[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 70/256: vtls: convert the have_curlssl_* constants
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [gnurl] 70/256: vtls: convert the have_curlssl_* constants to runtime flags |
|
Date: |
Fri, 06 Oct 2017 19:42:41 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit 937899a3b8e1124df7a66b83925349d5c9f9e5a9
Author: Johannes Schindelin <address@hidden>
AuthorDate: Tue Jun 20 11:32:53 2017 +0200
vtls: convert the have_curlssl_* constants to runtime flags
The entire idea of introducing the Curl_ssl struct to describe SSL
backends is to prepare for choosing the SSL backend at runtime.
To that end, convert all the #ifdef have_curlssl_* style conditionals
to use bit flags instead.
Signed-off-by: Johannes Schindelin <address@hidden>
---
lib/url.c | 75 ++++++++++++++++++++++++++++------------------------
lib/vtls/axtls.c | 5 ++++
lib/vtls/cyassl.c | 21 +++++++++++++++
lib/vtls/cyassl.h | 20 --------------
lib/vtls/darwinssl.c | 27 +++++++++++++++++++
lib/vtls/darwinssl.h | 19 -------------
lib/vtls/gskit.c | 5 ++++
lib/vtls/gskit.h | 3 ---
lib/vtls/gtls.c | 5 ++++
lib/vtls/gtls.h | 9 -------
lib/vtls/mbedtls.c | 5 ++++
lib/vtls/mbedtls.h | 6 -----
lib/vtls/nss.c | 5 ++++
lib/vtls/nssg.h | 9 -------
lib/vtls/openssl.c | 5 ++++
lib/vtls/openssl.h | 12 ---------
lib/vtls/polarssl.c | 5 ++++
lib/vtls/polarssl.h | 6 -----
lib/vtls/schannel.c | 5 ++++
lib/vtls/schannel.h | 3 ---
lib/vtls/vtls.h | 5 ++++
21 files changed, 134 insertions(+), 121 deletions(-)
diff --git a/lib/url.c b/lib/url.c
index 32623abe5..dd254af54 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -2179,24 +2179,26 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
TRUE : FALSE;
break;
case CURLOPT_SSL_CTX_FUNCTION:
-#ifdef have_curlssl_ssl_ctx
/*
* Set a SSL_CTX callback
*/
- data->set.ssl.fsslctx = va_arg(param, curl_ssl_ctx_callback);
-#else
- result = CURLE_NOT_BUILT_IN;
+#ifdef USE_SSL
+ if(Curl_ssl->have_ssl_ctx)
+ data->set.ssl.fsslctx = va_arg(param, curl_ssl_ctx_callback);
+ else
#endif
+ result = CURLE_NOT_BUILT_IN;
break;
case CURLOPT_SSL_CTX_DATA:
-#ifdef have_curlssl_ssl_ctx
/*
* Set a SSL_CTX callback parameter pointer
*/
- data->set.ssl.fsslctxp = va_arg(param, void *);
-#else
- result = CURLE_NOT_BUILT_IN;
+#ifdef USE_SSL
+ if(Curl_ssl->have_ssl_ctx)
+ data->set.ssl.fsslctxp = va_arg(param, void *);
+ else
#endif
+ result = CURLE_NOT_BUILT_IN;
break;
case CURLOPT_SSL_FALSESTART:
/*
@@ -2210,35 +2212,38 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
data->set.ssl.falsestart = (0 != va_arg(param, long)) ? TRUE : FALSE;
break;
case CURLOPT_CERTINFO:
-#ifdef have_curlssl_certinfo
- data->set.ssl.certinfo = (0 != va_arg(param, long)) ? TRUE : FALSE;
-#else
- result = CURLE_NOT_BUILT_IN;
+#ifdef USE_SSL
+ if(Curl_ssl->have_certinfo)
+ data->set.ssl.certinfo = (0 != va_arg(param, long)) ? TRUE : FALSE;
+ else
#endif
+ result = CURLE_NOT_BUILT_IN;
break;
case CURLOPT_PINNEDPUBLICKEY:
-#ifdef have_curlssl_pinnedpubkey /* only by supported backends */
/*
* Set pinned public key for SSL connection.
