SSL connection */
|
|
||||||
void Curl_darwinssl_close(struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
void Curl_darwinssl_session_free(void *ptr);
|
|
||||||
size_t Curl_darwinssl_version(char *buffer, size_t size);
|
|
||||||
int Curl_darwinssl_shutdown(struct connectdata *conn, int sockindex);
|
|
||||||
int Curl_darwinssl_check_cxn(struct connectdata *conn);
|
|
||||||
bool Curl_darwinssl_data_pending(const struct connectdata *conn,
|
|
||||||
int connindex);
|
|
||||||
|
|
||||||
CURLcode Curl_darwinssl_random(struct Curl_easy *data, unsigned char *entropy,
|
|
||||||
size_t length);
|
|
||||||
bool Curl_darwinssl_false_start(void);
|
|
||||||
|
|
||||||
extern const struct Curl_ssl Curl_ssl_darwinssl;
|
extern const struct Curl_ssl Curl_ssl_darwinssl;
|
||||||
|
|
||||||
/* Set the API backend definition to SecureTransport */
|
/* Set the API backend definition to SecureTransport */
|
||||||
|
@ -427,7 +427,7 @@ static CURLcode set_ciphers(struct connectdata *conn,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int Curl_gskit_init(void)
|
static int Curl_gskit_init(void)
|
||||||
{
|
{
|
||||||
/* No initialisation needed. */
|
/* No initialisation needed. */
|
||||||
|
|
||||||
@ -435,7 +435,7 @@ int Curl_gskit_init(void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void Curl_gskit_cleanup(void)
|
static void Curl_gskit_cleanup(void)
|
||||||
{
|
{
|
||||||
/* Nothing to do. */
|
/* Nothing to do. */
|
||||||
}
|
}
|
||||||
@ -1216,9 +1216,8 @@ static CURLcode gskit_connect_common(struct connectdata *conn, int sockindex,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
CURLcode Curl_gskit_connect_nonblocking(struct connectdata *conn,
|
static CURLcode Curl_gskit_connect_nonblocking(struct connectdata *conn,
|
||||||
int sockindex,
|
int sockindex, bool *done)
|
||||||
bool *done)
|
|
||||||
{
|
{
|
||||||
CURLcode result;
|
CURLcode result;
|
||||||
|
|
||||||
@ -1229,7 +1228,7 @@ CURLcode Curl_gskit_connect_nonblocking(struct connectdata *conn,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
CURLcode Curl_gskit_connect(struct connectdata *conn, int sockindex)
|
static CURLcode Curl_gskit_connect(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
CURLcode result;
|
CURLcode result;
|
||||||
bool done;
|
bool done;
|
||||||
@ -1245,14 +1244,14 @@ CURLcode Curl_gskit_connect(struct connectdata *conn, int sockindex)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void Curl_gskit_close(struct connectdata *conn, int sockindex)
|
static void Curl_gskit_close(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
close_one(&conn->ssl[sockindex], conn, sockindex);
|
close_one(&conn->ssl[sockindex], conn, sockindex);
|
||||||
close_one(&conn->proxy_ssl[sockindex], conn, sockindex);
|
close_one(&conn->proxy_ssl[sockindex], conn, sockindex);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int Curl_gskit_shutdown(struct connectdata *conn, int sockindex)
|
static int Curl_gskit_shutdown(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
|
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
|
||||||
struct Curl_easy *data = conn->data;
|
struct Curl_easy *data = conn->data;
|
||||||
@ -1306,14 +1305,14 @@ int Curl_gskit_shutdown(struct connectdata *conn, int sockindex)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
size_t Curl_gskit_version(char *buffer, size_t size)
|
static size_t Curl_gskit_version(char *buffer, size_t size)
|
||||||
{
|
{
|
||||||
strncpy(buffer, "GSKit", size);
|
strncpy(buffer, "GSKit", size);
|
||||||
return strlen(buffer);
|
return strlen(buffer);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int Curl_gskit_check_cxn(struct connectdata *cxn)
|
static int Curl_gskit_check_cxn(struct connectdata *cxn)
|
||||||
{
|
{
|
||||||
int err;
|
int err;
|
||||||
int errlen;
|
int errlen;
|
||||||
|
@ -30,16 +30,6 @@
|
|||||||
#include "urldata.h"
|
#include "urldata.h"
|
||||||
|
|
||||||
#ifdef USE_GSKIT
|
#ifdef USE_GSKIT
|
||||||
int Curl_gskit_init(void);
|
|
||||||
void Curl_gskit_cleanup(void);
|
|
||||||
CURLcode Curl_gskit_connect(struct connectdata *conn, int sockindex);
|
|
||||||
CURLcode Curl_gskit_connect_nonblocking(struct connectdata *conn,
|
|
||||||
int sockindex, bool *done);
|
|
||||||
void Curl_gskit_close(struct connectdata *conn, int sockindex);
|
|
||||||
int Curl_gskit_shutdown(struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
size_t Curl_gskit_version(char *buffer, size_t size);
|
|
||||||
int Curl_gskit_check_cxn(struct connectdata *cxn);
|
|
||||||
|
|
||||||
extern const struct Curl_ssl Curl_ssl_gskit;
|
extern const struct Curl_ssl Curl_ssl_gskit;
|
||||||
|
|
||||||
|
@ -186,7 +186,7 @@ static ssize_t Curl_gtls_pull_ssl(void *s, void *buf, size_t len)
|
|||||||
* must only be called from within curl_global_init() to keep the thread
|
* must only be called from within curl_global_init() to keep the thread
|
||||||
* situation under control!
|
* situation under control!
