diff --git a/lib/setopt.c b/lib/setopt.c index 913cd8ea0..af53ee3ef 100644 --- a/lib/setopt.c +++ b/lib/setopt.c @@ -1748,7 +1748,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, * Set a SSL_CTX callback */ #ifdef USE_SSL - if(Curl_ssl->have_ssl_ctx) + if(Curl_ssl->supports & SSLSUPP_SSL_CTX) data->set.ssl.fsslctx = va_arg(param, curl_ssl_ctx_callback); else #endif @@ -1759,7 +1759,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, * Set a SSL_CTX callback parameter pointer */ #ifdef USE_SSL - if(Curl_ssl->have_ssl_ctx) + if(Curl_ssl->supports & SSLSUPP_SSL_CTX) data->set.ssl.fsslctxp = va_arg(param, void *); else #endif @@ -1778,7 +1778,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, break; case CURLOPT_CERTINFO: #ifdef USE_SSL - if(Curl_ssl->have_certinfo) + if(Curl_ssl->supports & SSLSUPP_CERTINFO) data->set.ssl.certinfo = (0 != va_arg(param, long)) ? TRUE : FALSE; else #endif @@ -1790,7 +1790,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, * Specify file name of the public key in DER format. */ #ifdef USE_SSL - if(Curl_ssl->have_pinnedpubkey) + if(Curl_ssl->supports & SSLSUPP_PINNEDPUBKEY) result = Curl_setstropt(&data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG], va_arg(param, char *)); else @@ -1803,7 +1803,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, * Specify file name of the public key in DER format. */ #ifdef USE_SSL - if(Curl_ssl->have_pinnedpubkey) + if(Curl_ssl->supports & SSLSUPP_PINNEDPUBKEY) result = Curl_setstropt(&data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY], va_arg(param, char *)); else @@ -1831,7 +1831,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, * certificates which have been prepared using openssl c_rehash utility. */ #ifdef USE_SSL - if(Curl_ssl->have_ca_path) + if(Curl_ssl->supports & SSLSUPP_CA_PATH) /* This does not work on windows. */ result = Curl_setstropt(&data->set.str[STRING_SSL_CAPATH_ORIG], va_arg(param, char *)); @@ -1845,7 +1845,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, * CA certificates which have been prepared using openssl c_rehash utility. */ #ifdef USE_SSL - if(Curl_ssl->have_ca_path) + if(Curl_ssl->supports & SSLSUPP_CA_PATH) /* This does not work on windows. */ result = Curl_setstropt(&data->set.str[STRING_SSL_CAPATH_PROXY], va_arg(param, char *)); diff --git a/lib/url.c b/lib/url.c index eb1fc2220..38f08b3c6 100644 --- a/lib/url.c +++ b/lib/url.c @@ -2740,7 +2740,7 @@ static CURLcode parse_proxy(struct Curl_easy *data, proxyptr = proxy; /* No xxx:// head: It's a HTTP proxy */ #ifdef USE_SSL - if(!Curl_ssl->support_https_proxy) + if(!(Curl_ssl->supports & SSLSUPP_HTTPS_PROXY)) #endif if(proxytype == CURLPROXY_HTTPS) { failf(data, "Unsupported proxy \'%s\', libcurl is built without the " diff --git a/lib/version.c b/lib/version.c index 1752e14e8..5b0d05a15 100644 --- a/lib/version.c +++ b/lib/version.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2017, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2018, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -399,7 +399,7 @@ curl_version_info_data *curl_version_info(CURLversion stamp) #ifdef USE_SSL Curl_ssl_version(ssl_buffer, sizeof(ssl_buffer)); version_info.ssl_version = ssl_buffer; - if(Curl_ssl->support_https_proxy) + if(Curl_ssl->supports & SSLSUPP_HTTPS_PROXY) version_info.features |= CURL_VERSION_HTTPS_PROXY; else version_info.features &= ~CURL_VERSION_HTTPS_PROXY; diff --git a/lib/vtls/axtls.c b/lib/vtls/axtls.c index 9294f49ed..5ed898b4f 100644 --- a/lib/vtls/axtls.c +++ b/lib/vtls/axtls.c @@ -6,7 +6,7 @@ * \___|\___/|_| \_\_____| * * Copyright (C) 2010, DirecTV, Contact: Eric Hu, . - * Copyright (C) 2010 - 2017, Daniel Stenberg, , et al. + * Copyright (C) 2010 - 2018, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -703,13 +703,7 @@ static void *Curl_axtls_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_axtls = { { CURLSSLBACKEND_AXTLS, "axtls" }, /* info */ - - 0, /* have_ca_path */ - 0, /* have_certinfo */ - 0, /* have_pinnedpubkey */ - 0, /* have_ssl_ctx */ - 0, /* support_https_proxy */ - + 0, /* no fancy stuff */ sizeof(struct ssl_backend_data), /* diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c index 491636dd5..b127dcca8 100644 --- a/lib/vtls/cyassl.c +++ b/lib/vtls/cyassl.c @@ -994,15 +994,10 @@ static void *Curl_cyassl_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_cyassl = { { CURLSSLBACKEND_WOLFSSL, "WolfSSL" }, /* info */ - 0, /* have_ca_path */ - 0, /* have_certinfo */ #ifdef KEEP_PEER_CERT - 1, /* have_pinnedpubkey */ -#else - 0, /* have_pinnedpubkey */ + SSLSUPP_PINNEDPUBKEY | #endif - 1, /* have_ssl_ctx */ - 0, /* support_https_proxy */ + SSLSUPP_SSL_CTX sizeof(struct ssl_backend_data), diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c index 0919f10dc..45fe49d82 100644 --- a/lib/vtls/darwinssl.c +++ b/lib/vtls/darwinssl.c @@ -6,7 +6,7 @@ * \___|\___/|_| \_\_____| * * Copyright (C) 2012 - 2017, Nick Zitzmann, . - * Copyright (C) 2012 - 2017, Daniel Stenberg, , et al. + * Copyright (C) 2012 - 2018, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -3029,15 +3029,11 @@ static void *Curl_darwinssl_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_darwinssl = { { CURLSSLBACKEND_DARWINSSL, "darwinssl" }, /* info */ - 0, /* have_ca_path */ - 0, /* have_certinfo */ #ifdef DARWIN_SSL_PINNEDPUBKEY - 1, /* have_pinnedpubkey */ + SSLSUPP_PINNEDPUBKEY, #else - 0, /* have_pinnedpubkey */ + 0, #endif /* DARWIN_SSL_PINNEDPUBKEY */ - 0, /* have_ssl_ctx */ - 0, /* support_https_proxy */ sizeof(struct ssl_backend_data), diff --git a/lib/vtls/gskit.c b/lib/vtls/gskit.c index afc90a859..a770565c1 100644 --- a/lib/vtls/gskit.c +++ b/lib/vtls/gskit.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2017, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2018, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -1353,12 +1353,8 @@ static void *Curl_gskit_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_gskit = { { CURLSSLBACKEND_GSKIT, "gskit" }, /* info */ - 0, /* have_ca_path */ - 1, /* have_certinfo */ - 1, /* have_pinnedpubkey */ - 0, /* have_ssl_ctx */ - /* TODO: convert to 1 and fix test #1014 (if need) */ - 0, /* support_https_proxy */ + SSLSUPP_CERTINFO | + SSLSUPP_PINNEDPUBKEY sizeof(struct ssl_backend_data), diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 688e83807..207b0fd1b 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -1802,11 +1802,10 @@ static void *Curl_gtls_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_gnutls = { { CURLSSLBACKEND_GNUTLS, "gnutls" }, /* info */ - 1, /* have_ca_path */ - 1, /* have_certinfo */ - 1, /* have_pinnedpubkey */ - 0, /* have_ssl_ctx */ - 1, /* support_https_proxy */ + SSLSUPP_CA_PATH | + SSLSUPP_CERTINFO | + SSLSUPP_PINNEDPUBKEY | + SSLSUPP_HTTPS_PROXY, sizeof(struct ssl_backend_data), diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index e76e19b09..4ec9fa18e 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -6,7 +6,7 @@ * \___|\___/|_| \_\_____| * * Copyright (C) 2010 - 2011, Hoi-Ho Chan, - * Copyright (C) 2012 - 2017, Daniel Stenberg, , et al. + * Copyright (C) 2012 - 2018, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -1049,11 +1049,9 @@ static void *Curl_mbedtls_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_mbedtls = { { CURLSSLBACKEND_MBEDTLS, "mbedtls" }, /* info */ - 1, /* have_ca_path */ - 0, /* have_certinfo */ - 1, /* have_pinnedpubkey */ - 1, /* have_ssl_ctx */ - 0, /* support_https_proxy */ + SSLSUPP_CA_PATH | + SSLSUPP_PINNEDPUBKEY | + SSLSUPP_SSL_CTX, sizeof(struct ssl_backend_data), diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c index edbacc671..7cd450cda 100644 --- a/lib/vtls/nss.c +++ b/lib/vtls/nss.