* Specify file name of the public key in DER format.
*/
- result = setstropt(&data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG],
- va_arg(param, char *));
-#else
- result = CURLE_NOT_BUILT_IN;
+#ifdef USE_SSL
+ if(Curl_ssl->have_pinnedpubkey)
+ result = setstropt(&data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG],
+ va_arg(param, char *));
+ else
#endif
+ result = CURLE_NOT_BUILT_IN;
break;
case CURLOPT_PROXY_PINNEDPUBLICKEY:
-#ifdef have_curlssl_pinnedpubkey /* only by supported backends */
/*
* Set pinned public key for SSL connection.
* Specify file name of the public key in DER format.
*/
- result = setstropt(&data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY],
- va_arg(param, char *));
-#else
- result = CURLE_NOT_BUILT_IN;
+#ifdef USE_SSL
+ if(Curl_ssl->have_pinnedpubkey)
+ result = setstropt(&data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY],
+ va_arg(param, char *));
+ else
#endif
+ result = CURLE_NOT_BUILT_IN;
break;
case CURLOPT_CAINFO:
/*
@@ -2256,30 +2261,32 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
va_arg(param, char *));
break;
case CURLOPT_CAPATH:
-#ifdef have_curlssl_ca_path /* not supported by all backends */
/*
* Set CA path info for SSL connection. Specify directory name of the CA
* certificates which have been prepared using openssl c_rehash utility.
*/
- /* This does not work on windows. */
- result = setstropt(&data->set.str[STRING_SSL_CAPATH_ORIG],
- va_arg(param, char *));
-#else
- result = CURLE_NOT_BUILT_IN;
+#ifdef USE_SSL
+ if(Curl_ssl->have_ca_path)
+ /* This does not work on windows. */
+ result = setstropt(&data->set.str[STRING_SSL_CAPATH_ORIG],
+ va_arg(param, char *));
+ else
#endif
+ result = CURLE_NOT_BUILT_IN;
break;
case CURLOPT_PROXY_CAPATH:
-#ifdef have_curlssl_ca_path /* not supported by all backends */
/*
* Set CA path info for SSL connection proxy. Specify directory name of the
* CA certificates which have been prepared using openssl c_rehash utility.
*/
- /* This does not work on windows. */
- result = setstropt(&data->set.str[STRING_SSL_CAPATH_PROXY],
- va_arg(param, char *));
-#else
- result = CURLE_NOT_BUILT_IN;
+#ifdef USE_SSL
+ if(Curl_ssl->have_ca_path)
+ /* This does not work on windows. */
+ result = setstropt(&data->set.str[STRING_SSL_CAPATH_PROXY],
+ va_arg(param, char *));
+ else
#endif
+ result = CURLE_NOT_BUILT_IN;
break;
case CURLOPT_CRLFILE:
/*
diff --git a/lib/vtls/axtls.c b/lib/vtls/axtls.c
index 3446dac44..885cbf532 100644
--- a/lib/vtls/axtls.c
+++ b/lib/vtls/axtls.c
@@ -705,6 +705,11 @@ CURLcode Curl_axtls_random(struct Curl_easy *data,
const struct Curl_ssl Curl_ssl_axtls = {
"axtls", /* name */
+ 0, /* have_ca_path */
+ 0, /* have_certinfo */
+ 0, /* have_pinnedpubkey */
+ 0, /* have_ssl_ctx */
+
Curl_axtls_init, /* init */
Curl_axtls_cleanup, /* cleanup */
Curl_axtls_version, /* version */
diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c
index 62db13c1b..7f90e913f 100644
--- a/lib/vtls/cyassl.c
+++ b/lib/vtls/cyassl.c