|
||||||
*/
|
*/
|
||||||
int Curl_gtls_init(void)
|
static int Curl_gtls_init(void)
|
||||||
{
|
{
|
||||||
int ret = 1;
|
int ret = 1;
|
||||||
if(!gtls_inited) {
|
if(!gtls_inited) {
|
||||||
@ -200,7 +200,7 @@ int Curl_gtls_init(void)
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_gtls_cleanup(void)
|
static void Curl_gtls_cleanup(void)
|
||||||
{
|
{
|
||||||
if(gtls_inited) {
|
if(gtls_inited) {
|
||||||
gnutls_global_deinit();
|
gnutls_global_deinit();
|
||||||
@ -1493,18 +1493,13 @@ gtls_connect_common(struct connectdata *conn,
|
|||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode
|
static CURLcode Curl_gtls_connect_nonblocking(struct connectdata *conn,
|
||||||
Curl_gtls_connect_nonblocking(struct connectdata *conn,
|
int sockindex, bool *done)
|
||||||
int sockindex,
|
|
||||||
bool *done)
|
|
||||||
{
|
{
|
||||||
return gtls_connect_common(conn, sockindex, TRUE, done);
|
return gtls_connect_common(conn, sockindex, TRUE, done);
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode
|
static CURLcode Curl_gtls_connect(struct connectdata *conn, int sockindex)
|
||||||
Curl_gtls_connect(struct connectdata *conn,
|
|
||||||
int sockindex)
|
|
||||||
|
|
||||||
{
|
{
|
||||||
CURLcode result;
|
CURLcode result;
|
||||||
bool done = FALSE;
|
bool done = FALSE;
|
||||||
@ -1518,7 +1513,8 @@ Curl_gtls_connect(struct connectdata *conn,
|
|||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool Curl_gtls_data_pending(const struct connectdata *conn, int connindex)
|
static bool Curl_gtls_data_pending(const struct connectdata *conn,
|
||||||
|
int connindex)
|
||||||
{
|
{
|
||||||
bool res = FALSE;
|
bool res = FALSE;
|
||||||
if(conn->ssl[connindex].session &&
|
if(conn->ssl[connindex].session &&
|
||||||
@ -1570,7 +1566,7 @@ static void close_one(struct ssl_connect_data *ssl)
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_gtls_close(struct connectdata *conn, int sockindex)
|
static void Curl_gtls_close(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
close_one(&conn->ssl[sockindex]);
|
close_one(&conn->ssl[sockindex]);
|
||||||
close_one(&conn->proxy_ssl[sockindex]);
|
close_one(&conn->proxy_ssl[sockindex]);
|
||||||
@ -1580,7 +1576,7 @@ void Curl_gtls_close(struct connectdata *conn, int sockindex)
|
|||||||
* This function is called to shut down the SSL layer but keep the
|
* This function is called to shut down the SSL layer but keep the
|
||||||
* socket open (CCC - Clear Command Channel)
|
* socket open (CCC - Clear Command Channel)
|
||||||
*/
|
*/
|
||||||
int Curl_gtls_shutdown(struct connectdata *conn, int sockindex)
|
static int Curl_gtls_shutdown(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
ssize_t result;
|
ssize_t result;
|
||||||
int retval = 0;
|
int retval = 0;
|
||||||
@ -1678,6 +1674,7 @@ static ssize_t gtls_recv(struct connectdata *conn, /* connection data */
|
|||||||
|
|
||||||
if(ret < 0) {
|
if(ret < 0) {
|
||||||
failf(conn->data, "GnuTLS recv error (%d): %s",
|
failf(conn->data, "GnuTLS recv error (%d): %s",
|
||||||
|
|
||||||
(int)ret, gnutls_strerror((int)ret));
|
(int)ret, gnutls_strerror((int)ret));
|
||||||
*curlcode = CURLE_RECV_ERROR;
|
*curlcode = CURLE_RECV_ERROR;
|
||||||
return -1;
|
return -1;
|
||||||
@ -1686,12 +1683,12 @@ static ssize_t gtls_recv(struct connectdata *conn, /* connection data */
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_gtls_session_free(void *ptr)
|
static void Curl_gtls_session_free(void *ptr)
|
||||||
{
|
{
|
||||||
free(ptr);
|
free(ptr);
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t Curl_gtls_version(char *buffer, size_t size)
|
static size_t Curl_gtls_version(char *buffer, size_t size)
|
||||||
{
|
{
|
||||||
return snprintf(buffer, size, "GnuTLS/%s", gnutls_check_version(NULL));
|
return snprintf(buffer, size, "GnuTLS/%s", gnutls_check_version(NULL));
|
||||||
}
|
}
|
||||||
@ -1721,9 +1718,8 @@ static int Curl_gtls_seed(struct Curl_easy *data)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* data might be NULL! */
|
/* data might be NULL! */
|
||||||
CURLcode Curl_gtls_random(struct Curl_easy *data,
|
static CURLcode Curl_gtls_random(struct Curl_easy *data,
|
||||||
unsigned char *entropy,
|
unsigned char *entropy, size_t length)
|
||||||
size_t length)
|
|
||||||
{
|
{
|
||||||
#if defined(USE_GNUTLS_NETTLE)
|
#if defined(USE_GNUTLS_NETTLE)
|
||||||
int rc;
|
int rc;
|
||||||
@ -1777,7 +1773,7 @@ static void Curl_gtls_sha256sum(const unsigned char *tmp, /* input */
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
bool Curl_gtls_cert_status_request(void)
|
static bool Curl_gtls_cert_status_request(void)
|
||||||
{
|
{
|
||||||
#ifdef HAS_OCSP
|
#ifdef HAS_OCSP
|
||||||
return TRUE;
|
return TRUE;
|
||||||
|
@ -28,27 +28,6 @@
|
|||||||
|
|
||||||
#include "urldata.h"
|
#include "urldata.h"
|
||||||
|
|
||||||
int Curl_gtls_init(void);
|
|
||||||
void Curl_gtls_cleanup(void);
|
|
||||||
CURLcode Curl_gtls_connect(struct connectdata *conn, int sockindex);
|
|
||||||
CURLcode Curl_gtls_connect_nonblocking(struct connectdata *conn,
|
|
||||||
int sockindex,
|
|
||||||
bool *done);
|
|
||||||
bool Curl_gtls_data_pending(const struct connectdata *conn,
|
|
||||||
int connindex);
|
|
||||||
|
|
||||||
/* close a SSL connection */
|
|
||||||
void Curl_gtls_close(struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
void Curl_gtls_session_free(void *ptr);
|
|
||||||
size_t Curl_gtls_version(char *buffer, size_t size);
|
|
||||||
int Curl_gtls_shutdown(struct connectdata *conn, int sockindex);
|
|
||||||
CURLcode Curl_gtls_random(struct Curl_easy *data,
|
|
||||||
unsigned char *entropy,
|
|
||||||
size_t length);
|
|
||||||
|
|
||||||
bool Curl_gtls_cert_status_request(void);
|
|
||||||
|
|
||||||
extern const struct Curl_ssl Curl_ssl_gnutls;
|
extern const struct Curl_ssl Curl_ssl_gnutls;
|
||||||
|
|
||||||
/* Set the API backend definition to GnuTLS */
|
/* Set the API backend definition to GnuTLS */
|
||||||
|
@ -744,12 +744,12 @@ static ssize_t mbed_send(struct connectdata *conn, int sockindex,
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_mbedtls_close_all(struct Curl_easy *data)
|
static void Curl_mbedtls_close_all(struct Curl_easy *data)
