mirror of
https://github.com/moparisthebest/curl
synced 2024-12-22 08:08:50 -05:00
Added handling of CURLINFO_SSL_ENGINES;
Added Curl_SSL_engines_list(), cleanup SSL in url.c (no HAVE_OPENSSL_x etc.).
This commit is contained in:
parent
be9ea07e87
commit
bdb0620529
80
lib/ssluse.c
80
lib/ssluse.c
@ -482,6 +482,77 @@ void Curl_SSL_Close(struct connectdata *conn)
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
||||||
|
/* Selects an OpenSSL crypto engine
|
||||||
|
*/
|
||||||
|
CURLcode Curl_SSL_set_engine(struct SessionHandle *data, const char *engine)
|
||||||
|
{
|
||||||
|
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
|
||||||
|
ENGINE *e = ENGINE_by_id(engine);
|
||||||
|
|
||||||
|
if (!e) {
|
||||||
|
failf(data, "SSL Engine '%s' not found", engine);
|
||||||
|
return (CURLE_SSL_ENGINE_NOTFOUND);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (data->engine) {
|
||||||
|
ENGINE_finish(data->engine);
|
||||||
|
ENGINE_free(data->engine);
|
||||||
|
}
|
||||||
|
data->engine = NULL;
|
||||||
|
if (!ENGINE_init(e)) {
|
||||||
|
ENGINE_free(e);
|
||||||
|
failf(data, "Failed to initialise SSL Engine '%s'", engine);
|
||||||
|
return (CURLE_SSL_ENGINE_INITFAILED);
|
||||||
|
}
|
||||||
|
data->engine = e;
|
||||||
|
return (CURLE_OK);
|
||||||
|
#else
|
||||||
|
failf(data, "SSL Engine not supported");
|
||||||
|
return (CURLE_SSL_ENGINE_NOTFOUND);
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Sets above engine as default for all SSL operations
|
||||||
|
*/
|
||||||
|
CURLcode Curl_SSL_set_engine_default(struct SessionHandle *data)
|
||||||
|
{
|
||||||
|
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
|
||||||
|
if (data->engine) {
|
||||||
|
if (ENGINE_set_default(data->engine, ENGINE_METHOD_ALL) > 0) {
|
||||||
|
infof(data,"set default crypto engine %s\n", data->engine);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
failf(data, "set default crypto engine %s failed", data->engine);
|
||||||
|
return CURLE_SSL_ENGINE_SETFAILED;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
(void) data;
|
||||||
|
#endif
|
||||||
|
return (CURLE_OK);
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Build the list of OpenSSL crypto engine names. Add to
|
||||||
|
* linked list at data->engine_list.
|
||||||
|
*/
|
||||||
|
CURLcode Curl_SSL_engines_list(struct SessionHandle *data)
|
||||||
|
{
|
||||||
|
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
|
||||||
|
ENGINE *e;
|
||||||
|
|
||||||
|
/* Free previous list */
|
||||||
|
if (data->engine_list)
|
||||||
|
curl_slist_free_all(data->engine_list);
|
||||||
|
|
||||||
|
data->engine_list = NULL;
|
||||||
|
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
|
||||||
|
data->engine_list = curl_slist_append(data->engine_list, ENGINE_get_id(e));
|
||||||
|
#endif
|
||||||
|
return (CURLE_OK);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
#ifdef USE_SSLEAY
|
#ifdef USE_SSLEAY
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -620,11 +691,15 @@ int Curl_SSL_Close_All(struct SessionHandle *data)
|
|||||||
free(data->state.session);
|
free(data->state.session);
|
||||||
}
|
}
|
||||||
#ifdef HAVE_OPENSSL_ENGINE_H
|
#ifdef HAVE_OPENSSL_ENGINE_H
|
||||||
if(data->engine)
|
if(data->engine) {
|
||||||
{
|
ENGINE_finish(data->engine);
|
||||||
ENGINE_free(data->engine);
|
ENGINE_free(data->engine);
|
||||||
data->engine = NULL;
|
data->engine = NULL;
|
||||||
}
|
}
|
||||||
|
if (data->engine_list)
|
||||||
|
curl_slist_free_all(data->engine_list);
|
||||||
|
data->engine_list = NULL;
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -1483,3 +1558,4 @@ Curl_SSLConnect(struct connectdata *conn,
|
|||||||
#endif
|
#endif
|
||||||
return retcode;
|
return retcode;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
10
lib/ssluse.h
10
lib/ssluse.h
@ -35,4 +35,14 @@ void Curl_SSL_Close(struct connectdata *conn); /* close a SSL connection */
|
|||||||
/* tell the SSL stuff to close down all open information regarding
|