@@ -110,6 +110,18 @@ and that's a problem since options.h hasn't been included
yet. */
#define CYASSL_MAX_ERROR_SZ 80
#endif
+/* KEEP_PEER_CERT is a product of the presence of build time symbol
+ OPENSSL_EXTRA without NO_CERTS, depending on the version. KEEP_PEER_CERT is
+ in wolfSSL's settings.h, and the latter two are build time symbols in
+ options.h. */
+#ifndef KEEP_PEER_CERT
+#if defined(HAVE_CYASSL_GET_PEER_CERTIFICATE) || \
+ defined(HAVE_WOLFSSL_GET_PEER_CERTIFICATE) || \
+ (defined(OPENSSL_EXTRA) && !defined(NO_CERTS))
+#define KEEP_PEER_CERT
+#endif
+#endif
+
static Curl_recv cyassl_recv;
static Curl_send cyassl_send;
@@ -954,6 +966,15 @@ static void Curl_cyassl_sha256sum(const unsigned char
*tmp, /* input */
const struct Curl_ssl Curl_ssl_cyassl = {
"cyassl", /* name */
+ 0, /* have_ca_path */
+ 0, /* have_certinfo */
+#ifdef KEEP_PEER_CERT
+ 1, /* have_pinnedpubkey */
+#else
+ 0, /* have_pinnedpubkey */
+#endif
+ 1, /* have_ssl_ctx */
+
Curl_cyassl_init, /* init */
Curl_none_cleanup, /* cleanup */
Curl_cyassl_version, /* version */
diff --git a/lib/vtls/cyassl.h b/lib/vtls/cyassl.h
index abee7cf80..423fdc0bf 100644
--- a/lib/vtls/cyassl.h
+++ b/lib/vtls/cyassl.h
@@ -25,18 +25,6 @@
#ifdef USE_CYASSL
-/* KEEP_PEER_CERT is a product of the presence of build time symbol
- OPENSSL_EXTRA without NO_CERTS, depending on the version. KEEP_PEER_CERT is
- in wolfSSL's settings.h, and the latter two are build time symbols in
- options.h. */
-#ifndef KEEP_PEER_CERT
-#if defined(HAVE_CYASSL_GET_PEER_CERTIFICATE) || \
- defined(HAVE_WOLFSSL_GET_PEER_CERTIFICATE) || \
- (defined(OPENSSL_EXTRA) && !defined(NO_CERTS))
-#define KEEP_PEER_CERT
-#endif
-#endif
-
CURLcode Curl_cyassl_connect(struct connectdata *conn, int sockindex);
bool Curl_cyassl_data_pending(const struct connectdata* conn, int connindex);
int Curl_cyassl_shutdown(struct connectdata* conn, int sockindex);
@@ -60,13 +48,5 @@ extern const struct Curl_ssl Curl_ssl_cyassl;
/* Set the API backend definition to CyaSSL */
#define CURL_SSL_BACKEND CURLSSLBACKEND_CYASSL
-/* this backend supports CURLOPT_SSL_CTX_* */
-#define have_curlssl_ssl_ctx 1
-
-#ifdef KEEP_PEER_CERT
-/* this backend supports CURLOPT_PINNEDPUBLICKEY */
-#define have_curlssl_pinnedpubkey 1
-#endif
-
#endif /* USE_CYASSL */
#endif /* HEADER_CURL_CYASSL_H */
diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c
index 23be96a20..4d755d6b6 100644
--- a/lib/vtls/darwinssl.c
+++ b/lib/vtls/darwinssl.c
@@ -118,6 +118,24 @@
#define ioErr -36
#define paramErr -50
+/* pinned public key support tests */
+
+/* version 1 supports macOS 10.12+ and iOS 10+ */
+#if ((TARGET_OS_IPHONE && __IPHONE_OS_VERSION_MIN_REQUIRED >= 100000) || \
+ (!TARGET_OS_IPHONE && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101200))
+#define DARWIN_SSL_PINNEDPUBKEY_V1 1
+#endif
+
+/* version 2 supports MacOSX 10.7+ */
+#if (!TARGET_OS_IPHONE && __MAC_OS_X_VERSION_MIN_REQUIRED >= 1070)
+#define DARWIN_SSL_PINNEDPUBKEY_V2 1
+#endif
+
+#if defined(DARWIN_SSL_PINNEDPUBKEY_V1) || defined(DARWIN_SSL_PINNEDPUBKEY_V2)