|
||||||
{
|
{
|
||||||
(void)data;
|
(void)data;
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_mbedtls_close(struct connectdata *conn, int sockindex)
|
static void Curl_mbedtls_close(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
mbedtls_pk_free(&conn->ssl[sockindex].pk);
|
mbedtls_pk_free(&conn->ssl[sockindex].pk);
|
||||||
mbedtls_x509_crt_free(&conn->ssl[sockindex].clicert);
|
mbedtls_x509_crt_free(&conn->ssl[sockindex].clicert);
|
||||||
@ -788,21 +788,21 @@ static ssize_t mbed_recv(struct connectdata *conn, int num,
|
|||||||
return len;
|
return len;
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_mbedtls_session_free(void *ptr)
|
static void Curl_mbedtls_session_free(void *ptr)
|
||||||
{
|
{
|
||||||
mbedtls_ssl_session_free(ptr);
|
mbedtls_ssl_session_free(ptr);
|
||||||
free(ptr);
|
free(ptr);
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t Curl_mbedtls_version(char *buffer, size_t size)
|
static size_t Curl_mbedtls_version(char *buffer, size_t size)
|
||||||
{
|
{
|
||||||
unsigned int version = mbedtls_version_get_number();
|
unsigned int version = mbedtls_version_get_number();
|
||||||
return snprintf(buffer, size, "mbedTLS/%d.%d.%d", version>>24,
|
return snprintf(buffer, size, "mbedTLS/%d.%d.%d", version>>24,
|
||||||
(version>>16)&0xff, (version>>8)&0xff);
|
(version>>16)&0xff, (version>>8)&0xff);
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode Curl_mbedtls_random(struct Curl_easy *data, unsigned char *entropy,
|
static CURLcode Curl_mbedtls_random(struct Curl_easy *data,
|
||||||
size_t length)
|
unsigned char *entropy, size_t length)
|
||||||
{
|
{
|
||||||
#if defined(MBEDTLS_CTR_DRBG_C)
|
#if defined(MBEDTLS_CTR_DRBG_C)
|
||||||
int ret = -1;
|
int ret = -1;
|
||||||
@ -963,18 +963,14 @@ mbed_connect_common(struct connectdata *conn,
|
|||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode
|
static CURLcode Curl_mbedtls_connect_nonblocking(struct connectdata *conn,
|
||||||
Curl_mbedtls_connect_nonblocking(struct connectdata *conn,
|
int sockindex, bool *done)
|
||||||
int sockindex,
|
|
||||||
bool *done)
|
|
||||||
{
|
{
|
||||||
return mbed_connect_common(conn, sockindex, TRUE, done);
|
return mbed_connect_common(conn, sockindex, TRUE, done);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
CURLcode
|
static CURLcode Curl_mbedtls_connect(struct connectdata *conn, int sockindex)
|
||||||
Curl_mbedtls_connect(struct connectdata *conn,
|
|
||||||
int sockindex)
|
|
||||||
{
|
{
|
||||||
CURLcode retcode;
|
CURLcode retcode;
|
||||||
bool done = FALSE;
|
bool done = FALSE;
|
||||||
@ -992,17 +988,18 @@ Curl_mbedtls_connect(struct connectdata *conn,
|
|||||||
* return 0 error initializing SSL
|
* return 0 error initializing SSL
|
||||||
* return 1 SSL initialized successfully
|
* return 1 SSL initialized successfully
|
||||||
*/
|
*/
|
||||||
int Curl_mbedtls_init(void)
|
static int Curl_mbedtls_init(void)
|
||||||
{
|
{
|
||||||
return Curl_polarsslthreadlock_thread_setup();
|
return Curl_polarsslthreadlock_thread_setup();
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_mbedtls_cleanup(void)
|
static void Curl_mbedtls_cleanup(void)
|
||||||
{
|
{
|
||||||
(void)Curl_polarsslthreadlock_thread_cleanup();
|
(void)Curl_polarsslthreadlock_thread_cleanup();
|
||||||
}
|
}
|
||||||
|
|
||||||
bool Curl_mbedtls_data_pending(const struct connectdata *conn, int sockindex)
|
static bool Curl_mbedtls_data_pending(const struct connectdata *conn,
|
||||||
|
int sockindex)
|
||||||
{
|
{
|
||||||
return mbedtls_ssl_get_bytes_avail(&conn->ssl[sockindex].ssl) != 0;
|
return mbedtls_ssl_get_bytes_avail(&conn->ssl[sockindex].ssl) != 0;
|
||||||
}
|
}
|
||||||
|
@ -26,31 +26,6 @@
|
|||||||
|
|
||||||
#ifdef USE_MBEDTLS
|
#ifdef USE_MBEDTLS
|
||||||
|
|
||||||
/* Called on first use mbedTLS, setup threading if supported */
|
|
||||||
int Curl_mbedtls_init(void);
|
|
||||||
void Curl_mbedtls_cleanup(void);
|
|
||||||
bool Curl_mbedtls_data_pending(const struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
CURLcode Curl_mbedtls_connect(struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
CURLcode Curl_mbedtls_connect_nonblocking(struct connectdata *conn,
|
|
||||||
int sockindex,
|
|
||||||
bool *done);
|
|
||||||
|
|
||||||
/* tell mbedTLS to close down all open information regarding connections (and
|
|
||||||
thus session ID caching etc) */
|
|
||||||
void Curl_mbedtls_close_all(struct Curl_easy *data);
|
|
||||||
|
|
||||||
/* close a SSL connection */
|
|
||||||
void Curl_mbedtls_close(struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
void Curl_mbedtls_session_free(void *ptr);
|
|
||||||
size_t Curl_mbedtls_version(char *buffer, size_t size);
|
|
||||||
int Curl_mbedtls_shutdown(struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
CURLcode Curl_mbedtls_random(struct Curl_easy *data, unsigned char *entropy,
|
|
||||||
size_t length);
|
|
||||||
|
|
||||||
extern const struct Curl_ssl Curl_ssl_mbedtls;
|
extern const struct Curl_ssl Curl_ssl_mbedtls;
|
||||||
|
|
||||||
#define CURL_SSL_BACKEND CURLSSLBACKEND_MBEDTLS
|
#define CURL_SSL_BACKEND CURLSSLBACKEND_MBEDTLS
|
||||||
|
@ -1351,7 +1351,7 @@ static CURLcode nss_init(struct Curl_easy *data)
|
|||||||
* @retval 0 error initializing SSL
|
* @retval 0 error initializing SSL
|
||||||
* @retval 1 SSL initialized successfully
|
* @retval 1 SSL initialized successfully
|
||||||
*/
|
*/
|
||||||
int Curl_nss_init(void)
|
static int Curl_nss_init(void)
|
||||||
{
|
{
|
||||||
/* curl_global_init() is not thread-safe so this test is ok */
|
/* curl_global_init() is not thread-safe so this test is ok */
|
||||||
if(nss_initlock == NULL) {
|
if(nss_initlock == NULL) {
|
||||||
@ -1386,7 +1386,7 @@ CURLcode Curl_nss_force_init(struct Curl_easy *data)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Global cleanup */
|
/* Global cleanup */
|
||||||
void Curl_nss_cleanup(void)
|
static void Curl_nss_cleanup(void)
|
||||||
{
|
{
|
||||||
/* This function isn't required to be threadsafe and this is only done
|
/* This function isn't required to be threadsafe and this is only done
|
||||||
* as a safety feature.