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2017, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2018, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -2357,11 +2357,10 @@ static void *Curl_nss_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_nss = { { CURLSSLBACKEND_NSS, "nss" }, /* info */ - 1, /* have_ca_path */ - 1, /* have_certinfo */ - 1, /* have_pinnedpubkey */ - 0, /* have_ssl_ctx */ - 1, /* support_https_proxy */ + SSLSUPP_CA_PATH | + SSLSUPP_CERTINFO | + SSLSUPP_PINNEDPUBKEY | + SSLSUPP_HTTPS_PROXY, sizeof(struct ssl_backend_data), diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 80e9bf940..f6d647e1e 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -3724,11 +3724,11 @@ static void *Curl_ossl_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_openssl = { { CURLSSLBACKEND_OPENSSL, "openssl" }, /* info */ - 1, /* have_ca_path */ - 1, /* have_certinfo */ - 1, /* have_pinnedpubkey */ - 1, /* have_ssl_ctx */ - 1, /* support_https_proxy */ + SSLSUPP_CA_PATH | + SSLSUPP_CERTINFO | + SSLSUPP_PINNEDPUBKEY | + SSLSUPP_SSL_CTX | + SSLSUPP_HTTPS_PROXY, sizeof(struct ssl_backend_data), diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c index 811cdc2fb..604cb4c86 100644 --- a/lib/vtls/polarssl.c +++ b/lib/vtls/polarssl.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2012 - 2017, Daniel Stenberg, , et al. + * Copyright (C) 2012 - 2018, Daniel Stenberg, , et al. * Copyright (C) 2010 - 2011, Hoi-Ho Chan, * * This software is licensed as described in the file COPYING, which @@ -900,11 +900,8 @@ static void *Curl_polarssl_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_polarssl = { { CURLSSLBACKEND_POLARSSL, "polarssl" }, /* info */ - 1, /* have_ca_path */ - 0, /* have_certinfo */ - 1, /* have_pinnedpubkey */ - 0, /* have_ssl_ctx */ - 0, /* support_https_proxy */ + SSLSUPP_CA_PATH | + SSLSUPP_PINNEDPUBKEY, sizeof(struct ssl_backend_data), diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 01f6f6691..548f4e316 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -1923,11 +1923,8 @@ static void *Curl_schannel_get_internals(struct ssl_connect_data *connssl, const struct Curl_ssl Curl_ssl_schannel = { { CURLSSLBACKEND_SCHANNEL, "schannel" }, /* info */ - 0, /* have_ca_path */ - 1, /* have_certinfo */ - 1, /* have_pinnedpubkey */ - 0, /* have_ssl_ctx */ - 0, /* support_https_proxy */ + SSLSUPP_CERTINFO | + SSLSUPP_PINNEDPUBKEY sizeof(struct ssl_backend_data), diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index 1745fd882..ee5bc7a0a 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2017, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2018, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -211,7 +211,7 @@ ssl_connect_init_proxy(struct connectdata *conn, int sockindex) !conn->proxy_ssl[sockindex].use) { struct ssl_backend_data *pbdata; - if(!Curl_ssl->support_https_proxy) + if(!(Curl_ssl->supports & SSLSUPP_HTTPS_PROXY)) return CURLE_NOT_BUILT_IN; /* The pointers to the ssl backend data, which is opaque here, are swapped @@ -1131,13 +1131,7 @@ static void Curl_multissl_close(struct connectdata *conn, int sockindex) static const struct Curl_ssl Curl_ssl_multi = { { CURLSSLBACKEND_NONE, "multi" }, /* info */ - - 0, /* have_ca_path */ - 0, /* have_certinfo */ - 0, /* have_pinnedpubkey */ - 0, /* have_ssl_ctx */ - 0, /* support_https_proxy */ - + 0, /* supports nothing */ (size_t)-1, /* something insanely large to be on the safe side */ Curl_multissl_init, /* init */ diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h index 5c3146ee9..e7b87c4d3 100644 --- a/lib/vtls/vtls.h +++ b/lib/vtls/vtls.h @@ -26,20 +26,19 @@ struct connectdata; struct ssl_connect_data; +#define SSLSUPP_CA_PATH (1<<0) /* supports CAPATH */ +#define SSLSUPP_CERTINFO (1<<1) /* supports CURLOPT_CERTINFO */ +#define SSLSUPP_PINNEDPUBKEY (1<<2) /* supports CURLOPT_PINNEDPUBLICKEY */ +#define SSLSUPP_SSL_CTX (1<<3) /* supports CURLOPT_SSL_CTX */ +#define SSLSUPP_HTTPS_PROXY (1<<4) /* supports access via HTTPS proxies */ + struct Curl_ssl { /* * This *must* be the first entry to allow returning the list of available * backends in curl_global_sslset(). */ curl_ssl_backend info; - - unsigned have_ca_path:1; /* supports CAPATH */ - unsigned have_certinfo:1; /* supports CURLOPT_CERTINFO */ - unsigned have_pinnedpubkey:1; /* supports CURLOPT_PINNEDPUBLICKEY */ - unsigned have_ssl_ctx:1; /* supports CURLOPT_SSL_CTX_* */ - - unsigned support_https_proxy:1; /* supports access via HTTPS proxies */ - + unsigned int supports; /* bitfield, see above */ size_t sizeof_ssl_backend_data; int (*init)(void);