moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-08-13 17:03:50 -04:00
Code Issues Releases Wiki Activity

urldata: remove the _ORIG suffix from string names

Browse Source 
It doesn't provide any useful info but only makes the names longer.

Closes #6624
This commit is contained in:
Daniel Stenberg 2021-02-18 10:13:56 +01:00
parent d25c479e84
commit 70472a44de
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
12 changed files with 83 additions and 82 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
lib/doh.c
View File

@ -307,27 +307,27 @@ static CURLcode dohprobe(struct Curl_easy *data,
*/ */
if(data->set.ssl.falsestart) if(data->set.ssl.falsestart)
ERROR_CHECK_SETOPT(CURLOPT_SSL_FALSESTART, 1L); ERROR_CHECK_SETOPT(CURLOPT_SSL_FALSESTART, 1L);
if(data->set.str[STRING_SSL_CAFILE_ORIG]) { if(data->set.str[STRING_SSL_CAFILE]) {
ERROR_CHECK_SETOPT(CURLOPT_CAINFO, ERROR_CHECK_SETOPT(CURLOPT_CAINFO,
data->set.str[STRING_SSL_CAFILE_ORIG]); data->set.str[STRING_SSL_CAFILE]);
} }
if(data->set.str[STRING_SSL_CAPATH_ORIG]) { if(data->set.str[STRING_SSL_CAPATH]) {
ERROR_CHECK_SETOPT(CURLOPT_CAPATH, ERROR_CHECK_SETOPT(CURLOPT_CAPATH,
data->set.str[STRING_SSL_CAPATH_ORIG]); data->set.str[STRING_SSL_CAPATH]);
} }
if(data->set.str[STRING_SSL_CRLFILE_ORIG]) { if(data->set.str[STRING_SSL_CRLFILE]) {
ERROR_CHECK_SETOPT(CURLOPT_CRLFILE, ERROR_CHECK_SETOPT(CURLOPT_CRLFILE,
data->set.str[STRING_SSL_CRLFILE_ORIG]); data->set.str[STRING_SSL_CRLFILE]);
} }
if(data->set.ssl.certinfo) if(data->set.ssl.certinfo)
ERROR_CHECK_SETOPT(CURLOPT_CERTINFO, 1L); ERROR_CHECK_SETOPT(CURLOPT_CERTINFO, 1L);
if(data->set.str[STRING_SSL_RANDOM_FILE]) { if(data->set.str[STRING_SSL_RANDOM_FILE]) {
ERROR_CHECK_SETOPT(CURLOPT_RANDOM_FILE, ERROR_CHECK_SETOPT(CURLOPT_RANDOM_FILE,
data->set.str[STRING_SSL_RANDOM_FILE]); data->set.str[STRING_SSL_RANDOM_FILE]);
} }
if(data->set.str[STRING_SSL_EGDSOCKET]) { if(data->set.str[STRING_SSL_EGDSOCKET]) {
ERROR_CHECK_SETOPT(CURLOPT_EGDSOCKET, ERROR_CHECK_SETOPT(CURLOPT_EGDSOCKET,
data->set.str[STRING_SSL_EGDSOCKET]); data->set.str[STRING_SSL_EGDSOCKET]);
} }
if(data->set.ssl.fsslctx) if(data->set.ssl.fsslctx)
ERROR_CHECK_SETOPT(CURLOPT_SSL_CTX_FUNCTION, data->set.ssl.fsslctx); ERROR_CHECK_SETOPT(CURLOPT_SSL_CTX_FUNCTION, data->set.ssl.fsslctx);
@ -335,21 +335,21 @@ static CURLcode dohprobe(struct Curl_easy *data,
ERROR_CHECK_SETOPT(CURLOPT_SSL_CTX_DATA, data->set.ssl.fsslctxp); ERROR_CHECK_SETOPT(CURLOPT_SSL_CTX_DATA, data->set.ssl.fsslctxp);
if(data->set.str[STRING_SSL_EC_CURVES]) { if(data->set.str[STRING_SSL_EC_CURVES]) {
ERROR_CHECK_SETOPT(CURLOPT_SSL_EC_CURVES, ERROR_CHECK_SETOPT(CURLOPT_SSL_EC_CURVES,
data->set.str[STRING_SSL_EC_CURVES]); data->set.str[STRING_SSL_EC_CURVES]);
} }
{ {
long mask = long mask =
(data->set.ssl.enable_beast ? (data->set.ssl.enable_beast ?
CURLSSLOPT_ALLOW_BEAST : 0) | CURLSSLOPT_ALLOW_BEAST : 0) |
(data->set.ssl.no_revoke ? (data->set.ssl.no_revoke ?
CURLSSLOPT_NO_REVOKE : 0) | CURLSSLOPT_NO_REVOKE : 0) |
(data->set.ssl.no_partialchain ? (data->set.ssl.no_partialchain ?
CURLSSLOPT_NO_PARTIALCHAIN : 0) | CURLSSLOPT_NO_PARTIALCHAIN : 0) |
(data->set.ssl.revoke_best_effort ? (data->set.ssl.revoke_best_effort ?
CURLSSLOPT_REVOKE_BEST_EFFORT : 0) | CURLSSLOPT_REVOKE_BEST_EFFORT : 0) |
(data->set.ssl.native_ca_store ? (data->set.ssl.native_ca_store ?
CURLSSLOPT_NATIVE_CA : 0); CURLSSLOPT_NATIVE_CA : 0);
curl_easy_setopt(doh, CURLOPT_SSL_OPTIONS, mask); curl_easy_setopt(doh, CURLOPT_SSL_OPTIONS, mask);
} }