|
* as a safety feature.
|
||||||
@ -1426,8 +1426,7 @@ void Curl_nss_cleanup(void)
|
|||||||
* 0 means the connection has been closed
|
* 0 means the connection has been closed
|
||||||
* -1 means the connection status is unknown
|
* -1 means the connection status is unknown
|
||||||
*/
|
*/
|
||||||
int
|
static int Curl_nss_check_cxn(struct connectdata *conn)
|
||||||
Curl_nss_check_cxn(struct connectdata *conn)
|
|
||||||
{
|
{
|
||||||
int rc;
|
int rc;
|
||||||
char buf;
|
char buf;
|
||||||
@ -1473,7 +1472,7 @@ static void nss_close(struct ssl_connect_data *connssl)
|
|||||||
/*
|
/*
|
||||||
* This function is called when an SSL connection is closed.
|
* This function is called when an SSL connection is closed.
|
||||||
*/
|
*/
|
||||||
void Curl_nss_close(struct connectdata *conn, int sockindex)
|
static void Curl_nss_close(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
|
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
|
||||||
struct ssl_connect_data *connssl_proxy = &conn->proxy_ssl[sockindex];
|
struct ssl_connect_data *connssl_proxy = &conn->proxy_ssl[sockindex];
|
||||||
@ -2164,13 +2163,13 @@ static CURLcode nss_connect_common(struct connectdata *conn, int sockindex,
|
|||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
|
static CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
return nss_connect_common(conn, sockindex, /* blocking */ NULL);
|
return nss_connect_common(conn, sockindex, /* blocking */ NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode Curl_nss_connect_nonblocking(struct connectdata *conn,
|
static CURLcode Curl_nss_connect_nonblocking(struct connectdata *conn,
|
||||||
int sockindex, bool *done)
|
int sockindex, bool *done)
|
||||||
{
|
{
|
||||||
return nss_connect_common(conn, sockindex, done);
|
return nss_connect_common(conn, sockindex, done);
|
||||||
}
|
}
|
||||||
@ -2252,22 +2251,22 @@ static ssize_t nss_recv(struct connectdata *conn, /* connection data */
|
|||||||
return nread;
|
return nread;
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t Curl_nss_version(char *buffer, size_t size)
|
static size_t Curl_nss_version(char *buffer, size_t size)
|
||||||
{
|
{
|
||||||
return snprintf(buffer, size, "NSS/%s", NSS_VERSION);
|
return snprintf(buffer, size, "NSS/%s", NSS_VERSION);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* data might be NULL */
|
/* data might be NULL */
|
||||||
int Curl_nss_seed(struct Curl_easy *data)
|
static int Curl_nss_seed(struct Curl_easy *data)
|
||||||
{
|
{
|
||||||
/* make sure that NSS is initialized */
|
/* make sure that NSS is initialized */
|
||||||
return !!Curl_nss_force_init(data);
|
return !!Curl_nss_force_init(data);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* data might be NULL */
|
/* data might be NULL */
|
||||||
CURLcode Curl_nss_random(struct Curl_easy *data,
|
static CURLcode Curl_nss_random(struct Curl_easy *data,
|
||||||
unsigned char *entropy,
|
unsigned char *entropy,
|
||||||
size_t length)
|
size_t length)
|
||||||
{
|
{
|
||||||
Curl_nss_seed(data); /* Initiate the seed if not already done */
|
Curl_nss_seed(data); /* Initiate the seed if not already done */
|
||||||
|
|
||||||
@ -2306,7 +2305,7 @@ static void Curl_nss_sha256sum(const unsigned char *tmp, /* input */
|
|||||||
PK11_DestroyContext(SHA256pw, PR_TRUE);
|
PK11_DestroyContext(SHA256pw, PR_TRUE);
|
||||||
}
|
}
|
||||||
|
|
||||||
bool Curl_nss_cert_status_request(void)
|
static bool Curl_nss_cert_status_request(void)
|
||||||
{
|
{
|
||||||
#ifdef SSL_ENABLE_OCSP_STAPLING
|
#ifdef SSL_ENABLE_OCSP_STAPLING
|
||||||
return TRUE;
|
return TRUE;
|
||||||
@ -2315,7 +2314,7 @@ bool Curl_nss_cert_status_request(void)
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
bool Curl_nss_false_start(void)
|
static bool Curl_nss_false_start(void)
|
||||||
{
|
{
|
||||||
#if NSSVERNUM >= 0x030f04 /* 3.15.4 */
|
#if NSSVERNUM >= 0x030f04 /* 3.15.4 */
|
||||||
return TRUE;
|
return TRUE;
|
||||||
|
@ -30,32 +30,9 @@
|
|||||||
|
|
||||||
#include "urldata.h"
|
#include "urldata.h"
|
||||||
|
|
||||||
CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex);
|
|
||||||
CURLcode Curl_nss_connect_nonblocking(struct connectdata *conn,
|
|
||||||
int sockindex,
|
|
||||||
bool *done);
|
|
||||||
/* close a SSL connection */
|
|
||||||
void Curl_nss_close(struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
int Curl_nss_init(void);
|
|
||||||
void Curl_nss_cleanup(void);
|
|
||||||
|
|
||||||
size_t Curl_nss_version(char *buffer, size_t size);
|
|
||||||
int Curl_nss_check_cxn(struct connectdata *cxn);
|
|
||||||
int Curl_nss_seed(struct Curl_easy *data);
|
|
||||||
|
|
||||||
/* initialize NSS library if not already */
|
/* initialize NSS library if not already */
|
||||||
CURLcode Curl_nss_force_init(struct Curl_easy *data);
|
CURLcode Curl_nss_force_init(struct Curl_easy *data);
|
||||||
|
|
||||||
CURLcode Curl_nss_random(struct Curl_easy *data,
|
|
||||||
unsigned char *entropy,
|
|
||||||
size_t length);
|
|
||||||
|
|
||||||
|
|
||||||
bool Curl_nss_cert_status_request(void);
|
|
||||||
|
|
||||||
bool Curl_nss_false_start(void);
|
|
||||||
|
|
||||||
extern const struct Curl_ssl Curl_ssl_nss;
|