/* tell the SSL stuff to close down all open information regarding
|
||||||
connections (and thus session ID caching etc) */
|
connections (and thus session ID caching etc) */
|
||||||
int Curl_SSL_Close_All(struct SessionHandle *data);
|
int Curl_SSL_Close_All(struct SessionHandle *data);
|
||||||
|
|
||||||
|
/* Sets an OpenSSL engine */
|
||||||
|
CURLcode Curl_SSL_set_engine(struct SessionHandle *data, const char *engine);
|
||||||
|
|
||||||
|
/* Sets above engine as default for all SSL operations */
|
||||||
|
CURLcode Curl_SSL_set_engine_default(struct SessionHandle *data);
|
||||||
|
|
||||||
|
/* Build list of OpenSSL engines */
|
||||||
|
CURLcode Curl_SSL_engines_list(struct SessionHandle *data);
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -200,6 +200,9 @@ curl_easy_strerror(CURLcode error)
|
|||||||
case CURLE_SSL_ENGINE_SETFAILED:
|
case CURLE_SSL_ENGINE_SETFAILED:
|
||||||
return "can not set SSL crypto engine as default";
|
return "can not set SSL crypto engine as default";
|
||||||
|
|
||||||
|
case CURLE_SSL_ENGINE_INITFAILED:
|
||||||
|
return "failed to initialise SSL crypto engine";
|
||||||
|
|
||||||
case CURLE_SEND_ERROR:
|
case CURLE_SEND_ERROR:
|
||||||
return "failed sending data to the peer";
|
return "failed sending data to the peer";
|
||||||
|
|
||||||
|
39
lib/url.c
39
lib/url.c
@ -97,9 +97,6 @@ void idn_free (void *ptr); /* prototype from idn-free.h, not provided by
|
|||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef HAVE_OPENSSL_ENGINE_H
|
|
||||||
#include <openssl/engine.h>
|
|
||||||
#endif
|
|
||||||
#include "urldata.h"
|
#include "urldata.h"
|
||||||
#include "netrc.h"
|
#include "netrc.h"
|
||||||
|
|
||||||
@ -1150,45 +1147,15 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, ...)
|
|||||||
* String that holds the SSL crypto engine.
|
* String that holds the SSL crypto engine.
|
||||||
*/
|
*/
|
||||||
argptr = va_arg(param, char *);
|
argptr = va_arg(param, char *);
|
||||||
if (argptr && argptr[0]) {
|
if (argptr && argptr[0])
|
||||||
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
|
result = Curl_SSL_set_engine(data, argptr);
|
||||||
ENGINE *e = ENGINE_by_id(argptr);
|
|
||||||
if (e) {
|
|
||||||
if (data->engine) {
|
|
||||||
ENGINE_free(data->engine);
|
|
||||||
}
|
|
||||||
data->engine = e;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
failf(data, "SSL Engine '%s' not found", argptr);
|
|
||||||
result = CURLE_SSL_ENGINE_NOTFOUND;
|
|
||||||
}
|
|
||||||
#else
|
|
||||||
failf(data, "SSL Engine not supported");
|
|
||||||
result = CURLE_SSL_ENGINE_NOTFOUND;
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case CURLOPT_SSLENGINE_DEFAULT:
|
case CURLOPT_SSLENGINE_DEFAULT:
|
||||||
/*
|
/*
|
||||||
* flag to set engine as default.
|
* flag to set engine as default.
|
||||||
*/
|
*/
|
||||||
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
|
result = Curl_SSL_set_engine_default(data);
|
||||||
if (data->engine) {
|
|
||||||
if (ENGINE_set_default(data->engine, ENGINE_METHOD_ALL) > 0) {
|
|
||||||
#ifdef DEBUG
|
|
||||||
fprintf(stderr,"set default crypto engine\n");
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
#ifdef DEBUG
|
|
||||||
failf(data, "set default crypto engine failed");
|
|
||||||
#endif
|
|
||||||
return CURLE_SSL_ENGINE_SETFAILED;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
break;
|
break;
|
||||||
case CURLOPT_CRLF:
|
case CURLOPT_CRLF:
|
||||||
/*
|
/*
|
||||||
|
@ -975,6 +975,7 @@ struct SessionHandle {
|
|||||||
struct PureInfo info; /* stats, reports and info data */
|
struct PureInfo info; /* stats, reports and info data */
|
||||||
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
|
#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
|
||||||
ENGINE *engine;
|
ENGINE *engine;
|
||||||
|
struct curl_slist *engine_list; /* list of names from ENGINE_get_id() */
|
||||||
#endif /* USE_SSLEAY */
|
#endif /* USE_SSLEAY */
|
||||||
};
|
};
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user