+/* this backend supports CURLOPT_PINNEDPUBLICKEY */
+#define DARWIN_SSL_PINNEDPUBKEY 1
+#endif /* DARWIN_SSL_PINNEDPUBKEY */
+
#ifdef DARWIN_SSL_PINNEDPUBKEY
/* both new and old APIs return rsa keys missing the spki header (not DER) */
static const unsigned char rsa4096SpkiHeader[] = {
@@ -2860,6 +2878,15 @@ static ssize_t darwinssl_recv(struct connectdata *conn,
const struct Curl_ssl Curl_ssl_darwinssl = {
"darwinssl", /* name */
+ 0, /* have_ca_path */
+ 0, /* have_certinfo */
+#ifdef DARWIN_SSL_PINNEDPUBKEY
+ 1, /* have_pinnedpubkey */
+#else
+ 0, /* have_pinnedpubkey */
+#endif /* DARWIN_SSL_PINNEDPUBKEY */
+ 0, /* have_ssl_ctx */
+
Curl_none_init, /* init */
Curl_none_cleanup, /* cleanup */
Curl_darwinssl_version, /* version */
diff --git a/lib/vtls/darwinssl.h b/lib/vtls/darwinssl.h
index 37fe8164f..9c4611988 100644
--- a/lib/vtls/darwinssl.h
+++ b/lib/vtls/darwinssl.h
@@ -51,24 +51,5 @@ extern const struct Curl_ssl Curl_ssl_darwinssl;
/* Set the API backend definition to SecureTransport */
#define CURL_SSL_BACKEND CURLSSLBACKEND_DARWINSSL
-/* pinned public key support tests */
-
-/* version 1 supports macOS 10.12+ and iOS 10+ */
-#if ((TARGET_OS_IPHONE && __IPHONE_OS_VERSION_MIN_REQUIRED >= 100000) || \
- (!TARGET_OS_IPHONE && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101200))
-#define DARWIN_SSL_PINNEDPUBKEY_V1 1
-#endif
-
-/* version 2 supports MacOSX 10.7+ */
-#if (!TARGET_OS_IPHONE && __MAC_OS_X_VERSION_MIN_REQUIRED >= 1070)
-#define DARWIN_SSL_PINNEDPUBKEY_V2 1
-#endif
-
-#if defined(DARWIN_SSL_PINNEDPUBKEY_V1) || defined(DARWIN_SSL_PINNEDPUBKEY_V2)
-/* this backend supports CURLOPT_PINNEDPUBLICKEY */
-#define DARWIN_SSL_PINNEDPUBKEY 1
-#define have_curlssl_pinnedpubkey 1
-#endif /* DARWIN_SSL_PINNEDPUBKEY */
-
#endif /* USE_DARWINSSL */
#endif /* HEADER_CURL_DARWINSSL_H */
diff --git a/lib/vtls/gskit.c b/lib/vtls/gskit.c
index d82f658fd..dc24f044b 100644
--- a/lib/vtls/gskit.c
+++ b/lib/vtls/gskit.c
@@ -1337,6 +1337,11 @@ int Curl_gskit_check_cxn(struct connectdata *cxn)
const struct Curl_ssl Curl_ssl_gskit = {
"gskit", /* name */
+ 0, /* have_ca_path */
+ 1, /* have_certinfo */
+ 0, /* have_pinnedpubkey */
+ 0, /* have_ssl_ctx */
+
Curl_gskit_init, /* init */
Curl_gskit_cleanup, /* cleanup */
Curl_gskit_version, /* version */
diff --git a/lib/vtls/gskit.h b/lib/vtls/gskit.h
index 42856d329..f2f5eb89a 100644
--- a/lib/vtls/gskit.h
+++ b/lib/vtls/gskit.h
@@ -49,9 +49,6 @@ extern const struct Curl_ssl Curl_ssl_gskit;
/* Set the API backend definition to GSKit */
#define CURL_SSL_BACKEND CURLSSLBACKEND_GSKIT
-/* this backend supports CURLOPT_CERTINFO */
-#define have_curlssl_certinfo 1
-
#endif /* USE_GSKIT */
#endif /* HEADER_CURL_GSKIT_H */
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index 3105a4b13..fbbcdf334 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -1789,6 +1789,11 @@ bool Curl_gtls_cert_status_request(void)
const struct Curl_ssl Curl_ssl_gnutls = {
"gnutls", /* name */
