diff --git a/lib/url.c b/lib/url.c index dd254af54..6d6a56e1f 100644 --- a/lib/url.c +++ b/lib/url.c @@ -5082,13 +5082,14 @@ static CURLcode parse_proxy(struct Curl_easy *data, else proxyptr = proxy; /* No xxx:// head: It's a HTTP proxy */ -#ifndef HTTPS_PROXY_SUPPORT - if(proxytype == CURLPROXY_HTTPS) { - failf(data, "Unsupported proxy \'%s\'" - ", libcurl is built without the HTTPS-proxy support.", proxy); - return CURLE_NOT_BUILT_IN; - } +#ifdef USE_SSL + if(!Curl_ssl->support_https_proxy) #endif + if(proxytype == CURLPROXY_HTTPS) { + failf(data, "Unsupported proxy \'%s\', libcurl is built without the " + "HTTPS-proxy support.", proxy); + return CURLE_NOT_BUILT_IN; + } sockstype = proxytype == CURLPROXY_SOCKS5_HOSTNAME || proxytype == CURLPROXY_SOCKS5 || diff --git a/lib/version.c b/lib/version.c index 3d1776813..b1959dee1 100644 --- a/lib/version.c +++ b/lib/version.c @@ -323,9 +323,6 @@ static curl_version_info_data version_info = { #endif #if defined(USE_LIBPSL) | CURL_VERSION_PSL -#endif -#if defined(HTTPS_PROXY_SUPPORT) - | CURL_VERSION_HTTPS_PROXY #endif , NULL, /* ssl_version */ @@ -355,6 +352,10 @@ curl_version_info_data *curl_version_info(CURLversion stamp) #ifdef USE_SSL Curl_ssl_version(ssl_buffer, sizeof(ssl_buffer)); version_info.ssl_version = ssl_buffer; + if(Curl_ssl->support_https_proxy) + version_info.features |= CURL_VERSION_HTTPS_PROXY; + else + version_info.features &= ~CURL_VERSION_HTTPS_PROXY; #endif #ifdef HAVE_LIBZ diff --git a/lib/vtls/axtls.c b/lib/vtls/axtls.c index 885cbf532..12c3a4fff 100644 --- a/lib/vtls/axtls.c +++ b/lib/vtls/axtls.c @@ -709,6 +709,7 @@ const struct Curl_ssl Curl_ssl_axtls = { 0, /* have_certinfo */ 0, /* have_pinnedpubkey */ 0, /* have_ssl_ctx */ + 0, /* support_https_proxy */ Curl_axtls_init, /* init */ Curl_axtls_cleanup, /* cleanup */ diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c index 7f90e913f..59aa1d5b2 100644 --- a/lib/vtls/cyassl.c +++ b/lib/vtls/cyassl.c @@ -974,6 +974,7 @@ const struct Curl_ssl Curl_ssl_cyassl = { 0, /* have_pinnedpubkey */ #endif 1, /* have_ssl_ctx */ + 0, /* support_https_proxy */ Curl_cyassl_init, /* init */ Curl_none_cleanup, /* cleanup */ diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c index 4d755d6b6..076ee293c 100644 --- a/lib/vtls/darwinssl.c +++ b/lib/vtls/darwinssl.c @@ -2886,6 +2886,7 @@ const struct Curl_ssl Curl_ssl_darwinssl = { 0, /* have_pinnedpubkey */ #endif /* DARWIN_SSL_PINNEDPUBKEY */ 0, /* have_ssl_ctx */ + 0, /* support_https_proxy */ Curl_none_init, /* init */ Curl_none_cleanup, /* cleanup */ diff --git a/lib/vtls/gskit.c b/lib/vtls/gskit.c index dc24f044b..fc73cf289 100644 --- a/lib/vtls/gskit.c +++ b/lib/vtls/gskit.c @@ -1341,6 +1341,9 @@ const struct Curl_ssl Curl_ssl_gskit = { 1, /* have_certinfo */ 0, /* have_pinnedpubkey */ 0, /* have_ssl_ctx */ + /* TODO: convert to 1 and fix test #1014 (if need) */ + 0, /* support_https_proxy */ + Curl_gskit_init, /* init */ Curl_gskit_cleanup, /* cleanup */ diff --git a/lib/vtls/gskit.h b/lib/vtls/gskit.h index f2f5eb89a..c8a2810e5 100644 --- a/lib/vtls/gskit.h +++ b/lib/vtls/gskit.h @@ -41,9 +41,6 @@ int Curl_gskit_shutdown(struct connectdata *conn, int sockindex); size_t Curl_gskit_version(char *buffer, size_t size); int Curl_gskit_check_cxn(struct connectdata *cxn); -/* Support HTTPS-proxy */ -/* TODO: add '#define HTTPS_PROXY_SUPPORT 1' and fix test #1014 (if need) */ - extern const struct Curl_ssl Curl_ssl_gskit; /* Set the API backend definition to GSKit */ diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index fbbcdf334..493520a62 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -1793,6 +1793,7 @@ const struct Curl_ssl Curl_ssl_gnutls = { 1, /* have_certinfo */ 1, /* have_pinnedpubkey */ 0, /* have_ssl_ctx */ + 1, /* support_https_proxy */ Curl_gtls_init, /* init */ Curl_gtls_cleanup, /* cleanup */ diff --git a/lib/vtls/gtls.h b/lib/vtls/gtls.h index d393b889d..f51cd70cf 100644 --- a/lib/vtls/gtls.h +++ b/lib/vtls/gtls.h @@ -49,9 +49,6 @@ CURLcode Curl_gtls_random(struct Curl_easy *data, bool Curl_gtls_cert_status_request(void); -/* Support HTTPS-proxy */ -#define HTTPS_PROXY_SUPPORT 1 - extern const struct Curl_ssl Curl_ssl_gnutls; /* Set the API backend definition to GnuTLS */ diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index c925ea93c..b13c617a4 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -1022,6 +1022,7 @@ const struct Curl_ssl Curl_ssl_mbedtls = { 0, /* have_certinfo */ 1, /* have_pinnedpubkey */ 1, /* have_ssl_ctx */ + 0, /* support_https_proxy */ Curl_mbedtls_init, /* init */ Curl_mbedtls_cleanup, /* cleanup */ diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c index ff338940c..8c2161843 100644 --- a/lib/vtls/nss.c +++ b/lib/vtls/nss.c @@ -2331,6 +2331,7 @@ const struct Curl_ssl Curl_ssl_nss = { 1, /* have_certinfo */ 1, /* have_pinnedpubkey */ 0, /* have_ssl_ctx */ + 1, /* support_https_proxy */ Curl_nss_init, /* init */ Curl_nss_cleanup, /* cleanup */ diff --git a/lib/vtls/nssg.h b/lib/vtls/nssg.h index 222c6e28e..7bf8123a6 100644 --- a/lib/vtls/nssg.h +++ b/lib/vtls/nssg.h @@ -56,9 +56,6 @@ bool Curl_nss_cert_status_request(void); bool Curl_nss_false_start(void); -/* Support HTTPS-proxy */ -#define HTTPS_PROXY_SUPPORT 1 - extern const struct Curl_ssl Curl_ssl_nss; /* Set the API backend definition to NSS */ diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 7376588c3..00956f986 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -3394,6 +3394,7 @@ const struct Curl_ssl Curl_ssl_openssl = { 1, /* have_certinfo */ 1, /* have_pinnedpubkey */ 1, /* have_ssl_ctx */ + 1, /* support_https_proxy */ Curl_ossl_init, /* init */ Curl_ossl_cleanup, /* cleanup */ diff --git a/lib/vtls/openssl.h b/lib/vtls/openssl.h index c17dff284..9df0503ea 100644 --- a/lib/vtls/openssl.h +++ b/lib/vtls/openssl.h @@ -71,9 +71,6 @@ CURLcode Curl_ossl_random(struct Curl_easy *data, unsigned char *entropy, bool Curl_ossl_cert_status_request(void); -/* Support HTTPS-proxy */ -#define HTTPS_PROXY_SUPPORT 1 - extern const struct Curl_ssl Curl_ssl_openssl; /* Set the API backend definition to OpenSSL */ diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c index 4d8db72d8..ee5a942da 100644 --- a/lib/vtls/polarssl.c +++ b/lib/vtls/polarssl.c @@ -885,6 +885,7 @@ const struct Curl_ssl Curl_ssl_polarssl = { 0, /* have_certinfo */ 1, /* have_pinnedpubkey */ 0, /* have_ssl_ctx */ + 0, /* support_https_proxy */ Curl_polarssl_init, /* init */ Curl_polarssl_cleanup, /* cleanup */ diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index fe7ec47b8..c65f6b394 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -1733,6 +1733,7 @@ const struct Curl_ssl Curl_ssl_schannel = { 1, /* have_certinfo */ 0, /* have_pinnedpubkey */ 0, /* have_ssl_ctx */ + 0, /* support_https_proxy */ Curl_schannel_init, /* init */ Curl_schannel_cleanup, /* cleanup */ diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index 86bb46c2a..d55328b8c 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -205,12 +205,10 @@ ssl_connect_init_proxy(struct connectdata *conn, int sockindex) DEBUGASSERT(conn->bits.proxy_ssl_connected[sockindex]); if(ssl_connection_complete == conn->ssl[sockindex].state && !conn->proxy_ssl[sockindex].use) { -#if defined(HTTPS_PROXY_SUPPORT) + if(!Curl_ssl->support_https_proxy) + return CURLE_NOT_BUILT_IN; conn->proxy_ssl[sockindex] = conn->ssl[sockindex]; memset(&conn->ssl[sockindex], 0, sizeof(conn->ssl[sockindex])); -#else - return CURLE_NOT_BUILT_IN; -#endif } return CURLE_OK; } diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h index 8b3ff05ae..de98df027 100644 --- a/lib/vtls/vtls.h +++ b/lib/vtls/vtls.h @@ -33,6 +33,8 @@ struct Curl_ssl { unsigned have_pinnedpubkey:1; /* supports CURLOPT_PINNEDPUBLICKEY */ unsigned have_ssl_ctx:1; /* supports CURLOPT_SSL_CTX_* */ + unsigned support_https_proxy:1; /* supports access via HTTPS proxies */ + int (*init)(void); void (*cleanup)(void);