extern const struct Curl_ssl Curl_ssl_nss;
|
||||||
|
|
||||||
/* Set the API backend definition to NSS */
|
/* Set the API backend definition to NSS */
|
||||||
|
@ -732,7 +732,7 @@ static int x509_name_oneline(X509_NAME *a, char *buf, size_t size)
|
|||||||
* @retval 0 error initializing SSL
|
* @retval 0 error initializing SSL
|
||||||
* @retval 1 SSL initialized successfully
|
* @retval 1 SSL initialized successfully
|
||||||
*/
|
*/
|
||||||
int Curl_ossl_init(void)
|
static int Curl_ossl_init(void)
|
||||||
{
|
{
|
||||||
OPENSSL_load_builtin_modules();
|
OPENSSL_load_builtin_modules();
|
||||||
|
|
||||||
@ -774,7 +774,7 @@ int Curl_ossl_init(void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Global cleanup */
|
/* Global cleanup */
|
||||||
void Curl_ossl_cleanup(void)
|
static void Curl_ossl_cleanup(void)
|
||||||
{
|
{
|
||||||
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
|
||||||
!defined(LIBRESSL_VERSION_NUMBER)
|
!defined(LIBRESSL_VERSION_NUMBER)
|
||||||
@ -816,7 +816,7 @@ void Curl_ossl_cleanup(void)
|
|||||||
* 0 means the connection has been closed
|
* 0 means the connection has been closed
|
||||||
* -1 means the connection status is unknown
|
* -1 means the connection status is unknown
|
||||||
*/
|
*/
|
||||||
int Curl_ossl_check_cxn(struct connectdata *conn)
|
static int Curl_ossl_check_cxn(struct connectdata *conn)
|
||||||
{
|
{
|
||||||
/* SSL_peek takes data out of the raw recv buffer without peeking so we use
|
/* SSL_peek takes data out of the raw recv buffer without peeking so we use
|
||||||
recv MSG_PEEK instead. Bug #795 */
|
recv MSG_PEEK instead. Bug #795 */
|
||||||
@ -862,7 +862,8 @@ int Curl_ossl_check_cxn(struct connectdata *conn)
|
|||||||
|
|
||||||
/* Selects an OpenSSL crypto engine
|
/* Selects an OpenSSL crypto engine
|
||||||
*/
|
*/
|
||||||
CURLcode Curl_ossl_set_engine(struct Curl_easy *data, const char *engine)
|
static CURLcode Curl_ossl_set_engine(struct Curl_easy *data,
|
||||||
|
const char *engine)
|
||||||
{
|
{
|
||||||
#if defined(USE_OPENSSL) && defined(HAVE_OPENSSL_ENGINE_H)
|
#if defined(USE_OPENSSL) && defined(HAVE_OPENSSL_ENGINE_H)
|
||||||
ENGINE *e;
|
ENGINE *e;
|
||||||
@ -907,7 +908,7 @@ CURLcode Curl_ossl_set_engine(struct Curl_easy *data, const char *engine)
|
|||||||
|
|
||||||
/* Sets engine as default for all SSL operations
|
/* Sets engine as default for all SSL operations
|
||||||
*/
|
*/
|
||||||
CURLcode Curl_ossl_set_engine_default(struct Curl_easy *data)
|
static CURLcode Curl_ossl_set_engine_default(struct Curl_easy *data)
|
||||||
{
|
{
|
||||||
#ifdef HAVE_OPENSSL_ENGINE_H
|
#ifdef HAVE_OPENSSL_ENGINE_H
|
||||||
if(data->state.engine) {
|
if(data->state.engine) {
|
||||||
@ -929,7 +930,7 @@ CURLcode Curl_ossl_set_engine_default(struct Curl_easy *data)
|
|||||||
|
|
||||||
/* Return list of OpenSSL crypto engine names.
|
/* Return list of OpenSSL crypto engine names.
|
||||||
*/
|
*/
|
||||||
struct curl_slist *Curl_ossl_engines_list(struct Curl_easy *data)
|
static struct curl_slist *Curl_ossl_engines_list(struct Curl_easy *data)
|
||||||
{
|
{
|
||||||
struct curl_slist *list = NULL;
|
struct curl_slist *list = NULL;
|
||||||
#if defined(USE_OPENSSL) && defined(HAVE_OPENSSL_ENGINE_H)
|
#if defined(USE_OPENSSL) && defined(HAVE_OPENSSL_ENGINE_H)
|
||||||
@ -968,7 +969,7 @@ static void ossl_close(struct ssl_connect_data *connssl)
|
|||||||
/*
|
/*
|
||||||
* This function is called when an SSL connection is closed.
|
* This function is called when an SSL connection is closed.
|
||||||
*/
|
*/
|
||||||
void Curl_ossl_close(struct connectdata *conn, int sockindex)
|
static void Curl_ossl_close(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
ossl_close(&conn->ssl[sockindex]);
|
ossl_close(&conn->ssl[sockindex]);
|
||||||
ossl_close(&conn->proxy_ssl[sockindex]);
|
ossl_close(&conn->proxy_ssl[sockindex]);
|
||||||
@ -978,7 +979,7 @@ void Curl_ossl_close(struct connectdata *conn, int sockindex)
|
|||||||
* This function is called to shut down the SSL layer but keep the
|
* This function is called to shut down the SSL layer but keep the
|
||||||
* socket open (CCC - Clear Command Channel)
|
* socket open (CCC - Clear Command Channel)
|
||||||
*/
|
*/
|
||||||
int Curl_ossl_shutdown(struct connectdata *conn, int sockindex)
|
static int Curl_ossl_shutdown(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
int retval = 0;
|
int retval = 0;
|
||||||
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
|
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
|
||||||
@ -1077,7 +1078,7 @@ int Curl_ossl_shutdown(struct connectdata *conn, int sockindex)
|
|||||||
return retval;
|
return retval;
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_ossl_session_free(void *ptr)
|
static void Curl_ossl_session_free(void *ptr)
|
||||||
{
|
{
|
||||||
/* free the ID */
|
/* free the ID */
|
||||||
SSL_SESSION_free(ptr);
|
SSL_SESSION_free(ptr);
|
||||||
@ -1087,7 +1088,7 @@ void Curl_ossl_session_free(void *ptr)
|
|||||||
* This function is called when the 'data' struct is going away. Close
|
* This function is called when the 'data' struct is going away. Close
|
||||||
* down everything and free all resources!