38
lib/setopt.c
View File

@ -177,7 +177,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
break; break;
case CURLOPT_SSL_CIPHER_LIST: case CURLOPT_SSL_CIPHER_LIST:
/* set a list of cipher we want to use in the SSL connection */ /* set a list of cipher we want to use in the SSL connection */
result = Curl_setstropt(&data->set.str[STRING_SSL_CIPHER_LIST_ORIG], result = Curl_setstropt(&data->set.str[STRING_SSL_CIPHER_LIST],
va_arg(param, char *)); va_arg(param, char *));
break; break;
#ifndef CURL_DISABLE_PROXY #ifndef CURL_DISABLE_PROXY
@ -190,7 +190,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
case CURLOPT_TLS13_CIPHERS: case CURLOPT_TLS13_CIPHERS:
if(Curl_ssl_tls13_ciphersuites()) { if(Curl_ssl_tls13_ciphersuites()) {
/* set preferred list of TLS 1.3 cipher suites */ /* set preferred list of TLS 1.3 cipher suites */
result = Curl_setstropt(&data->set.str[STRING_SSL_CIPHER13_LIST_ORIG], result = Curl_setstropt(&data->set.str[STRING_SSL_CIPHER13_LIST],
va_arg(param, char *)); va_arg(param, char *));
} }
else else
@ -1662,14 +1662,14 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
/* /*
* String that holds file name of the SSL certificate to use * String that holds file name of the SSL certificate to use
*/ */
result = Curl_setstropt(&data->set.str[STRING_CERT_ORIG], result = Curl_setstropt(&data->set.str[STRING_CERT],
va_arg(param, char *)); va_arg(param, char *));
break; break;
case CURLOPT_SSLCERT_BLOB: case CURLOPT_SSLCERT_BLOB:
/* /*
* Blob that holds file name of the SSL certificate to use * Blob that holds file name of the SSL certificate to use
*/ */
result = Curl_setblobopt(&data->set.blobs[BLOB_CERT_ORIG], result = Curl_setblobopt(&data->set.blobs[BLOB_CERT],
va_arg(param, struct curl_blob *)); va_arg(param, struct curl_blob *));
break; break;
#ifndef CURL_DISABLE_PROXY #ifndef CURL_DISABLE_PROXY
@ -1692,7 +1692,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
/* /*
* String that holds file type of the SSL certificate to use * String that holds file type of the SSL certificate to use
*/ */
result = Curl_setstropt(&data->set.str[STRING_CERT_TYPE_ORIG], result = Curl_setstropt(&data->set.str[STRING_CERT_TYPE],
va_arg(param, char *)); va_arg(param, char *));
break; break;
#ifndef CURL_DISABLE_PROXY #ifndef CURL_DISABLE_PROXY
@ -1708,14 +1708,14 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
/* /*
* String that holds file name of the SSL key to use * String that holds file name of the SSL key to use
*/ */
result = Curl_setstropt(&data->set.str[STRING_KEY_ORIG], result = Curl_setstropt(&data->set.str[STRING_KEY],
va_arg(param, char *)); va_arg(param, char *));
break; break;
case CURLOPT_SSLKEY_BLOB: case CURLOPT_SSLKEY_BLOB:
/* /*
* Blob that holds file name of the SSL key to use * Blob that holds file name of the SSL key to use
*/ */
result = Curl_setblobopt(&data->set.blobs[BLOB_KEY_ORIG], result = Curl_setblobopt(&data->set.blobs[BLOB_KEY],
va_arg(param, struct curl_blob *)); va_arg(param, struct curl_blob *));
break; break;
#ifndef CURL_DISABLE_PROXY #ifndef CURL_DISABLE_PROXY
@ -1738,7 +1738,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
/* /*
* String that holds file type of the SSL key to use * String that holds file type of the SSL key to use
*/ */
result = Curl_setstropt(&data->set.str[STRING_KEY_TYPE_ORIG], result = Curl_setstropt(&data->set.str[STRING_KEY_TYPE],
va_arg(param, char *)); va_arg(param, char *));
break; break;
#ifndef CURL_DISABLE_PROXY #ifndef CURL_DISABLE_PROXY
@ -1754,7 +1754,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
/* /*
* String that holds the SSL or SSH private key password. * String that holds the SSL or SSH private key password.
*/ */
result = Curl_setstropt(&data->set.str[STRING_KEY_PASSWD_ORIG], result = Curl_setstropt(&data->set.str[STRING_KEY_PASSWD],
va_arg(param, char *)); va_arg(param, char *));
break; break;
#ifndef CURL_DISABLE_PROXY #ifndef CURL_DISABLE_PROXY
@ -1991,7 +1991,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
*/ */
#ifdef USE_SSL #ifdef USE_SSL
