[libmicrohttpd] branch master updated: Added support for ALPN protocols

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libmicrohttpd] branch master updated: Added support for ALPN protocols

From:	gnunet
Subject:	[libmicrohttpd] branch master updated: Added support for ALPN protocols list for TLS connections
Date:	Mon, 19 Apr 2021 17:42:45 +0200

This is an automated email from the git hooks/post-receive script.

karlson2k pushed a commit to branch master
in repository libmicrohttpd.

The following commit(s) were added to refs/heads/master by this push:
     new 4e8f86a6 Added support for ALPN protocols list for TLS connections
4e8f86a6 is described below

commit 4e8f86a655a7d786bdce3f1330fd8fa083df8dfe
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
AuthorDate: Mon Apr 19 18:39:56 2021 +0300

    Added support for ALPN protocols list for TLS connections
---
 src/include/microhttpd.h  | 13 +++++++++++--
 src/microhttpd/daemon.c   | 38 ++++++++++++++++++++++++++++++++++++++
 src/microhttpd/internal.h |  7 ++++++-
 3 files changed, 55 insertions(+), 3 deletions(-)

diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h
index 5eda9845..5211d354 100644
--- a/src/include/microhttpd.h
+++ b/src/include/microhttpd.h
@@ -135,7 +135,7 @@ typedef intptr_t ssize_t;
  * they are parsed as decimal numbers.
  * Example: 0x01093001 = 1.9.30-1.
  */
-#define MHD_VERSION 0x00097206
+#define MHD_VERSION 0x00097207
 
 /**
  * Operational results from MHD calls.
@@ -1743,7 +1743,16 @@ enum MHD_OPTION
    * This option should be followed by an `int` argument.
    * @note Available since #MHD_VERSION 0x00097205
    */
-  MHD_OPTION_SIGPIPE_HANDLED_BY_APP = 33
+  MHD_OPTION_SIGPIPE_HANDLED_BY_APP = 33,
+
+  /**
+   * If followed by 'int' with value '1' disables usage of ALPN for TLS
+   * connections even if supported by TLS library.
+   * Valid only for daemons with #MHD_USE_TLS.
+   * This option should be followed by an `int` argument.
+   * @note Available since #MHD_VERSION 0x00097207
+   */
+  MHD_OPTION_TLS_NO_ALPN = 34
 };
 
 
diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c
index 8d721203..0ce0a242 100644
--- a/src/microhttpd/daemon.c
+++ b/src/microhttpd/daemon.c
@@ -2550,6 +2550,32 @@ new_connection_prepare_ (struct MHD_Daemon *daemon,
 #endif
       return NULL;
     }
+#if (GNUTLS_VERSION_NUMBER + 0 >= 0x030200)
+    if (!daemon->disable_alpn)
+    {
+      gnutls_datum_t prts[2];
+      const char prt1[] = "http/1.1";
+      const char prt2[] = "http/1.0";
+
+      prts[0].data = (void*) prt1;
+      prts[0].size = MHD_STATICSTR_LEN_ (prt1);
+      prts[1].data = (void*) prt2;
+      prts[1].size = MHD_STATICSTR_LEN_ (prt2);
+      if (GNUTLS_E_SUCCESS !=
+          gnutls_alpn_set_protocols(connection->tls_session,
+                                    prts,
+                                    sizeof(prts) / sizeof(prts[0]),
+                                    0 /* || GNUTLS_ALPN_SERVER_PRECEDENCE */))
+      {
+#ifdef HAVE_MESSAGES
+        MHD_DLOG (daemon,
+                  _ ("Failed to set ALPN protocols.\n"));
+#else  /* ! HAVE_MESSAGES */
+        (void) 0; /* Mute compiler warning */
+#endif /* ! HAVE_MESSAGES */
+      }
+    }
+#endif /* GNUTLS_VERSION_NUMBER >= 0x030200 */
     gnutls_session_set_ptr (connection->tls_session,
                             connection);
     switch (daemon->cred_type)
@@ -5963,6 +5989,7 @@ parse_options_va (struct MHD_Daemon *daemon,
         /* all options taking 'int' */
         case MHD_OPTION_STRICT_FOR_CLIENT:
         case MHD_OPTION_SIGPIPE_HANDLED_BY_APP:
+        case MHD_OPTION_TLS_NO_ALPN:
           if (MHD_NO == parse_options (daemon,
                                        servaddr,
                                        opt,
@@ -6051,6 +6078,17 @@ parse_options_va (struct MHD_Daemon *daemon,
                        int);
       }
       break;
+    case MHD_OPTION_TLS_NO_ALPN:
+      daemon->disable_alpn = (va_arg (ap,
+                                      int) != 0);
+#ifdef HAVE_MESSAGES
+      if (0 == (daemon->options & MHD_USE_TLS))
+        MHD_DLOG (daemon,
+                  _ ("MHD HTTPS option %d passed to MHD " \
+                     "but MHD_USE_TLS not set.\n"),
+                  (int) opt);
+#endif /* HAVE_MESSAGES */
+      break;
     default:
 #ifdef HAVE_MESSAGES
       if ( ( (opt >= MHD_OPTION_HTTPS_MEM_KEY) &&
diff --git a/src/microhttpd/internal.h b/src/microhttpd/internal.h
index fe71e9ab..f660dff1 100644
--- a/src/microhttpd/internal.h
+++ b/src/microhttpd/internal.h
@@ -1889,7 +1889,12 @@ struct MHD_Daemon
    */
   bool have_dhparams;
 
-#endif /* HTTPS_SUPPORT */
+  /**
+   * true if ALPN is disabled.
+   */
+  bool disable_alpn;
+
+  #endif /* HTTPS_SUPPORT */
 
 #ifdef DAUTH_SUPPORT
 

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[libmicrohttpd] branch master updated: Added support for ALPN protocols list for TLS connections, gnunet <=

Prev by Date: [taler-merchant] branch master updated: updating infinite stock product
Next by Date: [taler-merchant] branch master updated: fix infinite supply handling: Database can only represent INT64_MAX, not UINT64_MAX
Previous by thread: [taler-merchant] branch master updated: updating infinite stock product
Next by thread: [taler-merchant] branch master updated: fix infinite supply handling: Database can only represent INT64_MAX, not UINT64_MAX
Index(es):
- Date
- Thread