|
* down everything and free all resources!
|
||||||
*/
|
*/
|
||||||
void Curl_ossl_close_all(struct Curl_easy *data)
|
static void Curl_ossl_close_all(struct Curl_easy *data)
|
||||||
{
|
{
|
||||||
#ifdef HAVE_OPENSSL_ENGINE_H
|
#ifdef HAVE_OPENSSL_ENGINE_H
|
||||||
if(data->state.engine) {
|
if(data->state.engine) {
|
||||||
@ -3148,14 +3149,14 @@ static CURLcode ossl_connect_common(struct connectdata *conn,
|
|||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode Curl_ossl_connect_nonblocking(struct connectdata *conn,
|
static CURLcode Curl_ossl_connect_nonblocking(struct connectdata *conn,
|
||||||
int sockindex,
|
int sockindex,
|
||||||
bool *done)
|
bool *done)
|
||||||
{
|
{
|
||||||
return ossl_connect_common(conn, sockindex, TRUE, done);
|
return ossl_connect_common(conn, sockindex, TRUE, done);
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode Curl_ossl_connect(struct connectdata *conn, int sockindex)
|
static CURLcode Curl_ossl_connect(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
CURLcode result;
|
CURLcode result;
|
||||||
bool done = FALSE;
|
bool done = FALSE;
|
||||||
@ -3169,7 +3170,8 @@ CURLcode Curl_ossl_connect(struct connectdata *conn, int sockindex)
|
|||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool Curl_ossl_data_pending(const struct connectdata *conn, int connindex)
|
static bool Curl_ossl_data_pending(const struct connectdata *conn,
|
||||||
|
int connindex)
|
||||||
{
|
{
|
||||||
if(conn->ssl[connindex].handle)
|
if(conn->ssl[connindex].handle)
|
||||||
/* SSL is in use */
|
/* SSL is in use */
|
||||||
@ -3180,6 +3182,8 @@ bool Curl_ossl_data_pending(const struct connectdata *conn, int connindex)
|
|||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static size_t Curl_ossl_version(char *buffer, size_t size);
|
||||||
|
|
||||||
static ssize_t ossl_send(struct connectdata *conn,
|
static ssize_t ossl_send(struct connectdata *conn,
|
||||||
int sockindex,
|
int sockindex,
|
||||||
const void *mem,
|
const void *mem,
|
||||||
@ -3293,7 +3297,7 @@ static ssize_t ossl_recv(struct connectdata *conn, /* connection data */
|
|||||||
return nread;
|
return nread;
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t Curl_ossl_version(char *buffer, size_t size)
|
static size_t Curl_ossl_version(char *buffer, size_t size)
|
||||||
{
|
{
|
||||||
#ifdef OPENSSL_IS_BORINGSSL
|
#ifdef OPENSSL_IS_BORINGSSL
|
||||||
return snprintf(buffer, size, OSSL_PACKAGE);
|
return snprintf(buffer, size, OSSL_PACKAGE);
|
||||||
@ -3333,8 +3337,8 @@ size_t Curl_ossl_version(char *buffer, size_t size)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* can be called with data == NULL */
|
/* can be called with data == NULL */
|
||||||
CURLcode Curl_ossl_random(struct Curl_easy *data, unsigned char *entropy,
|
static CURLcode Curl_ossl_random(struct Curl_easy *data,
|
||||||
size_t length)
|
unsigned char *entropy, size_t length)
|
||||||
{
|
{
|
||||||
int rc;
|
int rc;
|
||||||
if(data) {
|
if(data) {
|
||||||
@ -3377,7 +3381,7 @@ static void Curl_ossl_sha256sum(const unsigned char *tmp, /* input */
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
bool Curl_ossl_cert_status_request(void)
|
static bool Curl_ossl_cert_status_request(void)
|
||||||
{
|
{
|
||||||
#if (OPENSSL_VERSION_NUMBER >= 0x0090808fL) && !defined(OPENSSL_NO_TLSEXT) && \
|
#if (OPENSSL_VERSION_NUMBER >= 0x0090808fL) && !defined(OPENSSL_NO_TLSEXT) && \
|
||||||
!defined(OPENSSL_NO_OCSP)
|
!defined(OPENSSL_NO_OCSP)
|
||||||
|
@ -31,46 +31,6 @@
|
|||||||
|
|
||||||
#include "urldata.h"
|
#include "urldata.h"
|
||||||
|
|
||||||
CURLcode Curl_ossl_connect(struct connectdata *conn, int sockindex);
|
|
||||||
CURLcode Curl_ossl_connect_nonblocking(struct connectdata *conn,
|
|
||||||
int sockindex,
|
|
||||||
bool *done);
|
|
||||||
|
|
||||||
/* close a SSL connection */
|
|
||||||
void Curl_ossl_close(struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
/* tell OpenSSL to close down all open information regarding connections (and
|
|
||||||
thus session ID caching etc) */
|
|
||||||
void Curl_ossl_close_all(struct Curl_easy *data);
|
|
||||||
|
|
||||||
/* Sets an OpenSSL engine */
|
|
||||||
CURLcode Curl_ossl_set_engine(struct Curl_easy *data, const char *engine);
|
|
||||||
|
|
||||||
/* function provided for the generic SSL-layer, called when a session id
|
|
||||||
should be freed */
|
|
||||||
void Curl_ossl_session_free(void *ptr);
|
|
||||||
|
|
||||||
/* Sets engine as default for all SSL operations */
|
|
||||||
CURLcode Curl_ossl_set_engine_default(struct Curl_easy *data);
|
|
||||||
|
|
||||||
/* Build list of OpenSSL engines */
|
|
||||||
struct curl_slist *Curl_ossl_engines_list(struct Curl_easy *data);
|
|
||||||
|
|
||||||
int Curl_ossl_init(void);
|
|
||||||
void Curl_ossl_cleanup(void);
|
|
||||||
|
|
||||||
size_t Curl_ossl_version(char *buffer, size_t size);
|
|
||||||
int Curl_ossl_check_cxn(struct connectdata *cxn);
|
|
||||||
int Curl_ossl_shutdown(struct connectdata *conn, int sockindex);
|
|
||||||
bool Curl_ossl_data_pending(const struct connectdata *conn,
|
|
||||||
int connindex);
|
|
||||||
|
|
||||||
/* return 0 if a find random is filled in */
|
|
||||||
CURLcode Curl_ossl_random(struct Curl_easy *data, unsigned char *entropy,
|
|
||||||
size_t length);
|
|
||||||
|
|
||||||
bool Curl_ossl_cert_status_request(void);
|
|
||||||
|
|
||||||
extern const struct Curl_ssl Curl_ssl_openssl;
|
extern const struct Curl_ssl Curl_ssl_openssl;
|
||||||
|
|
||||||