if(Curl_ssl->supports & SSLSUPP_PINNEDPUBKEY) if(Curl_ssl->supports & SSLSUPP_PINNEDPUBKEY)
result = Curl_setstropt(&data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG], result = Curl_setstropt(&data->set.str[STRING_SSL_PINNEDPUBLICKEY],
va_arg(param, char *)); va_arg(param, char *));
else else
#endif #endif
@ -2016,7 +2016,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
/* /*
* Set CA info for SSL connection. Specify file name of the CA certificate * Set CA info for SSL connection. Specify file name of the CA certificate
*/ */
result = Curl_setstropt(&data->set.str[STRING_SSL_CAFILE_ORIG], result = Curl_setstropt(&data->set.str[STRING_SSL_CAFILE],
va_arg(param, char *)); va_arg(param, char *));
break; break;
#ifndef CURL_DISABLE_PROXY #ifndef CURL_DISABLE_PROXY
@ -2037,7 +2037,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
#ifdef USE_SSL #ifdef USE_SSL
if(Curl_ssl->supports & SSLSUPP_CA_PATH) if(Curl_ssl->supports & SSLSUPP_CA_PATH)
/* This does not work on windows. */ /* This does not work on windows. */
result = Curl_setstropt(&data->set.str[STRING_SSL_CAPATH_ORIG], result = Curl_setstropt(&data->set.str[STRING_SSL_CAPATH],
va_arg(param, char *)); va_arg(param, char *));
else else
#endif #endif
@ -2064,7 +2064,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
* Set CRL file info for SSL connection. Specify file name of the CRL * Set CRL file info for SSL connection. Specify file name of the CRL
* to check certificates revocation * to check certificates revocation
*/ */
result = Curl_setstropt(&data->set.str[STRING_SSL_CRLFILE_ORIG], result = Curl_setstropt(&data->set.str[STRING_SSL_CRLFILE],
va_arg(param, char *)); va_arg(param, char *));
break; break;
#ifndef CURL_DISABLE_PROXY #ifndef CURL_DISABLE_PROXY
@ -2082,14 +2082,14 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
* Set Issuer certificate file * Set Issuer certificate file
* to check certificates issuer * to check certificates issuer
*/ */
result = Curl_setstropt(&data->set.str[STRING_SSL_ISSUERCERT_ORIG], result = Curl_setstropt(&data->set.str[STRING_SSL_ISSUERCERT],
va_arg(param, char *)); va_arg(param, char *));
break; break;
case CURLOPT_ISSUERCERT_BLOB: case CURLOPT_ISSUERCERT_BLOB:
/* /*
* Blob that holds Issuer certificate to check certificates issuer * Blob that holds Issuer certificate to check certificates issuer
*/ */
result = Curl_setblobopt(&data->set.blobs[BLOB_SSL_ISSUERCERT_ORIG], result = Curl_setblobopt(&data->set.blobs[BLOB_SSL_ISSUERCERT],
va_arg(param, struct curl_blob *)); va_arg(param, struct curl_blob *));
break; break;
#ifndef CURL_DISABLE_PROXY #ifndef CURL_DISABLE_PROXY
@ -2688,9 +2688,9 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
#endif #endif
#ifdef USE_TLS_SRP #ifdef USE_TLS_SRP
case CURLOPT_TLSAUTH_USERNAME: case CURLOPT_TLSAUTH_USERNAME:
result = Curl_setstropt(&data->set.str[STRING_TLSAUTH_USERNAME_ORIG], result = Curl_setstropt(&data->set.str[STRING_TLSAUTH_USERNAME],
va_arg(param, char *)); va_arg(param, char *));
if(data->set.str[STRING_TLSAUTH_USERNAME_ORIG] && !data->set.ssl.authtype) if(data->set.str[STRING_TLSAUTH_USERNAME] && !data->set.ssl.authtype)
data->set.ssl.authtype = CURL_TLSAUTH_SRP; /* default to SRP */ data->set.ssl.authtype = CURL_TLSAUTH_SRP; /* default to SRP */
break; break;
case CURLOPT_PROXY_TLSAUTH_USERNAME: case CURLOPT_PROXY_TLSAUTH_USERNAME:
@ -2703,9 +2703,9 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
#endif #endif
break; break;
case CURLOPT_TLSAUTH_PASSWORD: case CURLOPT_TLSAUTH_PASSWORD:
result = Curl_setstropt(&data->set.str[STRING_TLSAUTH_PASSWORD_ORIG], result = Curl_setstropt(&data->set.str[STRING_TLSAUTH_PASSWORD],
va_arg(param, char *)); va_arg(param, char *));
if(data->set.str[STRING_TLSAUTH_USERNAME_ORIG] && !data->set.ssl.authtype) if(data->set.str[STRING_TLSAUTH_USERNAME] && !data->set.ssl.authtype)
data->set.ssl.authtype = CURL_TLSAUTH_SRP; /* default to SRP */ data->set.ssl.authtype = CURL_TLSAUTH_SRP; /* default to SRP */
break; break;
case CURLOPT_PROXY_TLSAUTH_PASSWORD: case CURLOPT_PROXY_TLSAUTH_PASSWORD:

