From adb4e41a1ab2202e48c5a4db465d67d8e32415c7 Mon Sep 17 00:00:00 2001 From: Alessandro Ghedini Date: Thu, 19 Feb 2015 19:41:48 +0100 Subject: [PATCH] polarssl: make it possible to enable ALPN/NPN without HTTP2 --- lib/vtls/polarssl.c | 46 +++++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 22 deletions(-) diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c index 2d46aae76..b7f2f6c94 100644 --- a/lib/vtls/polarssl.c +++ b/lib/vtls/polarssl.c @@ -118,11 +118,8 @@ static void polarssl_debug(void *context, int level, const char *line) #endif /* ALPN for http2? */ -#ifdef USE_NGHTTP2 -# undef HAS_ALPN -# ifdef POLARSSL_SSL_ALPN -# define HAS_ALPN -# endif +#ifdef POLARSSL_SSL_ALPN +# define HAS_ALPN #endif static Curl_recv polarssl_recv; @@ -357,16 +354,23 @@ polarssl_connect_step1(struct connectdata *conn, } #ifdef HAS_ALPN - if(data->set.httpversion == CURL_HTTP_VERSION_2_0) { - if(data->set.ssl_enable_alpn) { - static const char* protocols[] = { - NGHTTP2_PROTO_VERSION_ID, ALPN_HTTP_1_1, NULL - }; - ssl_set_alpn_protocols(&connssl->ssl, protocols); - infof(data, "ALPN, offering %s, %s\n", protocols[0], - protocols[1]); - connssl->asked_for_h2 = TRUE; + if(data->set.ssl_enable_alpn) { + static const char* protocols[3]; + int cur = 0; + +#ifdef USE_NGHTTP2 + if(data->set.httpversion == CURL_HTTP_VERSION_2_0) { + protocols[cur++] = NGHTTP2_PROTO_VERSION_ID; + infof(data, "ALPN, offering %s\n", NGHTTP2_PROTO_VERSION_ID); } +#endif + + protocols[cur++] = ALPN_HTTP_1_1; + infof(data, "ALPN, offering %s\n", ALPN_HTTP_1_1); + + protocols[cur] = NULL; + + ssl_set_alpn_protocols(&connssl->ssl, protocols); } #endif @@ -388,10 +392,6 @@ polarssl_connect_step2(struct connectdata *conn, struct ssl_connect_data* connssl = &conn->ssl[sockindex]; char buffer[1024]; -#ifdef HAS_ALPN - const char* next_protocol; -#endif - char errorbuf[128]; errorbuf[0] = 0; @@ -461,22 +461,24 @@ polarssl_connect_step2(struct connectdata *conn, #ifdef HAS_ALPN if(data->set.ssl_enable_alpn) { - next_protocol = ssl_get_alpn_protocol(&connssl->ssl); + const char *next_protocol = ssl_get_alpn_protocol(&connssl->ssl); if(next_protocol != NULL) { infof(data, "ALPN, server accepted to use %s\n", next_protocol); +#ifdef USE_NGHTTP2 if(!strncmp(next_protocol, NGHTTP2_PROTO_VERSION_ID, NGHTTP2_PROTO_VERSION_ID_LEN)) { conn->negnpn = NPN_HTTP2; } - else if(!strncmp(next_protocol, ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH)) { + else +#endif + if(!strncmp(next_protocol, ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH)) { conn->negnpn = NPN_HTTP1_1; } } - else if(connssl->asked_for_h2) { + else infof(data, "ALPN, server did not agree to a protocol\n"); - } } #endif