From 52c13d6328ff56b2d2e8313e88cfdfc78acda365 Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Mon, 3 Sep 2018 13:04:00 +0200 Subject: [PATCH] url, vtls: make CURLOPT{,_PROXY}_TLS13_CIPHERS work This is a follow-up to PR #2607 and PR #2926. Closes #2936 --- lib/url.c | 4 ++++ lib/vtls/vtls.c | 5 ++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/lib/url.c b/lib/url.c index 12f0f8ae7..6c9caffab 100644 --- a/lib/url.c +++ b/lib/url.c @@ -4334,6 +4334,10 @@ static CURLcode create_conn(struct Curl_easy *data, data->set.str[STRING_SSL_CIPHER_LIST_ORIG]; data->set.proxy_ssl.primary.cipher_list = data->set.str[STRING_SSL_CIPHER_LIST_PROXY]; + data->set.ssl.primary.cipher_list13 = + data->set.str[STRING_SSL_CIPHER13_LIST_ORIG]; + data->set.proxy_ssl.primary.cipher_list13 = + data->set.str[STRING_SSL_CIPHER13_LIST_PROXY]; data->set.ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE_ORIG]; data->set.proxy_ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE_PROXY]; diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index bf96518bc..b61c64034 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -96,7 +96,8 @@ Curl_ssl_config_matches(struct ssl_primary_config* data, Curl_safe_strcasecompare(data->clientcert, needle->clientcert) && Curl_safe_strcasecompare(data->random_file, needle->random_file) && Curl_safe_strcasecompare(data->egdsocket, needle->egdsocket) && - Curl_safe_strcasecompare(data->cipher_list, needle->cipher_list)) + Curl_safe_strcasecompare(data->cipher_list, needle->cipher_list) && + Curl_safe_strcasecompare(data->cipher_list13, needle->cipher_list13)) return TRUE; return FALSE; @@ -119,6 +120,7 @@ Curl_clone_primary_ssl_config(struct ssl_primary_config *source, CLONE_STRING(random_file); CLONE_STRING(egdsocket); CLONE_STRING(cipher_list); + CLONE_STRING(cipher_list13); return TRUE; } @@ -131,6 +133,7 @@ void Curl_free_primary_ssl_config(struct ssl_primary_config* sslc) Curl_safefree(sslc->random_file); Curl_safefree(sslc->egdsocket); Curl_safefree(sslc->cipher_list); + Curl_safefree(sslc->cipher_list13); } #ifdef USE_SSL