38
lib/url.c
View File

@ -575,7 +575,7 @@ CURLcode Curl_init_userdefined(struct Curl_easy *data)
*/ */
if(Curl_ssl_backend() != CURLSSLBACKEND_SCHANNEL) { if(Curl_ssl_backend() != CURLSSLBACKEND_SCHANNEL) {
#if defined(CURL_CA_BUNDLE) #if defined(CURL_CA_BUNDLE)
result = Curl_setstropt(&set->str[STRING_SSL_CAFILE_ORIG], CURL_CA_BUNDLE); result = Curl_setstropt(&set->str[STRING_SSL_CAFILE], CURL_CA_BUNDLE);
if(result) if(result)
return result; return result;
@ -585,7 +585,7 @@ CURLcode Curl_init_userdefined(struct Curl_easy *data)
return result; return result;
#endif #endif
#if defined(CURL_CA_PATH) #if defined(CURL_CA_PATH)
result = Curl_setstropt(&set->str[STRING_SSL_CAPATH_ORIG], CURL_CA_PATH); result = Curl_setstropt(&set->str[STRING_SSL_CAPATH], CURL_CA_PATH);
if(result) if(result)
return result; return result;
@ -3720,17 +3720,17 @@ static CURLcode create_conn(struct Curl_easy *data,
that will be freed as part of the Curl_easy struct, but all cloned that will be freed as part of the Curl_easy struct, but all cloned
copies will be separately allocated. copies will be separately allocated.
*/ */
data->set.ssl.primary.CApath = data->set.str[STRING_SSL_CAPATH_ORIG]; data->set.ssl.primary.CApath = data->set.str[STRING_SSL_CAPATH];
data->set.ssl.primary.CAfile = data->set.str[STRING_SSL_CAFILE_ORIG]; data->set.ssl.primary.CAfile = data->set.str[STRING_SSL_CAFILE];
data->set.ssl.primary.random_file = data->set.str[STRING_SSL_RANDOM_FILE]; data->set.ssl.primary.random_file = data->set.str[STRING_SSL_RANDOM_FILE];
data->set.ssl.primary.egdsocket = data->set.str[STRING_SSL_EGDSOCKET]; data->set.ssl.primary.egdsocket = data->set.str[STRING_SSL_EGDSOCKET];
data->set.ssl.primary.cipher_list = data->set.ssl.primary.cipher_list =
data->set.str[STRING_SSL_CIPHER_LIST_ORIG]; data->set.str[STRING_SSL_CIPHER_LIST];
data->set.ssl.primary.cipher_list13 = data->set.ssl.primary.cipher_list13 =
data->set.str[STRING_SSL_CIPHER13_LIST_ORIG]; data->set.str[STRING_SSL_CIPHER13_LIST];
data->set.ssl.primary.pinned_key = data->set.ssl.primary.pinned_key =
data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]; data->set.str[STRING_SSL_PINNEDPUBLICKEY];
data->set.ssl.primary.cert_blob = data->set.blobs[BLOB_CERT_ORIG]; data->set.ssl.primary.cert_blob = data->set.blobs[BLOB_CERT];
data->set.ssl.primary.curves = data->set.str[STRING_SSL_EC_CURVES]; data->set.ssl.primary.curves = data->set.str[STRING_SSL_EC_CURVES];
#ifndef CURL_DISABLE_PROXY #ifndef CURL_DISABLE_PROXY
@ -3755,24 +3755,24 @@ static CURLcode create_conn(struct Curl_easy *data,
data->set.proxy_ssl.primary.clientcert = data->set.str[STRING_CERT_PROXY]; data->set.proxy_ssl.primary.clientcert = data->set.str[STRING_CERT_PROXY];
data->set.proxy_ssl.key_blob = data->set.blobs[BLOB_KEY_PROXY]; data->set.proxy_ssl.key_blob = data->set.blobs[BLOB_KEY_PROXY];
#endif #endif
data->set.ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE_ORIG]; data->set.ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE];
data->set.ssl.issuercert = data->set.str[STRING_SSL_ISSUERCERT_ORIG]; data->set.ssl.issuercert = data->set.str[STRING_SSL_ISSUERCERT];
data->set.ssl.cert_type = data->set.str[STRING_CERT_TYPE_ORIG]; data->set.ssl.cert_type = data->set.str[STRING_CERT_TYPE];
data->set.ssl.key = data->set.str[STRING_KEY_ORIG]; data->set.ssl.key = data->set.str[STRING_KEY];
data->set.ssl.key_type = data->set.str[STRING_KEY_TYPE_ORIG]; data->set.ssl.key_type = data->set.str[STRING_KEY_TYPE];
data->set.ssl.key_passwd = data->set.str[STRING_KEY_PASSWD_ORIG]; data->set.ssl.key_passwd = data->set.str[STRING_KEY_PASSWD];
data->set.ssl.primary.clientcert = data->set.str[STRING_CERT_ORIG]; data->set.ssl.primary.clientcert = data->set.str[STRING_CERT];
#ifdef USE_TLS_SRP #ifdef USE_TLS_SRP
data->set.ssl.username = data->set.str[STRING_TLSAUTH_USERNAME_ORIG]; data->set.ssl.username = data->set.str[STRING_TLSAUTH_USERNAME];
data->set.ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD_ORIG]; data->set.ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD];
#ifndef CURL_DISABLE_PROXY #ifndef CURL_DISABLE_PROXY
data->set.proxy_ssl.username = data->set.str[STRING_TLSAUTH_USERNAME_PROXY]; data->set.proxy_ssl.username = data->set.str[STRING_TLSAUTH_USERNAME_PROXY];
data->set.proxy_ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD_PROXY]; data->set.proxy_ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD_PROXY];
#endif #endif
#endif #endif
data->set.ssl.key_blob = data->set.blobs[BLOB_KEY_ORIG]; data->set.ssl.key_blob = data->set.blobs[BLOB_KEY];
data->set.ssl.issuercert_blob = data->set.blobs[BLOB_SSL_ISSUERCERT_ORIG]; data->set.ssl.issuercert_blob = data->set.blobs[BLOB_SSL_ISSUERCERT];
if(!Curl_clone_primary_ssl_config(&data->set.ssl.primary, if(!Curl_clone_primary_ssl_config(&data->set.ssl.primary,
&conn->ssl_config)) { &conn->ssl_config)) {