/* Set the API backend definition to OpenSSL */
|
/* Set the API backend definition to OpenSSL */
|
||||||
|
@ -659,7 +659,7 @@ static ssize_t polarssl_send(struct connectdata *conn,
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_polarssl_close(struct connectdata *conn, int sockindex)
|
static void Curl_polarssl_close(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
rsa_free(&conn->ssl[sockindex].rsa);
|
rsa_free(&conn->ssl[sockindex].rsa);
|
||||||
x509_crt_free(&conn->ssl[sockindex].clicert);
|
x509_crt_free(&conn->ssl[sockindex].clicert);
|
||||||
@ -694,7 +694,7 @@ static ssize_t polarssl_recv(struct connectdata *conn,
|
|||||||
return len;
|
return len;
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_polarssl_session_free(void *ptr)
|
static void Curl_polarssl_session_free(void *ptr)
|
||||||
{
|
{
|
||||||
ssl_session_free(ptr);
|
ssl_session_free(ptr);
|
||||||
free(ptr);
|
free(ptr);
|
||||||
@ -703,7 +703,7 @@ void Curl_polarssl_session_free(void *ptr)
|
|||||||
/* 1.3.10 was the first rebranded version. All new releases (in 1.3 branch and
|
/* 1.3.10 was the first rebranded version. All new releases (in 1.3 branch and
|
||||||
higher) will be mbed TLS branded.. */
|
higher) will be mbed TLS branded.. */
|
||||||
|
|
||||||
size_t Curl_polarssl_version(char *buffer, size_t size)
|
static size_t Curl_polarssl_version(char *buffer, size_t size)
|
||||||
{
|
{
|
||||||
unsigned int version = version_get_number();
|
unsigned int version = version_get_number();
|
||||||
return snprintf(buffer, size, "%s/%d.%d.%d",
|
return snprintf(buffer, size, "%s/%d.%d.%d",
|
||||||
@ -825,18 +825,14 @@ polarssl_connect_common(struct connectdata *conn,
|
|||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode
|
static CURLcode Curl_polarssl_connect_nonblocking(struct connectdata *conn,
|
||||||
Curl_polarssl_connect_nonblocking(struct connectdata *conn,
|
int sockindex, bool *done)
|
||||||
int sockindex,
|
|
||||||
bool *done)
|
|
||||||
{
|
{
|
||||||
return polarssl_connect_common(conn, sockindex, TRUE, done);
|
return polarssl_connect_common(conn, sockindex, TRUE, done);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
CURLcode
|
static CURLcode Curl_polarssl_connect(struct connectdata *conn, int sockindex)
|
||||||
Curl_polarssl_connect(struct connectdata *conn,
|
|
||||||
int sockindex)
|
|
||||||
{
|
{
|
||||||
CURLcode result;
|
CURLcode result;
|
||||||
bool done = FALSE;
|
bool done = FALSE;
|
||||||
@ -854,18 +850,18 @@ Curl_polarssl_connect(struct connectdata *conn,
|
|||||||
* return 0 error initializing SSL
|
* return 0 error initializing SSL
|
||||||
* return 1 SSL initialized successfully
|
* return 1 SSL initialized successfully
|
||||||
*/
|
*/
|
||||||
int Curl_polarssl_init(void)
|
static int Curl_polarssl_init(void)
|
||||||
{
|
{
|
||||||
return Curl_polarsslthreadlock_thread_setup();
|
return Curl_polarsslthreadlock_thread_setup();
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_polarssl_cleanup(void)
|
static void Curl_polarssl_cleanup(void)
|
||||||
{
|
{
|
||||||
(void)Curl_polarsslthreadlock_thread_cleanup();
|
(void)Curl_polarsslthreadlock_thread_cleanup();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static bool Curl_polarssl_data_pending(const struct connectdata *conn,
|
||||||
bool Curl_polarssl_data_pending(const struct connectdata *conn, int sockindex)
|
int sockindex)
|
||||||
{
|
{
|
||||||
return ssl_get_bytes_avail(&conn->ssl[sockindex].ssl) != 0;
|
return ssl_get_bytes_avail(&conn->ssl[sockindex].ssl) != 0;
|
||||||
}
|
}
|
||||||
|
@ -26,25 +26,6 @@
|
|||||||
|
|
||||||
#ifdef USE_POLARSSL
|
#ifdef USE_POLARSSL
|
||||||
|
|
||||||
/* Called on first use PolarSSL, setup threading if supported */
|
|
||||||
int Curl_polarssl_init(void);
|
|
||||||
void Curl_polarssl_cleanup(void);
|
|
||||||
bool Curl_polarssl_data_pending(const struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
|
|
||||||
CURLcode Curl_polarssl_connect(struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
CURLcode Curl_polarssl_connect_nonblocking(struct connectdata *conn,
|
|
||||||
int sockindex,
|
|
||||||
bool *done);
|
|
||||||
|
|
||||||
/* close a SSL connection */
|
|
||||||
void Curl_polarssl_close(struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
void Curl_polarssl_session_free(void *ptr);
|
|
||||||
size_t Curl_polarssl_version(char *buffer, size_t size);
|
|
||||||
int Curl_polarssl_shutdown(struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
extern const struct Curl_ssl Curl_ssl_polarssl;
|
extern const struct Curl_ssl Curl_ssl_polarssl;
|
||||||
|
|
||||||
/* Set the API backend definition to PolarSSL */
|
/* Set the API backend definition to PolarSSL */
|
||||||
|
@ -1395,15 +1395,13 @@ cleanup:
|
|||||||
return *err ? -1 : 0;
|
return *err ? -1 : 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode
|
static CURLcode Curl_schannel_connect_nonblocking(struct connectdata *conn,
|
||||||
Curl_schannel_connect_nonblocking(struct connectdata *conn, int sockindex,
|
int sockindex, bool *done)
|
||||||
bool *done)
|
|
||||||
{
|
{
|
||||||
return schannel_connect_common(conn, sockindex, TRUE, done);
|
return schannel_connect_common(conn, sockindex, TRUE, done);
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode
|
static CURLcode Curl_schannel_connect(struct connectdata *conn, int sockindex)
|
||||||
Curl_schannel_connect(struct connectdata *conn, int sockindex)
|
|
||||||
{
|
{
|
||||||
CURLcode result;
|
CURLcode result;
|
||||||
bool done = FALSE;
