mirror of
https://github.com/moparisthebest/curl
synced 2025-02-28 09:21:50 -05:00
openssl: enable NPN separately from ALPN
... and allow building with nghttp2 but completely without NPN and ALPN, as nghttp2 can still be used for plain-text HTTP. Reported-by: Lucas Pardue
This commit is contained in:
parent
e62e77426f
commit
697aa67d18
@ -1423,13 +1423,19 @@ static void ssl_tls_trace(int direction, int ssl_ver, int content_type,
|
||||
/* Check for OpenSSL 1.0.2 which has ALPN support. */
|
||||
#undef HAS_ALPN
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10002000L \
|
||||
&& !defined(OPENSSL_NO_NEXTPROTONEG) \
|
||||
&& !defined(OPENSSL_NO_TLSEXT)
|
||||
# define HAS_ALPN
|
||||
#else
|
||||
# error http2 builds require OpenSSL with ALPN support!
|
||||
# define HAS_ALPN 1
|
||||
#endif
|
||||
|
||||
/* Check for OpenSSL 1.0.1 which has NPN support. */
|
||||
#undef HAS_NPN
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10001000L \
|
||||
&& !defined(OPENSSL_NO_TLSEXT) \
|
||||
&& !defined(OPENSSL_NO_NEXTPROTONEG)
|
||||
# define HAS_NPN 1
|
||||
#endif
|
||||
|
||||
#ifdef HAS_NPN
|
||||
|
||||
/*
|
||||
* in is a list of lenght prefixed strings. this function has to select
|
||||
@ -1464,6 +1470,7 @@ select_next_proto_cb(SSL *ssl,
|
||||
|
||||
return SSL_TLSEXT_ERR_OK;
|
||||
}
|
||||
#endif /* HAS_NPN */
|
||||
#endif
|
||||
|
||||
static const char *
|
||||
@ -1711,10 +1718,12 @@ ossl_connect_step1(struct connectdata *conn,
|
||||
|
||||
#ifdef USE_NGHTTP2
|
||||
if(data->set.httpversion == CURL_HTTP_VERSION_2_0) {
|
||||
#ifdef HAS_NPN
|
||||
if(data->set.ssl_enable_npn) {
|
||||
SSL_CTX_set_next_proto_select_cb(connssl->ctx, select_next_proto_cb,
|
||||
conn);
|
||||
conn);
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef HAS_ALPN
|
||||
if(data->set.ssl_enable_alpn) {
|
||||
|
Loading…
x
Reference in New Issue
Block a user