vtls: move the SUPPORT_HTTPS_PROXY flag into the Curl_ssl struct

That will allow us to choose the SSL backend at runtime. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-06-26 18:05:38 +02:00 · 2017-06-26 18:05:38 +02:00 · f0b4db1ab0
parent 937899a3b8
commit f0b4db1ab0
18 changed files with 27 additions and 25 deletions
--- a/lib/url.c
+++ b/lib/url.c
@ -5082,13 +5082,14 @@ static CURLcode parse_proxy(struct Curl_easy *data,
  else
    proxyptr = proxy; /* No xxx:// head: It's a HTTP proxy */

-#ifndef HTTPS_PROXY_SUPPORT
-  if(proxytype == CURLPROXY_HTTPS) {
-    failf(data, "Unsupported proxy \'%s\'"
-                ", libcurl is built without the HTTPS-proxy support.", proxy);
-    return CURLE_NOT_BUILT_IN;
-  }
+#ifdef USE_SSL
+  if(!Curl_ssl->support_https_proxy)
 #endif
+    if(proxytype == CURLPROXY_HTTPS) {
+      failf(data, "Unsupported proxy \'%s\', libcurl is built without the "
+                  "HTTPS-proxy support.", proxy);
+      return CURLE_NOT_BUILT_IN;
+    }

  sockstype = proxytype == CURLPROXY_SOCKS5_HOSTNAME ||
              proxytype == CURLPROXY_SOCKS5 ||
--- a/lib/version.c
+++ b/lib/version.c
@ -323,9 +323,6 @@ static curl_version_info_data version_info = {
 #endif
 #if defined(USE_LIBPSL)
  | CURL_VERSION_PSL
-#endif
-#if defined(HTTPS_PROXY_SUPPORT)
-  | CURL_VERSION_HTTPS_PROXY
 #endif
  ,
  NULL, /* ssl_version */
@ -355,6 +352,10 @@ curl_version_info_data *curl_version_info(CURLversion stamp)
 #ifdef USE_SSL
  Curl_ssl_version(ssl_buffer, sizeof(ssl_buffer));
  version_info.ssl_version = ssl_buffer;
+  if(Curl_ssl->support_https_proxy)
+    version_info.features |= CURL_VERSION_HTTPS_PROXY;
+  else
+    version_info.features &= ~CURL_VERSION_HTTPS_PROXY;
 #endif

 #ifdef HAVE_LIBZ
--- a/lib/vtls/axtls.c
+++ b/lib/vtls/axtls.c
@ -709,6 +709,7 @@ const struct Curl_ssl Curl_ssl_axtls = {
  0, /* have_certinfo */
  0, /* have_pinnedpubkey */
  0, /* have_ssl_ctx */
+  0, /* support_https_proxy */

  Curl_axtls_init,                /* init */
  Curl_axtls_cleanup,             /* cleanup */
--- a/lib/vtls/cyassl.c
+++ b/lib/vtls/cyassl.c
@ -974,6 +974,7 @@ const struct Curl_ssl Curl_ssl_cyassl = {
  0, /* have_pinnedpubkey */
 #endif
  1, /* have_ssl_ctx */
+  0, /* support_https_proxy */

  Curl_cyassl_init,                /* init */
  Curl_none_cleanup,               /* cleanup */
--- a/lib/vtls/darwinssl.c
+++ b/lib/vtls/darwinssl.c
@ -2886,6 +2886,7 @@ const struct Curl_ssl Curl_ssl_darwinssl = {
  0, /* have_pinnedpubkey */
 #endif /* DARWIN_SSL_PINNEDPUBKEY */
  0, /* have_ssl_ctx */
+  0, /* support_https_proxy */

  Curl_none_init,                     /* init */
  Curl_none_cleanup,                  /* cleanup */
--- a/lib/vtls/gskit.c
+++ b/lib/vtls/gskit.c
@ -1341,6 +1341,9 @@ const struct Curl_ssl Curl_ssl_gskit = {
  1, /* have_certinfo */
  0, /* have_pinnedpubkey */
  0, /* have_ssl_ctx */
+  /* TODO: convert to 1 and fix test #1014 (if need) */
+  0, /* support_https_proxy */
+

  Curl_gskit_init,                /* init */
  Curl_gskit_cleanup,             /* cleanup */
--- a/lib/vtls/gskit.h
+++ b/lib/vtls/gskit.h
@ -41,9 +41,6 @@ int Curl_gskit_shutdown(struct connectdata *conn, int sockindex);
 size_t Curl_gskit_version(char *buffer, size_t size);
 int Curl_gskit_check_cxn(struct connectdata *cxn);

-/* Support HTTPS-proxy */
-/* TODO: add '#define HTTPS_PROXY_SUPPORT 1' and fix test #1014 (if need) */
-
 extern const struct Curl_ssl Curl_ssl_gskit;