34
lib/urldata.h
View File

@ -1515,9 +1515,9 @@ struct Curl_multi; /* declared and used only in multi.c */
* are catered for in curl_easy_setopt_ccsid() * are catered for in curl_easy_setopt_ccsid()
*/ */
enum dupstring { enum dupstring {
STRING_CERT_ORIG, /* client certificate file name */ STRING_CERT, /* client certificate file name */
STRING_CERT_PROXY, /* client certificate file name */ STRING_CERT_PROXY, /* client certificate file name */
STRING_CERT_TYPE_ORIG, /* format for certificate (default: PEM)*/ STRING_CERT_TYPE, /* format for certificate (default: PEM)*/
STRING_CERT_TYPE_PROXY, /* format for certificate (default: PEM)*/ STRING_CERT_TYPE_PROXY, /* format for certificate (default: PEM)*/
STRING_COOKIE, /* HTTP cookie string to send */ STRING_COOKIE, /* HTTP cookie string to send */
STRING_COOKIEJAR, /* dump all cookies to this file */ STRING_COOKIEJAR, /* dump all cookies to this file */
@ -1528,11 +1528,11 @@ enum dupstring {
STRING_FTP_ACCOUNT, /* ftp account data */ STRING_FTP_ACCOUNT, /* ftp account data */
STRING_FTP_ALTERNATIVE_TO_USER, /* command to send if USER/PASS fails */ STRING_FTP_ALTERNATIVE_TO_USER, /* command to send if USER/PASS fails */
STRING_FTPPORT, /* port to send with the FTP PORT command */ STRING_FTPPORT, /* port to send with the FTP PORT command */
STRING_KEY_ORIG, /* private key file name */ STRING_KEY, /* private key file name */
STRING_KEY_PROXY, /* private key file name */ STRING_KEY_PROXY, /* private key file name */
STRING_KEY_PASSWD_ORIG, /* plain text private key password */ STRING_KEY_PASSWD, /* plain text private key password */
STRING_KEY_PASSWD_PROXY, /* plain text private key password */ STRING_KEY_PASSWD_PROXY, /* plain text private key password */
STRING_KEY_TYPE_ORIG, /* format for private key (default: PEM) */ STRING_KEY_TYPE, /* format for private key (default: PEM) */
STRING_KEY_TYPE_PROXY, /* format for private key (default: PEM) */ STRING_KEY_TYPE_PROXY, /* format for private key (default: PEM) */
STRING_KRB_LEVEL, /* krb security level */ STRING_KRB_LEVEL, /* krb security level */
STRING_NETRC_FILE, /* if not NULL, use this instead of trying to find STRING_NETRC_FILE, /* if not NULL, use this instead of trying to find
@ -1542,22 +1542,22 @@ enum dupstring {
STRING_SET_RANGE, /* range, if used */ STRING_SET_RANGE, /* range, if used */
STRING_SET_REFERER, /* custom string for the HTTP referer field */ STRING_SET_REFERER, /* custom string for the HTTP referer field */
STRING_SET_URL, /* what original URL to work on */ STRING_SET_URL, /* what original URL to work on */
STRING_SSL_CAPATH_ORIG, /* CA directory name (doesn't work on windows) */ STRING_SSL_CAPATH, /* CA directory name (doesn't work on windows) */
STRING_SSL_CAPATH_PROXY, /* CA directory name (doesn't work on windows) */ STRING_SSL_CAPATH_PROXY, /* CA directory name (doesn't work on windows) */
STRING_SSL_CAFILE_ORIG, /* certificate file to verify peer against */ STRING_SSL_CAFILE, /* certificate file to verify peer against */
STRING_SSL_CAFILE_PROXY, /* certificate file to verify peer against */ STRING_SSL_CAFILE_PROXY, /* certificate file to verify peer against */