+ 1, /* have_ca_path */
+ 1, /* have_certinfo */
+ 1, /* have_pinnedpubkey */
+ 0, /* have_ssl_ctx */
+
Curl_gtls_init, /* init */
Curl_gtls_cleanup, /* cleanup */
Curl_gtls_version, /* version */
diff --git a/lib/vtls/gtls.h b/lib/vtls/gtls.h
index 05bd834f2..d393b889d 100644
--- a/lib/vtls/gtls.h
+++ b/lib/vtls/gtls.h
@@ -57,14 +57,5 @@ extern const struct Curl_ssl Curl_ssl_gnutls;
/* Set the API backend definition to GnuTLS */
#define CURL_SSL_BACKEND CURLSSLBACKEND_GNUTLS
-/* this backend supports the CAPATH option */
-#define have_curlssl_ca_path 1
-
-/* this backend supports CURLOPT_CERTINFO */
-#define have_curlssl_certinfo 1
-
-/* this backend supports CURLOPT_PINNEDPUBLICKEY */
-#define have_curlssl_pinnedpubkey 1
-
#endif /* USE_GNUTLS */
#endif /* HEADER_CURL_GTLS_H */
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index 0ab471306..c925ea93c 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -1018,6 +1018,11 @@ static void Curl_mbedtls_sha256sum(const unsigned char
*input,
const struct Curl_ssl Curl_ssl_mbedtls = {
"mbedtls", /* name */
+ 0, /* have_ca_path */
+ 0, /* have_certinfo */
+ 1, /* have_pinnedpubkey */
+ 1, /* have_ssl_ctx */
+
Curl_mbedtls_init, /* init */
Curl_mbedtls_cleanup, /* cleanup */
Curl_mbedtls_version, /* version */
diff --git a/lib/vtls/mbedtls.h b/lib/vtls/mbedtls.h
index 39e64c350..aaf84bd54 100644
--- a/lib/vtls/mbedtls.h
+++ b/lib/vtls/mbedtls.h
@@ -51,12 +51,6 @@ int Curl_mbedtls_shutdown(struct connectdata *conn, int
sockindex);
CURLcode Curl_mbedtls_random(struct Curl_easy *data, unsigned char *entropy,
size_t length);
-/* this backends supports CURLOPT_PINNEDPUBLICKEY */
-#define have_curlssl_pinnedpubkey 1
-
-/* this backend supports CURLOPT_SSL_CTX_* */
-#define have_curlssl_ssl_ctx 1
-
extern const struct Curl_ssl Curl_ssl_mbedtls;
#define CURL_SSL_BACKEND CURLSSLBACKEND_MBEDTLS
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index 603601b55..ff338940c 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -2327,6 +2327,11 @@ bool Curl_nss_false_start(void)
const struct Curl_ssl Curl_ssl_nss = {
"nss", /* name */
+ 1, /* have_ca_path */
+ 1, /* have_certinfo */
+ 1, /* have_pinnedpubkey */
+ 0, /* have_ssl_ctx */
+
Curl_nss_init, /* init */
Curl_nss_cleanup, /* cleanup */
Curl_nss_version, /* version */
diff --git a/lib/vtls/nssg.h b/lib/vtls/nssg.h
index 37c4b5b71..222c6e28e 100644
--- a/lib/vtls/nssg.h
+++ b/lib/vtls/nssg.h
@@ -64,14 +64,5 @@ extern const struct Curl_ssl Curl_ssl_nss;
/* Set the API backend definition to NSS */
#define CURL_SSL_BACKEND CURLSSLBACKEND_NSS
-/* this backend supports the CAPATH option */
-#define have_curlssl_ca_path 1
-
-/* this backend supports CURLOPT_CERTINFO */
-#define have_curlssl_certinfo 1
-
-/* this backends supports CURLOPT_PINNEDPUBLICKEY */
-#define have_curlssl_pinnedpubkey 1
-
#endif /* USE_NSS */
#endif /* HEADER_CURL_NSSG_H */
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index eeecd9da6..7376588c3 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -3390,6 +3390,11 @@ bool Curl_ossl_cert_status_request(void)
