From 118b074fba6ac9d8128410ce14cd05d46ad6dfa5 Mon Sep 17 00:00:00 2001 From: Johannes Schindelin Date: Mon, 26 Jun 2017 17:05:49 +0200 Subject: [PATCH] vtls: move SSL backends' private constants out of their header files Signed-off-by: Johannes Schindelin --- lib/vtls/openssl.c | 3 +++ lib/vtls/openssl.h | 3 --- lib/vtls/schannel.c | 48 +++++++++++++++++++++++++++++++++++++++++++++ lib/vtls/schannel.h | 48 --------------------------------------------- 4 files changed, 51 insertions(+), 51 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 69f35c73c..fcd4539d5 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -152,6 +152,9 @@ static unsigned long OpenSSL_version_num(void) #define OSSL_PACKAGE "OpenSSL" #endif +#define DEFAULT_CIPHER_SELECTION \ + "ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH" + /* * Number of bytes to read from the random number seed file. This must be * a finite value (because some entropy "files" like /dev/urandom have diff --git a/lib/vtls/openssl.h b/lib/vtls/openssl.h index 673719604..030addac6 100644 --- a/lib/vtls/openssl.h +++ b/lib/vtls/openssl.h @@ -36,8 +36,5 @@ extern const struct Curl_ssl Curl_ssl_openssl; /* Set the API backend definition to OpenSSL */ #define CURL_SSL_BACKEND CURLSSLBACKEND_OPENSSL -#define DEFAULT_CIPHER_SELECTION \ - "ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH" - #endif /* USE_OPENSSL */ #endif /* HEADER_CURL_SSLUSE_H */ diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 0531b9b2f..d01a224c9 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -74,6 +74,54 @@ # define HAS_ALPN 1 #endif +#ifndef UNISP_NAME_A +#define UNISP_NAME_A "Microsoft Unified Security Protocol Provider" +#endif + +#ifndef UNISP_NAME_W +#define UNISP_NAME_W L"Microsoft Unified Security Protocol Provider" +#endif + +#ifndef UNISP_NAME +#ifdef UNICODE +#define UNISP_NAME UNISP_NAME_W +#else +#define UNISP_NAME UNISP_NAME_A +#endif +#endif + +#ifndef SP_PROT_SSL2_CLIENT +#define SP_PROT_SSL2_CLIENT 0x00000008 +#endif + +#ifndef SP_PROT_SSL3_CLIENT +#define SP_PROT_SSL3_CLIENT 0x00000008 +#endif + +#ifndef SP_PROT_TLS1_CLIENT +#define SP_PROT_TLS1_CLIENT 0x00000080 +#endif + +#ifndef SP_PROT_TLS1_0_CLIENT +#define SP_PROT_TLS1_0_CLIENT SP_PROT_TLS1_CLIENT +#endif + +#ifndef SP_PROT_TLS1_1_CLIENT +#define SP_PROT_TLS1_1_CLIENT 0x00000200 +#endif + +#ifndef SP_PROT_TLS1_2_CLIENT +#define SP_PROT_TLS1_2_CLIENT 0x00000800 +#endif + +#ifndef SECBUFFER_ALERT +#define SECBUFFER_ALERT 17 +#endif + +/* Both schannel buffer sizes must be > 0 */ +#define CURL_SCHANNEL_BUFFER_INIT_SIZE 4096 +#define CURL_SCHANNEL_BUFFER_FREE_SIZE 1024 + /* Uncomment to force verbose output * #define infof(x, y, ...) printf(y, __VA_ARGS__) * #define failf(x, y, ...) printf(y, __VA_ARGS__) diff --git a/lib/vtls/schannel.h b/lib/vtls/schannel.h index 04d640147..4a254df4b 100644 --- a/lib/vtls/schannel.h +++ b/lib/vtls/schannel.h @@ -28,54 +28,6 @@ #include "urldata.h" -#ifndef UNISP_NAME_A -#define UNISP_NAME_A "Microsoft Unified Security Protocol Provider" -#endif - -#ifndef UNISP_NAME_W -#define UNISP_NAME_W L"Microsoft Unified Security Protocol Provider" -#endif - -#ifndef UNISP_NAME -#ifdef UNICODE -#define UNISP_NAME UNISP_NAME_W -#else -#define UNISP_NAME UNISP_NAME_A -#endif -#endif - -#ifndef SP_PROT_SSL2_CLIENT -#define SP_PROT_SSL2_CLIENT 0x00000008 -#endif - -#ifndef SP_PROT_SSL3_CLIENT -#define SP_PROT_SSL3_CLIENT 0x00000008 -#endif - -#ifndef SP_PROT_TLS1_CLIENT -#define SP_PROT_TLS1_CLIENT 0x00000080 -#endif - -#ifndef SP_PROT_TLS1_0_CLIENT -#define SP_PROT_TLS1_0_CLIENT SP_PROT_TLS1_CLIENT -#endif - -#ifndef SP_PROT_TLS1_1_CLIENT -#define SP_PROT_TLS1_1_CLIENT 0x00000200 -#endif - -#ifndef SP_PROT_TLS1_2_CLIENT -#define SP_PROT_TLS1_2_CLIENT 0x00000800 -#endif - -#ifndef SECBUFFER_ALERT -#define SECBUFFER_ALERT 17 -#endif - -/* Both schannel buffer sizes must be > 0 */ -#define CURL_SCHANNEL_BUFFER_INIT_SIZE 4096 -#define CURL_SCHANNEL_BUFFER_FREE_SIZE 1024 - extern const struct Curl_ssl Curl_ssl_schannel; /* Set the API backend definition to Schannel */