STRING_SSL_PINNEDPUBLICKEY_ORIG, /* public key file to verify peer against */ STRING_SSL_PINNEDPUBLICKEY, /* public key file to verify peer against */
STRING_SSL_PINNEDPUBLICKEY_PROXY, /* public key file to verify proxy */ STRING_SSL_PINNEDPUBLICKEY_PROXY, /* public key file to verify proxy */
STRING_SSL_CIPHER_LIST_ORIG, /* list of ciphers to use */ STRING_SSL_CIPHER_LIST, /* list of ciphers to use */
STRING_SSL_CIPHER_LIST_PROXY, /* list of ciphers to use */ STRING_SSL_CIPHER_LIST_PROXY, /* list of ciphers to use */
STRING_SSL_CIPHER13_LIST_ORIG, /* list of TLS 1.3 ciphers to use */ STRING_SSL_CIPHER13_LIST, /* list of TLS 1.3 ciphers to use */
STRING_SSL_CIPHER13_LIST_PROXY, /* list of TLS 1.3 ciphers to use */ STRING_SSL_CIPHER13_LIST_PROXY, /* list of TLS 1.3 ciphers to use */
STRING_SSL_EGDSOCKET, /* path to file containing the EGD daemon socket */ STRING_SSL_EGDSOCKET, /* path to file containing the EGD daemon socket */
STRING_SSL_RANDOM_FILE, /* path to file containing "random" data */ STRING_SSL_RANDOM_FILE, /* path to file containing "random" data */
STRING_USERAGENT, /* User-Agent string */ STRING_USERAGENT, /* User-Agent string */
STRING_SSL_CRLFILE_ORIG, /* crl file to check certificate */ STRING_SSL_CRLFILE, /* crl file to check certificate */
STRING_SSL_CRLFILE_PROXY, /* crl file to check certificate */ STRING_SSL_CRLFILE_PROXY, /* crl file to check certificate */
STRING_SSL_ISSUERCERT_ORIG, /* issuer cert file to check certificate */ STRING_SSL_ISSUERCERT, /* issuer cert file to check certificate */
STRING_SSL_ISSUERCERT_PROXY, /* issuer cert file to check certificate */ STRING_SSL_ISSUERCERT_PROXY, /* issuer cert file to check certificate */
STRING_SSL_ENGINE, /* name of ssl engine */ STRING_SSL_ENGINE, /* name of ssl engine */
STRING_USERNAME, /* <username>, if used */ STRING_USERNAME, /* <username>, if used */
@ -1578,9 +1578,9 @@ enum dupstring {
STRING_SERVICE_NAME, /* Service name */ STRING_SERVICE_NAME, /* Service name */
STRING_MAIL_FROM, STRING_MAIL_FROM,
STRING_MAIL_AUTH, STRING_MAIL_AUTH,
STRING_TLSAUTH_USERNAME_ORIG, /* TLS auth <username> */ STRING_TLSAUTH_USERNAME, /* TLS auth <username> */
STRING_TLSAUTH_USERNAME_PROXY, /* TLS auth <username> */ STRING_TLSAUTH_USERNAME_PROXY, /* TLS auth <username> */
STRING_TLSAUTH_PASSWORD_ORIG, /* TLS auth <password> */ STRING_TLSAUTH_PASSWORD, /* TLS auth <password> */
STRING_TLSAUTH_PASSWORD_PROXY, /* TLS auth <password> */ STRING_TLSAUTH_PASSWORD_PROXY, /* TLS auth <password> */
STRING_BEARER, /* <bearer>, if used */ STRING_BEARER, /* <bearer>, if used */
STRING_UNIX_SOCKET_PATH, /* path to Unix socket, if used */ STRING_UNIX_SOCKET_PATH, /* path to Unix socket, if used */
@ -1609,11 +1609,11 @@ enum dupstring {
}; };
enum dupblob { enum dupblob {
BLOB_CERT_ORIG, BLOB_CERT,
BLOB_CERT_PROXY, BLOB_CERT_PROXY,
BLOB_KEY_ORIG, BLOB_KEY,
BLOB_KEY_PROXY, BLOB_KEY_PROXY,
BLOB_SSL_ISSUERCERT_ORIG, BLOB_SSL_ISSUERCERT,
BLOB_SSL_ISSUERCERT_PROXY, BLOB_SSL_ISSUERCERT_PROXY,
BLOB_LAST BLOB_LAST
}; };

