Added handling of CURLINFO_SSL_ENGINES;

Added Curl_SSL_engines_list(), cleanup SSL in url.c
(no HAVE_OPENSSL_x etc.).
This commit is contained in:
Gisle Vanem 2004-12-13 16:43:00 +00:00
parent be9ea07e87
commit bdb0620529
5 changed files with 102 additions and 45 deletions

View File

@ -482,6 +482,77 @@ void Curl_SSL_Close(struct connectdata *conn)
} }
#endif #endif
/* Selects an OpenSSL crypto engine
*/
CURLcode Curl_SSL_set_engine(struct SessionHandle *data, const char *engine)
{
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
ENGINE *e = ENGINE_by_id(engine);
if (!e) {
failf(data, "SSL Engine '%s' not found", engine);
return (CURLE_SSL_ENGINE_NOTFOUND);
}
if (data->engine) {
ENGINE_finish(data->engine);
ENGINE_free(data->engine);
}
data->engine = NULL;
if (!ENGINE_init(e)) {
ENGINE_free(e);
failf(data, "Failed to initialise SSL Engine '%s'", engine);
return (CURLE_SSL_ENGINE_INITFAILED);
}
data->engine = e;
return (CURLE_OK);
#else
failf(data, "SSL Engine not supported");
return (CURLE_SSL_ENGINE_NOTFOUND);
#endif
}
/* Sets above engine as default for all SSL operations
*/
CURLcode Curl_SSL_set_engine_default(struct SessionHandle *data)
{
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
if (data->engine) {
if (ENGINE_set_default(data->engine, ENGINE_METHOD_ALL) > 0) {
infof(data,"set default crypto engine %s\n", data->engine);
}
else {
failf(data, "set default crypto engine %s failed", data->engine);
return CURLE_SSL_ENGINE_SETFAILED;
}
}
#else
(void) data;
#endif
return (CURLE_OK);
}
/* Build the list of OpenSSL crypto engine names. Add to
* linked list at data->engine_list.
*/
CURLcode Curl_SSL_engines_list(struct SessionHandle *data)
{
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
ENGINE *e;
/* Free previous list */
if (data->engine_list)
curl_slist_free_all(data->engine_list);
data->engine_list = NULL;
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
data->engine_list = curl_slist_append(data->engine_list, ENGINE_get_id(e));
#endif
return (CURLE_OK);
}
#ifdef USE_SSLEAY #ifdef USE_SSLEAY
/* /*
@ -620,11 +691,15 @@ int Curl_SSL_Close_All(struct SessionHandle *data)
free(data->state.session); free(data->state.session);
} }
#ifdef HAVE_OPENSSL_ENGINE_H #ifdef HAVE_OPENSSL_ENGINE_H
if(data->engine) if(data->engine) {
{ ENGINE_finish(data->engine);
ENGINE_free(data->engine); ENGINE_free(data->engine);
data->engine = NULL; data->engine = NULL;
} }
if (data->engine_list)
curl_slist_free_all(data->engine_list);
data->engine_list = NULL;
#endif #endif
return 0; return 0;
} }
@ -1483,3 +1558,4 @@ Curl_SSLConnect(struct connectdata *conn,
#endif #endif
return retcode; return retcode;
} }

View File

@ -35,4 +35,14 @@ void Curl_SSL_Close(struct connectdata *conn); /* close a SSL connection */
/* tell the SSL stuff to close down all open information regarding /* tell the SSL stuff to close down all open information regarding
connections (and thus session ID caching etc) */ connections (and thus session ID caching etc) */
int Curl_SSL_Close_All(struct SessionHandle *data); int Curl_SSL_Close_All(struct SessionHandle *data);
/* Sets an OpenSSL engine */
CURLcode Curl_SSL_set_engine(struct SessionHandle *data, const char *engine);
/* Sets above engine as default for all SSL operations */
CURLcode Curl_SSL_set_engine_default(struct SessionHandle *data);
/* Build list of OpenSSL engines */
CURLcode Curl_SSL_engines_list(struct SessionHandle *data);
#endif #endif

View File

@ -200,6 +200,9 @@ curl_easy_strerror(CURLcode error)
case CURLE_SSL_ENGINE_SETFAILED: case CURLE_SSL_ENGINE_SETFAILED:
return "can not set SSL crypto engine as default"; return "can not set SSL crypto engine as default";
case CURLE_SSL_ENGINE_INITFAILED:
return "failed to initialise SSL crypto engine";
case CURLE_SEND_ERROR: case CURLE_SEND_ERROR:
return "failed sending data to the peer"; return "failed sending data to the peer";

View File

@ -97,9 +97,6 @@ void idn_free (void *ptr); /* prototype from idn-free.h, not provided by
#endif #endif
#endif #endif
#ifdef HAVE_OPENSSL_ENGINE_H
#include <openssl/engine.h>
#endif
#include "urldata.h" #include "urldata.h"
#include "netrc.h" #include "netrc.h"
@ -1150,45 +1147,15 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, ...)
* String that holds the SSL crypto engine. * String that holds the SSL crypto engine.
*/ */
argptr = va_arg(param, char *); argptr = va_arg(param, char *);
if (argptr && argptr[0]) { if (argptr && argptr[0])
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H) result = Curl_SSL_set_engine(data, argptr);
ENGINE *e = ENGINE_by_id(argptr);
if (e) {
if (data->engine) {
ENGINE_free(data->engine);
}
data->engine = e;
}
else {
failf(data, "SSL Engine '%s' not found", argptr);
result = CURLE_SSL_ENGINE_NOTFOUND;
}
#else
failf(data, "SSL Engine not supported");
result = CURLE_SSL_ENGINE_NOTFOUND;
#endif
}
break; break;
case CURLOPT_SSLENGINE_DEFAULT: case CURLOPT_SSLENGINE_DEFAULT:
/* /*
* flag to set engine as default. * flag to set engine as default.
*/ */
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H) result = Curl_SSL_set_engine_default(data);
if (data->engine) {
if (ENGINE_set_default(data->engine, ENGINE_METHOD_ALL) > 0) {
#ifdef DEBUG
fprintf(stderr,"set default crypto engine\n");
#endif
}
else {
#ifdef DEBUG
failf(data, "set default crypto engine failed");
#endif
return CURLE_SSL_ENGINE_SETFAILED;
}
}
#endif
break; break;
case CURLOPT_CRLF: case CURLOPT_CRLF:
/* /*

View File

@ -975,6 +975,7 @@ struct SessionHandle {
struct PureInfo info; /* stats, reports and info data */ struct PureInfo info; /* stats, reports and info data */
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H) #if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
ENGINE *engine; ENGINE *engine;
struct curl_slist *engine_list; /* list of names from ENGINE_get_id() */
#endif /* USE_SSLEAY */ #endif /* USE_SSLEAY */
}; };