moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-11-12 04:25:08 -05:00
Code Issues Releases Wiki Activity

polarssl: add ALPN support

Browse Source 
PolarSSL added ALPN support in their 1.3.6 release.

See:
https://polarssl.org/tech-updates/releases/polarssl-1.3.6-released
This commit is contained in:
Fabian Frank 2014-05-19 02:12:11 -07:00 committed by Daniel Stenberg
parent ac6da721a3
commit 1439dfb576
1 changed files with 46 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
lib/vtls/polarssl.c
View File

@ -119,6 +119,14 @@ static void polarssl_debug(void *context, int level, const char *line)
#else #else
#endif #endif
/* ALPN for http2? */
#ifdef USE_NGHTTP2
# undef HAS_ALPN
# ifdef POLARSSL_SSL_ALPN
# define HAS_ALPN
# endif
#endif
static Curl_recv polarssl_recv; static Curl_recv polarssl_recv;
static Curl_send polarssl_send; static Curl_send polarssl_send;
@ -139,11 +147,9 @@ polarssl_connect_step1(struct connectdata *conn,
#endif #endif
void *old_session = NULL; void *old_session = NULL;
size_t old_session_size = 0; size_t old_session_size = 0;
char errorbuf[128]; char errorbuf[128];
memset(errorbuf, 0, sizeof(errorbuf)); memset(errorbuf, 0, sizeof(errorbuf));
/* PolarSSL only supports SSLv3 and TLSv1 */ /* PolarSSL only supports SSLv3 and TLSv1 */
if(data->set.ssl.version == CURL_SSLVERSION_SSLv2) { if(data->set.ssl.version == CURL_SSLVERSION_SSLv2) {
failf(data, "PolarSSL does not support SSLv2"); failf(data, "PolarSSL does not support SSLv2");
@ -299,6 +305,19 @@ polarssl_connect_step1(struct connectdata *conn,
"server name indication (SNI) TLS extension\n"); "server name indication (SNI) TLS extension\n");
} }
#ifdef HAS_ALPN
if(data->set.httpversion == CURL_HTTP_VERSION_2_0) {
if(data->set.ssl_enable_alpn) {
static const char* protocols[] = {
NGHTTP2_PROTO_VERSION_ID, ALPN_HTTP_1_1, NULL
};
ssl_set_alpn_protocols(&connssl->ssl, protocols);
infof(data, "ALPN, offering %s, %s\n", protocols[0],
protocols[1]);
}
}
#endif
#ifdef POLARSSL_DEBUG #ifdef POLARSSL_DEBUG
ssl_set_dbg(&connssl->ssl, polarssl_debug, data); ssl_set_dbg(&connssl->ssl, polarssl_debug, data);
#endif #endif
@ -317,6 +336,10 @@ polarssl_connect_step2(struct connectdata *conn,
struct ssl_connect_data* connssl = &conn->ssl[sockindex]; struct ssl_connect_data* connssl = &conn->ssl[sockindex];
char buffer[1024]; char buffer[1024];
#ifdef HAS_ALPN
const char* next_protocol;
#endif
char errorbuf[128]; char errorbuf[128];
memset(errorbuf, 0, sizeof(errorbuf)); memset(errorbuf, 0, sizeof(errorbuf));
@ -384,6 +407,27 @@ polarssl_connect_step2(struct connectdata *conn,
infof(data, "Dumping cert info:\n%s\n", buffer); infof(data, "Dumping cert info:\n%s\n", buffer);
} }
#ifdef HAS_ALPN
if(data->set.ssl_enable_alpn) {
next_protocol = ssl_get_alpn_protocol(&connssl->ssl);
if(next_protocol != NULL) {
infof(data, "ALPN, server accepted to use %s\n", next_protocol);
if(strncmp(next_protocol, NGHTTP2_PROTO_VERSION_ID,
NGHTTP2_PROTO_VERSION_ID_LEN)) {
conn->negnpn = NPN_HTTP2;
}
else if(strncmp(next_protocol, ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH)) {
conn->negnpn = NPN_HTTP1_1;
}
}
else {
infof(data, "ALPN, server did not agree to a protocol\n");
}
}
#endif
connssl->connecting_state = ssl_connect_3; connssl->connecting_state = ssl_connect_3;
infof(data, "SSL connected\n"); infof(data, "SSL connected\n");