2
lib/vtls/gskit.c
View File

@ -1036,7 +1036,7 @@ static CURLcode gskit_connect_step3(struct Curl_easy *data,
/* Check pinned public key. */ /* Check pinned public key. */
ptr = SSL_IS_PROXY() ? data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] : ptr = SSL_IS_PROXY() ? data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]; data->set.str[STRING_SSL_PINNEDPUBLICKEY];
if(!result && ptr) { if(!result && ptr) {
curl_X509certificate x509; curl_X509certificate x509;
curl_asn1Element *p; curl_asn1Element *p;

2
lib/vtls/gtls.c
View File

@ -1178,7 +1178,7 @@ gtls_connect_step3(struct Curl_easy *data,
} }
ptr = SSL_IS_PROXY() ? data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] : ptr = SSL_IS_PROXY() ? data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]; data->set.str[STRING_SSL_PINNEDPUBLICKEY];
if(ptr) { if(ptr) {
result = pkp_pin_peer_pubkey(data, x509_cert, ptr); result = pkp_pin_peer_pubkey(data, x509_cert, ptr);
if(result != CURLE_OK) { if(result != CURLE_OK) {

4
lib/vtls/mbedtls.c
View File

@ -550,10 +550,10 @@ mbed_connect_step2(struct Curl_easy *data, struct connectdata *conn,
#ifndef CURL_DISABLE_PROXY #ifndef CURL_DISABLE_PROXY
const char * const pinnedpubkey = SSL_IS_PROXY() ? const char * const pinnedpubkey = SSL_IS_PROXY() ?
data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] : data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]; data->set.str[STRING_SSL_PINNEDPUBLICKEY];
#else #else
const char * const pinnedpubkey = const char * const pinnedpubkey =
data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]; data->set.str[STRING_SSL_PINNEDPUBLICKEY];
#endif #endif
conn->recv[sockindex] = mbed_recv; conn->recv[sockindex] = mbed_recv;

