mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 15:48:49 -05:00
Added handling of CURLINFO_SSL_ENGINES;
Added Curl_SSL_engines_list(), cleanup SSL in url.c (no HAVE_OPENSSL_x etc.).
This commit is contained in:
parent
be9ea07e87
commit
bdb0620529
80
lib/ssluse.c
80
lib/ssluse.c
@ -482,6 +482,77 @@ void Curl_SSL_Close(struct connectdata *conn)
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
/* Selects an OpenSSL crypto engine
|
||||
*/
|
||||
CURLcode Curl_SSL_set_engine(struct SessionHandle *data, const char *engine)
|
||||
{
|
||||
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
|
||||
ENGINE *e = ENGINE_by_id(engine);
|
||||
|
||||
if (!e) {
|
||||
failf(data, "SSL Engine '%s' not found", engine);
|
||||
return (CURLE_SSL_ENGINE_NOTFOUND);
|
||||
}
|
||||
|
||||
if (data->engine) {
|
||||
ENGINE_finish(data->engine);
|
||||
ENGINE_free(data->engine);
|
||||
}
|
||||
data->engine = NULL;
|
||||
if (!ENGINE_init(e)) {
|
||||
ENGINE_free(e);
|
||||
failf(data, "Failed to initialise SSL Engine '%s'", engine);
|
||||
return (CURLE_SSL_ENGINE_INITFAILED);
|
||||
}
|
||||
data->engine = e;
|
||||
return (CURLE_OK);
|
||||
#else
|
||||
failf(data, "SSL Engine not supported");
|
||||
return (CURLE_SSL_ENGINE_NOTFOUND);
|
||||
#endif
|
||||
}
|
||||
|
||||
/* Sets above engine as default for all SSL operations
|
||||
*/
|
||||
CURLcode Curl_SSL_set_engine_default(struct SessionHandle *data)
|
||||
{
|
||||
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
|
||||
if (data->engine) {
|
||||
if (ENGINE_set_default(data->engine, ENGINE_METHOD_ALL) > 0) {
|
||||
infof(data,"set default crypto engine %s\n", data->engine);
|
||||
}
|
||||
else {
|
||||
failf(data, "set default crypto engine %s failed", data->engine);
|
||||
return CURLE_SSL_ENGINE_SETFAILED;
|
||||
}
|
||||
}
|
||||
#else
|
||||
(void) data;
|
||||
#endif
|
||||
return (CURLE_OK);
|
||||
}
|
||||
|
||||
/* Build the list of OpenSSL crypto engine names. Add to
|
||||
* linked list at data->engine_list.
|
||||
*/
|
||||
CURLcode Curl_SSL_engines_list(struct SessionHandle *data)
|
||||
{
|
||||
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
|
||||
ENGINE *e;
|
||||
|
||||
/* Free previous list */
|
||||
if (data->engine_list)
|
||||
curl_slist_free_all(data->engine_list);
|
||||
|
||||
data->engine_list = NULL;
|
||||
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
|
||||
data->engine_list = curl_slist_append(data->engine_list, ENGINE_get_id(e));
|
||||
#endif
|
||||
return (CURLE_OK);
|
||||
}
|
||||
|
||||
|
||||
#ifdef USE_SSLEAY
|
||||
|
||||
/*
|
||||
@ -620,11 +691,15 @@ int Curl_SSL_Close_All(struct SessionHandle *data)
|
||||
free(data->state.session);
|
||||
}
|
||||
#ifdef HAVE_OPENSSL_ENGINE_H
|
||||
if(data->engine)
|
||||
{
|
||||
if(data->engine) {
|
||||
ENGINE_finish(data->engine);
|
||||
ENGINE_free(data->engine);
|
||||
data->engine = NULL;
|
||||
}
|
||||
if (data->engine_list)
|
||||
curl_slist_free_all(data->engine_list);
|
||||
data->engine_list = NULL;
|
||||
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
@ -1483,3 +1558,4 @@ Curl_SSLConnect(struct connectdata *conn,
|
||||
#endif
|
||||
return retcode;
|
||||
}
|
||||
|
||||
|
22
lib/ssluse.h
22
lib/ssluse.h
@ -1,10 +1,10 @@
|
||||
#ifndef __SSLUSE_H
|
||||
#define __SSLUSE_H
|
||||
/***************************************************************************
|
||||
* _ _ ____ _
|
||||
* Project ___| | | | _ \| |
|
||||
* / __| | | | |_) | |
|
||||
* | (__| |_| | _ <| |___
|
||||
* _ _ ____ _
|
||||
* Project ___| | | | _ \| |
|
||||
* / __| | | | |_) | |
|
||||
* | (__| |_| | _ <| |___
|
||||
* \___|\___/|_| \_\_____|
|
||||
*
|
||||
* Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||
@ -12,7 +12,7 @@
|
||||
* This software is licensed as described in the file COPYING, which
|
||||
* you should have received as part of this distribution. The terms
|
||||
* are also available at http://curl.haxx.se/docs/copyright.html.