 /* Set the API backend definition to GSKit */
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@ -1793,6 +1793,7 @@ const struct Curl_ssl Curl_ssl_gnutls = {
  1, /* have_certinfo */
  1, /* have_pinnedpubkey */
  0, /* have_ssl_ctx */
+  1, /* support_https_proxy */

  Curl_gtls_init,                /* init */
  Curl_gtls_cleanup,             /* cleanup */
--- a/lib/vtls/gtls.h
+++ b/lib/vtls/gtls.h
@ -49,9 +49,6 @@ CURLcode Curl_gtls_random(struct Curl_easy *data,

 bool Curl_gtls_cert_status_request(void);

-/* Support HTTPS-proxy */
-#define HTTPS_PROXY_SUPPORT 1
-
 extern const struct Curl_ssl Curl_ssl_gnutls;

 /* Set the API backend definition to GnuTLS */
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@ -1022,6 +1022,7 @@ const struct Curl_ssl Curl_ssl_mbedtls = {
  0, /* have_certinfo */
  1, /* have_pinnedpubkey */
  1, /* have_ssl_ctx */
+  0, /* support_https_proxy */

  Curl_mbedtls_init,                /* init */
  Curl_mbedtls_cleanup,             /* cleanup */
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@ -2331,6 +2331,7 @@ const struct Curl_ssl Curl_ssl_nss = {
  1, /* have_certinfo */
  1, /* have_pinnedpubkey */
  0, /* have_ssl_ctx */
+  1, /* support_https_proxy */

  Curl_nss_init,                /* init */
  Curl_nss_cleanup,             /* cleanup */
--- a/lib/vtls/nssg.h
+++ b/lib/vtls/nssg.h
@ -56,9 +56,6 @@ bool Curl_nss_cert_status_request(void);

 bool Curl_nss_false_start(void);

-/* Support HTTPS-proxy */
-#define HTTPS_PROXY_SUPPORT 1
-
 extern const struct Curl_ssl Curl_ssl_nss;

 /* Set the API backend definition to NSS */
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@ -3394,6 +3394,7 @@ const struct Curl_ssl Curl_ssl_openssl = {
  1, /* have_certinfo */
  1, /* have_pinnedpubkey */
  1, /* have_ssl_ctx */
+  1, /* support_https_proxy */

  Curl_ossl_init,                /* init */
  Curl_ossl_cleanup,             /* cleanup */
--- a/lib/vtls/openssl.h
+++ b/lib/vtls/openssl.h
@ -71,9 +71,6 @@ CURLcode Curl_ossl_random(struct Curl_easy *data, unsigned char *entropy,

 bool Curl_ossl_cert_status_request(void);

-/* Support HTTPS-proxy */
-#define HTTPS_PROXY_SUPPORT 1
-
 extern const struct Curl_ssl Curl_ssl_openssl;

 /* Set the API backend definition to OpenSSL */
--- a/lib/vtls/polarssl.c
+++ b/lib/vtls/polarssl.c
@ -885,6 +885,7 @@ const struct Curl_ssl Curl_ssl_polarssl = {
  0, /* have_certinfo */
  1, /* have_pinnedpubkey */
  0, /* have_ssl_ctx */
+  0, /* support_https_proxy */

  Curl_polarssl_init,                /* init */
  Curl_polarssl_cleanup,             /* cleanup */
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@ -1733,6 +1733,7 @@ const struct Curl_ssl Curl_ssl_schannel = {
  1, /* have_certinfo */
  0, /* have_pinnedpubkey */
  0, /* have_ssl_ctx */
+  0, /* support_https_proxy */

  Curl_schannel_init,                /* init */
  Curl_schannel_cleanup,             /* cleanup */
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@ -205,12 +205,10 @@ ssl_connect_init_proxy(struct connectdata *conn, int sockindex)
  DEBUGASSERT(conn->bits.proxy_ssl_connected[sockindex]);
  if(ssl_connection_complete == conn->ssl[sockindex].state &&
     !conn->proxy_ssl[sockindex].use) {
-#if defined(HTTPS_PROXY_SUPPORT)
+    if(!Curl_ssl->support_https_proxy)
+      return CURLE_NOT_BUILT_IN;
    conn->proxy_ssl[sockindex] = conn->ssl[sockindex];
    memset(&conn->ssl[sockindex], 0, sizeof(conn->ssl[sockindex]));
-#else
-    return CURLE_NOT_BUILT_IN;
-#endif
  }
  return CURLE_OK;
 }
--- a/lib/vtls/vtls.h
+++ b/lib/vtls/vtls.h
@ -33,6 +33,8 @@ struct Curl_ssl {
  unsigned have_pinnedpubkey:1; /* supports CURLOPT_PINNEDPUBLICKEY */
  unsigned have_ssl_ctx:1;      /* supports CURLOPT_SSL_CTX_* */

+  unsigned support_https_proxy:1; /* supports access via HTTPS proxies */
+
  int (*init)(void);
  void (*cleanup)(void);