const struct Curl_ssl Curl_ssl_openssl = {
"openssl", /* name */
+ 1, /* have_ca_path */
+ 1, /* have_certinfo */
+ 1, /* have_pinnedpubkey */
+ 1, /* have_ssl_ctx */
+
Curl_ossl_init, /* init */
Curl_ossl_cleanup, /* cleanup */
Curl_ossl_version, /* version */
diff --git a/lib/vtls/openssl.h b/lib/vtls/openssl.h
index 8e14f4549..c17dff284 100644
--- a/lib/vtls/openssl.h
+++ b/lib/vtls/openssl.h
@@ -79,18 +79,6 @@ extern const struct Curl_ssl Curl_ssl_openssl;
/* Set the API backend definition to OpenSSL */
#define CURL_SSL_BACKEND CURLSSLBACKEND_OPENSSL
-/* this backend supports the CAPATH option */
-#define have_curlssl_ca_path 1
-
-/* this backend supports CURLOPT_CERTINFO */
-#define have_curlssl_certinfo 1
-
-/* this backend supports CURLOPT_SSL_CTX_* */
-#define have_curlssl_ssl_ctx 1
-
-/* this backend supports CURLOPT_PINNEDPUBLICKEY */
-#define have_curlssl_pinnedpubkey 1
-
#define DEFAULT_CIPHER_SELECTION \
"ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH"
diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c
index 5b48945a6..4d8db72d8 100644
--- a/lib/vtls/polarssl.c
+++ b/lib/vtls/polarssl.c
@@ -881,6 +881,11 @@ static void Curl_polarssl_sha256sum(const unsigned char
*input,
const struct Curl_ssl Curl_ssl_polarssl = {
"polarssl", /* name */
+ 1, /* have_ca_path */
+ 0, /* have_certinfo */
+ 1, /* have_pinnedpubkey */
+ 0, /* have_ssl_ctx */
+
Curl_polarssl_init, /* init */
Curl_polarssl_cleanup, /* cleanup */
Curl_polarssl_version, /* version */
diff --git a/lib/vtls/polarssl.h b/lib/vtls/polarssl.h
index 7109fe5ba..b2560ddb1 100644
--- a/lib/vtls/polarssl.h
+++ b/lib/vtls/polarssl.h
@@ -50,11 +50,5 @@ extern const struct Curl_ssl Curl_ssl_polarssl;
/* Set the API backend definition to PolarSSL */
#define CURL_SSL_BACKEND CURLSSLBACKEND_POLARSSL
-/* this backend supports the CAPATH option */
-#define have_curlssl_ca_path 1
-
-/* this backends supports CURLOPT_PINNEDPUBLICKEY */
-#define have_curlssl_pinnedpubkey 1
-
#endif /* USE_POLARSSL */
#endif /* HEADER_CURL_POLARSSL_H */
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index 6ee707b0d..fe7ec47b8 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -1729,6 +1729,11 @@ static CURLcode verify_certificate(struct connectdata
*conn, int sockindex)
const struct Curl_ssl Curl_ssl_schannel = {
"schannel", /* name */
+ 0, /* have_ca_path */
+ 1, /* have_certinfo */
+ 0, /* have_pinnedpubkey */
+ 0, /* have_ssl_ctx */
+
Curl_schannel_init, /* init */
Curl_schannel_cleanup, /* cleanup */
Curl_schannel_version, /* version */
diff --git a/lib/vtls/schannel.h b/lib/vtls/schannel.h
index 1314445c0..aaf253a6b 100644
--- a/lib/vtls/schannel.h
+++ b/lib/vtls/schannel.h
@@ -100,8 +100,5 @@ extern const struct Curl_ssl Curl_ssl_schannel;
/* Set the API backend definition to Schannel */
#define CURL_SSL_BACKEND CURLSSLBACKEND_SCHANNEL
-/* this backend supports CURLOPT_CERTINFO */
-#define have_curlssl_certinfo 1
-
