moparisthebest
/
curl
mirror of https://github.com/moparisthebest/curl
1
0
Fork 0
Code Issues Releases Wiki Activity

mbedtls: Fix ALPN support 

- Fix ALPN reply detection.

- Wrap nghttp2 code in ifdef USE_NGHTTP2.


Prior to this change ALPN and HTTP/2 did not work properly in mbedTLS.
This commit is contained in:
Jay Satiro 2016-01-07 01:49:31 -05:00
parent 973ee6bdd3
commit 89a1eb7b1c
1 changed files with 23 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
lib/vtls/mbedtls.c
View File

@ -374,15 +374,21 @@ mbedtls_connect_step1(struct connectdata *conn,
} }
#ifdef HAS_ALPN #ifdef HAS_ALPN
if(data->set.httpversion >= CURL_HTTP_VERSION_2) {
if(data->set.ssl_enable_alpn) { if(data->set.ssl_enable_alpn) {
static const char* protocols[] = { const char *protocols[3];
NGHTTP2_PROTO_VERSION_ID, ALPN_HTTP_1_1, NULL const char **p = protocols;
}; #ifdef USE_NGHTTP2
mbedtls_ssl_conf_alpn_protocols(&connssl->config, protocols); if(data->set.httpversion >= CURL_HTTP_VERSION_2)
infof(data, "ALPN, offering %s, %s\n", protocols[0], *p++ = NGHTTP2_PROTO_VERSION_ID;
protocols[1]); #endif
*p++ = ALPN_HTTP_1_1;
*p = NULL;
if(mbedtls_ssl_conf_alpn_protocols(&connssl->config, protocols)) {
failf(data, "Failed setting ALPN protocols");
return CURLE_SSL_CONNECT_ERROR;
} }
for(p = protocols; *p; ++p)
infof(data, "ALPN, offering %s\n", *p);
} }
#endif #endif
@ -470,14 +476,18 @@ mbedtls_connect_step2(struct connectdata *conn,
if(data->set.ssl_enable_alpn) { if(data->set.ssl_enable_alpn) {
next_protocol = mbedtls_ssl_get_alpn_protocol(&connssl->ssl); next_protocol = mbedtls_ssl_get_alpn_protocol(&connssl->ssl);
if(next_protocol != NULL) { if(next_protocol) {
infof(data, "ALPN, server accepted to use %s\n", next_protocol); infof(data, "ALPN, server accepted to use %s\n", next_protocol);
#ifdef USE_NGHTTP2
if(strncmp(next_protocol, NGHTTP2_PROTO_VERSION_ID, if(!strncmp(next_protocol, NGHTTP2_PROTO_VERSION_ID,
NGHTTP2_PROTO_VERSION_ID_LEN)) { NGHTTP2_PROTO_VERSION_ID_LEN) &&
!next_protocol[NGHTTP2_PROTO_VERSION_ID_LEN]) {
conn->negnpn = CURL_HTTP_VERSION_2; conn->negnpn = CURL_HTTP_VERSION_2;
} }
else if(strncmp(next_protocol, ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH)) { else
#endif
if(!strncmp(next_protocol, ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH) &&
!next_protocol[ALPN_HTTP_1_1_LENGTH]) {
conn->negnpn = CURL_HTTP_VERSION_1_1; conn->negnpn = CURL_HTTP_VERSION_1_1;
} }
} }