|
bool done = FALSE;
|
||||||
@ -1417,7 +1415,8 @@ Curl_schannel_connect(struct connectdata *conn, int sockindex)
|
|||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool Curl_schannel_data_pending(const struct connectdata *conn, int sockindex)
|
static bool Curl_schannel_data_pending(const struct connectdata *conn,
|
||||||
|
int sockindex)
|
||||||
{
|
{
|
||||||
const struct ssl_connect_data *connssl = &conn->ssl[sockindex];
|
const struct ssl_connect_data *connssl = &conn->ssl[sockindex];
|
||||||
|
|
||||||
@ -1428,14 +1427,14 @@ bool Curl_schannel_data_pending(const struct connectdata *conn, int sockindex)
|
|||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_schannel_close(struct connectdata *conn, int sockindex)
|
static void Curl_schannel_close(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
if(conn->ssl[sockindex].use)
|
if(conn->ssl[sockindex].use)
|
||||||
/* if the SSL/TLS channel hasn't been shut down yet, do that now. */
|
/* if the SSL/TLS channel hasn't been shut down yet, do that now. */
|
||||||
Curl_ssl_shutdown(conn, sockindex);
|
Curl_ssl_shutdown(conn, sockindex);
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_schannel_session_free(void *ptr)
|
static void Curl_schannel_session_free(void *ptr)
|
||||||
{
|
{
|
||||||
/* this is expected to be called under sessionid lock */
|
/* this is expected to be called under sessionid lock */
|
||||||
struct curl_schannel_cred *cred = ptr;
|
struct curl_schannel_cred *cred = ptr;
|
||||||
@ -1447,7 +1446,7 @@ void Curl_schannel_session_free(void *ptr)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
int Curl_schannel_shutdown(struct connectdata *conn, int sockindex)
|
static int Curl_schannel_shutdown(struct connectdata *conn, int sockindex)
|
||||||
{
|
{
|
||||||
/* See https://msdn.microsoft.com/en-us/library/windows/desktop/aa380138.aspx
|
/* See https://msdn.microsoft.com/en-us/library/windows/desktop/aa380138.aspx
|
||||||
* Shutting Down an Schannel Connection
|
* Shutting Down an Schannel Connection
|
||||||
@ -1551,25 +1550,25 @@ int Curl_schannel_shutdown(struct connectdata *conn, int sockindex)
|
|||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
int Curl_schannel_init(void)
|
static int Curl_schannel_init(void)
|
||||||
{
|
{
|
||||||
return (Curl_sspi_global_init() == CURLE_OK ? 1 : 0);
|
return (Curl_sspi_global_init() == CURLE_OK ? 1 : 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
void Curl_schannel_cleanup(void)
|
static void Curl_schannel_cleanup(void)
|
||||||
{
|
{
|
||||||
Curl_sspi_global_cleanup();
|
Curl_sspi_global_cleanup();
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t Curl_schannel_version(char *buffer, size_t size)
|
static size_t Curl_schannel_version(char *buffer, size_t size)
|
||||||
{
|
{
|
||||||
size = snprintf(buffer, size, "WinSSL");
|
size = snprintf(buffer, size, "WinSSL");
|
||||||
|
|
||||||
return size;
|
return size;
|
||||||
}
|
}
|
||||||
|
|
||||||
CURLcode Curl_schannel_random(struct Curl_easy *data UNUSED_PARAM,
|
static CURLcode Curl_schannel_random(struct Curl_easy *data UNUSED_PARAM,
|
||||||
unsigned char *entropy, size_t length)
|
unsigned char *entropy, size_t length)
|
||||||
{
|
{
|
||||||
HCRYPTPROV hCryptProv = 0;
|
HCRYPTPROV hCryptProv = 0;
|
||||||
|
|
||||||
|
@ -76,25 +76,6 @@
|
|||||||
#define CURL_SCHANNEL_BUFFER_INIT_SIZE 4096
|
#define CURL_SCHANNEL_BUFFER_INIT_SIZE 4096
|
||||||
#define CURL_SCHANNEL_BUFFER_FREE_SIZE 1024
|
#define CURL_SCHANNEL_BUFFER_FREE_SIZE 1024
|
||||||
|
|
||||||
|
|
||||||
CURLcode Curl_schannel_connect(struct connectdata *conn, int sockindex);
|
|
||||||
|
|
||||||
CURLcode Curl_schannel_connect_nonblocking(struct connectdata *conn,
|
|
||||||
int sockindex,
|
|
||||||
bool *done);
|
|
||||||
|
|
||||||
bool Curl_schannel_data_pending(const struct connectdata *conn, int sockindex);
|
|
||||||
void Curl_schannel_close(struct connectdata *conn, int sockindex);
|
|
||||||
int Curl_schannel_shutdown(struct connectdata *conn, int sockindex);
|
|
||||||
void Curl_schannel_session_free(void *ptr);
|
|
||||||
|
|
||||||
int Curl_schannel_init(void);
|
|
||||||
void Curl_schannel_cleanup(void);
|
|
||||||
size_t Curl_schannel_version(char *buffer, size_t size);
|
|
||||||
|
|
||||||
CURLcode Curl_schannel_random(struct Curl_easy *data, unsigned char *entropy,
|
|
||||||
size_t length);
|
|
||||||
|
|
||||||
extern const struct Curl_ssl Curl_ssl_schannel;
|
extern const struct Curl_ssl Curl_ssl_schannel;
|
||||||
|
|
||||||
/* Set the API backend definition to Schannel */
|
/* Set the API backend definition to Schannel */
|
||||||
|
@ -28,14 +28,6 @@
|
|||||||
to any specific SSL-layer.
|
to any specific SSL-layer.
|
||||||
|
|
||||||
Curl_ssl_ - prefix for generic ones
|
Curl_ssl_ - prefix for generic ones
|
||||||
Curl_ossl_ - prefix for OpenSSL ones
|
|
||||||
Curl_gtls_ - prefix for GnuTLS ones
|
|
||||||
Curl_nss_ - prefix for NSS ones
|
|
||||||
Curl_gskit_ - prefix for GSKit ones
|
|
||||||
Curl_polarssl_ - prefix for PolarSSL ones
|
|
||||||
Curl_cyassl_ - prefix for CyaSSL ones
|
|
||||||
Curl_schannel_ - prefix for Schannel SSPI ones
|
|
||||||
Curl_darwinssl_ - prefix for SecureTransport (Darwin) ones
|
|
||||||
|
|
||||||
Note that this source code uses the functions of the configured SSL
|
Note that this source code uses the functions of the configured SSL
|
||||||
backend via the global Curl_ssl instance.
|
backend via the global Curl_ssl instance.
|
||||||
|
Loading…
Reference in New Issue
Block a user