#endif /* USE_SCHANNEL */
#endif /* HEADER_CURL_SCHANNEL_H */
diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h
index d42422d11..8b3ff05ae 100644
--- a/lib/vtls/vtls.h
+++ b/lib/vtls/vtls.h
@@ -28,6 +28,11 @@ struct connectdata;
struct Curl_ssl {
const char *name;
+ unsigned have_ca_path:1; /* supports CAPATH */
+ unsigned have_certinfo:1; /* supports CURLOPT_CERTINFO */
+ unsigned have_pinnedpubkey:1; /* supports CURLOPT_PINNEDPUBLICKEY */
+ unsigned have_ssl_ctx:1; /* supports CURLOPT_SSL_CTX_* */
+
int (*init)(void);
void (*cleanup)(void);
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 119/256: http: fix a memory leakage in checkrtspprefix()., (continued)
- [GNUnet-SVN] [gnurl] 119/256: http: fix a memory leakage in checkrtspprefix()., gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 112/256: curl_global_sslset.3: show the struct and enum too, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 123/256: runtests.pl: allow <file[1-4]> tags in client section., gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 95/256: asyn-thread: Set errno to the proper value ENOMEM in OOM situation, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 114/256: strcase: corrected comment header for Curl_strcasecompare(), gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 151/256: openssl: use OpenSSL's default ciphers by default, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 156/256: runtests.pl: support attribute "nonewline" in part verify/upload., gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 66/256: vtls: declare Curl_ssl structs for every SSL backend, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 36/256: scripts/contri*sh: use "git log --use-mailmap", gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 141/256: test1135: fixed after bd8070085f9, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 70/256: vtls: convert the have_curlssl_* constants to runtime flags,
gnunet <=
- [GNUnet-SVN] [gnurl] 104/256: curl_global_sslset.3: clarify, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 118/256: ossfuzz: Move to C++ for curl_fuzzer., gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 129/256: mime: fix some implicit curl_off_t --> size_t conversion warnings., gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 106/256: makefile.m32: add multissl support, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 85/256: vtls: refactor out essential information about the SSL backends, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 148/256: configure: add MultiSSL to FEATURES when enabled, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 211/256: RELEASE-NOTES: synced with 5fe85587c, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 99/256: asyn-thread: Fixed cleanup after OOM, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 109/256: polarssl: fix multissl breakage, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 84/256: vtls: allow selecting which SSL backend to use at runtime, gnunet, 2017/10/06