|
||||
*
|
||||
*
|
||||
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
|
||||
* copies of the Software, and permit persons to whom the Software is
|
||||
* furnished to do so, under the terms of the COPYING file.
|
||||
@ -32,7 +32,17 @@ void Curl_SSL_cleanup(void); /* Global SSL cleanup */
|
||||
CURLcode Curl_SSL_InitSessions(struct SessionHandle *, long);
|
||||
void Curl_SSL_Close(struct connectdata *conn); /* close a SSL connection */
|
||||
|
||||
/* tell the SSL stuff to close down all open information regarding
|
||||
/* tell the SSL stuff to close down all open information regarding
|
||||
connections (and thus session ID caching etc) */
|
||||
int Curl_SSL_Close_All(struct SessionHandle *data);
|
||||
|
||||
/* Sets an OpenSSL engine */
|
||||
CURLcode Curl_SSL_set_engine(struct SessionHandle *data, const char *engine);
|
||||
|
||||
/* Sets above engine as default for all SSL operations */
|
||||
CURLcode Curl_SSL_set_engine_default(struct SessionHandle *data);
|
||||
|
||||
/* Build list of OpenSSL engines */
|
||||
CURLcode Curl_SSL_engines_list(struct SessionHandle *data);
|
||||
|
||||
#endif
|
||||
|
@ -200,6 +200,9 @@ curl_easy_strerror(CURLcode error)
|
||||
case CURLE_SSL_ENGINE_SETFAILED:
|
||||
return "can not set SSL crypto engine as default";
|
||||
|
||||
case CURLE_SSL_ENGINE_INITFAILED:
|
||||
return "failed to initialise SSL crypto engine";
|
||||
|
||||
case CURLE_SEND_ERROR:
|
||||
return "failed sending data to the peer";
|
||||
|
||||
|
39
lib/url.c
39
lib/url.c
@ -97,9 +97,6 @@ void idn_free (void *ptr); /* prototype from idn-free.h, not provided by
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_OPENSSL_ENGINE_H
|
||||
#include <openssl/engine.h>
|
||||
#endif
|
||||
#include "urldata.h"
|
||||
#include "netrc.h"
|
||||
|
||||
@ -1150,45 +1147,15 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, ...)
|
||||
* String that holds the SSL crypto engine.
|
||||
*/
|
||||
argptr = va_arg(param, char *);
|
||||
if (argptr && argptr[0]) {
|
||||
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
|
||||
ENGINE *e = ENGINE_by_id(argptr);
|
||||
if (e) {
|
||||
if (data->engine) {
|
||||
ENGINE_free(data->engine);
|
||||
}
|
||||
data->engine = e;
|
||||
}
|
||||
else {
|
||||
failf(data, "SSL Engine '%s' not found", argptr);
|
||||
result = CURLE_SSL_ENGINE_NOTFOUND;
|
||||
}
|
||||
#else
|
||||
failf(data, "SSL Engine not supported");
|
||||
result = CURLE_SSL_ENGINE_NOTFOUND;
|
||||
#endif
|
||||
}
|
||||
if (argptr && argptr[0])
|
||||
result = Curl_SSL_set_engine(data, argptr);
|
||||
break;
|
||||
|
||||
case CURLOPT_SSLENGINE_DEFAULT:
|
||||
/*
|
||||
* flag to set engine as default.
|
||||
*/
|
||||
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
|
||||
if (data->engine) {
|
||||
if (ENGINE_set_default(data->engine, ENGINE_METHOD_ALL) > 0) {
|
||||
#ifdef DEBUG
|
||||
fprintf(stderr,"set default crypto engine\n");
|
||||
#endif
|
||||
}
|
||||
else {
|
||||
#ifdef DEBUG
|
||||
failf(data, "set default crypto engine failed");
|
||||
#endif
|
||||
return CURLE_SSL_ENGINE_SETFAILED;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
result = Curl_SSL_set_engine_default(data);
|
||||
break;
|
||||
case CURLOPT_CRLF:
|
||||
/*
|
||||
|
@ -974,7 +974,8 @@ struct SessionHandle {
|
||||
other dynamic purposes */
|
||||
struct PureInfo info; /* stats, reports and info data */
|
||||
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
|
||||
ENGINE* engine;
|
||||
ENGINE *engine;
|
||||
struct curl_slist *engine_list; /* list of names from ENGINE_get_id() */
|
||||
#endif /* USE_SSLEAY */
|
||||
};
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user