2
lib/vtls/openssl.c
View File

@ -3971,7 +3971,7 @@ static CURLcode servercert(struct Curl_easy *data,
result = CURLE_OK; result = CURLE_OK;
ptr = SSL_IS_PROXY() ? data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] : ptr = SSL_IS_PROXY() ? data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]; data->set.str[STRING_SSL_PINNEDPUBLICKEY];
if(!result && ptr) { if(!result && ptr) {
result = pkp_pin_peer_pubkey(data, backend->server_cert, ptr); result = pkp_pin_peer_pubkey(data, backend->server_cert, ptr);
if(result) if(result)

2
lib/vtls/schannel.c
View File

@ -1252,7 +1252,7 @@ schannel_connect_step2(struct Curl_easy *data, struct connectdata *conn,
pubkey_ptr = SSL_IS_PROXY() ? pubkey_ptr = SSL_IS_PROXY() ?
data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] : data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]; data->set.str[STRING_SSL_PINNEDPUBLICKEY];
if(pubkey_ptr) { if(pubkey_ptr) {
result = pkp_pin_peer_pubkey(data, conn, sockindex, pubkey_ptr); result = pkp_pin_peer_pubkey(data, conn, sockindex, pubkey_ptr);
if(result) { if(result) {

7
lib/vtls/sectransp.c
View File

@ -2621,9 +2621,10 @@ sectransp_connect_step2(struct Curl_easy *data, struct connectdata *conn,
connssl->connecting_state = ssl_connect_3; connssl->connecting_state = ssl_connect_3;
#ifdef SECTRANSP_PINNEDPUBKEY #ifdef SECTRANSP_PINNEDPUBKEY
if(data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]) { if(data->set.str[STRING_SSL_PINNEDPUBLICKEY]) {
CURLcode result = pkp_pin_peer_pubkey(data, backend->ssl_ctx, CURLcode result =
data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]); pkp_pin_peer_pubkey(data, backend->ssl_ctx,
data->set.str[STRING_SSL_PINNEDPUBLICKEY]);
if(result) { if(result) {
failf(data, "SSL: public key does not match pinned public key!"); failf(data, "SSL: public key does not match pinned public key!");
return result; return result;

4
lib/vtls/vtls.h
View File

@ -150,7 +150,7 @@ bool Curl_ssl_tls13_ciphersuites(void);
(SSL_IS_PROXY() ? conn->http_proxy.host.dispname : conn->host.dispname) (SSL_IS_PROXY() ? conn->http_proxy.host.dispname : conn->host.dispname)
#define SSL_PINNED_PUB_KEY() (SSL_IS_PROXY() \ #define SSL_PINNED_PUB_KEY() (SSL_IS_PROXY() \
? data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] \ ? data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] \
: data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]) : data->set.str[STRING_SSL_PINNEDPUBLICKEY])
#else #else
#define SSL_IS_PROXY() FALSE #define SSL_IS_PROXY() FALSE
#define SSL_SET_OPTION(var) data->set.ssl.var #define SSL_SET_OPTION(var) data->set.ssl.var
@ -159,7 +159,7 @@ bool Curl_ssl_tls13_ciphersuites(void);
#define SSL_HOST_NAME() conn->host.name #define SSL_HOST_NAME() conn->host.name
#define SSL_HOST_DISPNAME() conn->host.dispname #define SSL_HOST_DISPNAME() conn->host.dispname
#define SSL_PINNED_PUB_KEY() \ #define SSL_PINNED_PUB_KEY() \
data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG] data->set.str[STRING_SSL_PINNEDPUBLICKEY]
#endif #endif
bool Curl_ssl_config_matches(struct ssl_primary_config *data, bool Curl_ssl_config_matches(struct ssl_primary_config *data,

4
lib/vtls/wolfssl.c
View File

@ -557,12 +557,12 @@ wolfssl_connect_step2(struct Curl_easy *data, struct connectdata *conn,
conn->http_proxy.host.dispname : conn->host.dispname; conn->http_proxy.host.dispname : conn->host.dispname;
const char * const pinnedpubkey = SSL_IS_PROXY() ? const char * const pinnedpubkey = SSL_IS_PROXY() ?
data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] : data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]; data->set.str[STRING_SSL_PINNEDPUBLICKEY];
#else #else
const char * const hostname = conn->host.name; const char * const hostname = conn->host.name;
const char * const dispname = conn->host.dispname; const char * const dispname = conn->host.dispname;
const char * const pinnedpubkey = const char * const pinnedpubkey =
data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG]; data->set.str[STRING_SSL_PINNEDPUBLICKEY];
#endif #endif
conn->recv[sockindex] = wolfssl_recv; conn->recv[sockindex] = wolfssl_recv;