[GNUnet-SVN] [gnurl] 86/256: vtls: introduce curl_global

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] [gnurl] 86/256: vtls: introduce curl_global_sslset()

From:	gnunet
Subject:	[GNUnet-SVN] [gnurl] 86/256: vtls: introduce curl_global_sslset()
Date:	Fri, 06 Oct 2017 19:42:57 +0200

This is an automated email from the git hooks/post-receive script.

ng0 pushed a commit to branch master
in repository gnurl.

commit 1328f69d53f2f2e937696ea954c480412b018451
Author: Johannes Schindelin <address@hidden>
AuthorDate: Fri Jul 7 11:49:08 2017 +0200

    vtls: introduce curl_global_sslset()
    
    Let's add a compile time safe API to select an SSL backend. This
    function needs to be called *before* curl_global_init(), and can be
    called only once.
    
    Side note: we do not explicitly test that it is called before
    curl_global_init(), but we do verify that it is not called multiple times
    (even implicitly).
    
    If SSL is used before the function was called, it will use whatever the
    CURL_SSL_BACKEND environment variable says (or default to the first
    available SSL backend), and if a subsequent call to
    curl_global_sslset() disagrees with the previous choice, it will fail
    with CURLSSLSET_TOO_LATE.
    
    The function also accepts an "avail" parameter to point to a (read-only)
    NULL-terminated list of available backends. This comes in real handy if
    an application wants to let the user choose between whatever SSL backends
    the currently available libcurl has to offer: simply call
    
            curl_global_sslset(-1, NULL, &avail);
    
    which will return CURLSSLSET_UNKNOWN_BACKEND and populate the avail
    variable to point to the relevant information to present to the user.
    
    Just like with the HTTP/2 push functions, we have to add the function
    declaration of curl_global_sslset() function to the header file
    *multi.h* because VMS and OS/400 require a stable order of functions
    declared in include/curl/*.h (where the header files are sorted
    alphabetically). This looks a bit funny, but it cannot be helped.
    
    Signed-off-by: Johannes Schindelin <address@hidden>
---
 docs/libcurl/symbols-in-versions |  3 +++
 include/curl/curl.h              |  5 -----
 include/curl/multi.h             | 44 ++++++++++++++++++++++++++++++++++++++++
 lib/vtls/vtls.c                  | 43 +++++++++++++++++++++++++++++++--------
 tests/data/test1135              |  1 +
 5 files changed, 82 insertions(+), 14 deletions(-)

diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions
index d3a2ff886..b9fdfe2a0 100644
--- a/docs/libcurl/symbols-in-versions
+++ b/docs/libcurl/symbols-in-versions
@@ -690,6 +690,9 @@ CURLSSLBACKEND_SCHANNEL         7.34.0
 CURLSSLBACKEND_WOLFSSL          7.49.0
 CURLSSLOPT_ALLOW_BEAST          7.25.0
 CURLSSLOPT_NO_REVOKE            7.44.0
+CURLSSLSET_OK                   7.56.0
+CURLSSLSET_UNKNOWN_BACKEND      7.56.0
+CURLSSLSET_TOO_LATE             7.56.0
 CURLUSESSL_ALL                  7.17.0
 CURLUSESSL_CONTROL              7.17.0
 CURLUSESSL_NONE                 7.17.0
diff --git a/include/curl/curl.h b/include/curl/curl.h
index 146044398..3936d1e43 100644
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@@ -2540,11 +2540,6 @@ CURL_EXTERN CURLcode curl_easy_pause(CURL *handle, int 
bitmask);
 #define CURLPAUSE_ALL       (CURLPAUSE_RECV|CURLPAUSE_SEND)
 #define CURLPAUSE_CONT      (CURLPAUSE_RECV_CONT|CURLPAUSE_SEND_CONT)
 
-typedef struct {
-  curl_sslbackend id;
-  const char *name;
-} curl_ssl_backend;
-
 #ifdef  __cplusplus
 }
 #endif
diff --git a/include/curl/multi.h b/include/curl/multi.h
index f93e511be..c7c048a05 100644
--- a/include/curl/multi.h
+++ b/include/curl/multi.h
@@ -432,6 +432,50 @@ typedef int (*curl_push_callback)(CURL *parent,
                                   struct curl_pushheaders *headers,
                                   void *userp);
 
+/*
+ * NAME curl_global_sslset()
+ *
+ * DESCRIPTION
+ *
+ * When built with multiple SSL backends, curl_global_sslset() allows to
+ * choose one. This function can only be called once, and it must be called
+ * *before* curl_global_init().
+ *
+ * The backend can be identified by the id (e.g. CURLSSLBACKEND_OPENSSL). The
+ * backend can also be specified via the name parameter (passing -1 as id).
+ * If both id and name are specified, the name will be ignored. If neither id
+ * nor name are specified, the function will fail with
+ * CURLSSLSET_UNKNOWN_BACKEND and set the "avail" pointer to the
+ * NULL-terminated list of available backends.
+ *
+ * Upon success, the function returns CURLSSLSET_OK.
+ *
+ * If the specified SSL backend is not available, the function returns
+ * CURLSSLSET_UNKNOWN_BACKEND and sets the "avail" pointer to a NULL-terminated
+ * list of available SSL backends.
+ *
+ * The SSL backend can be set only once. If it has already been set, a
+ * subsequent attempt to change it will result in a CURLSSLSET_TOO_LATE.
+ */
+
+typedef struct {
+  curl_sslbackend id;
+  const char *name;
+} curl_ssl_backend;
+
+typedef enum {
+  CURLSSLSET_OK = 0,
+  CURLSSLSET_UNKNOWN_BACKEND,
+  CURLSSLSET_TOO_LATE
+} CURLsslset;
+
+CURL_EXTERN CURLsslset curl_global_sslset(curl_sslbackend id, const char *name,
+                                          const curl_ssl_backend ***avail);
+
+#ifdef  __cplusplus
+}
+#endif
+
 #ifdef __cplusplus
 } /* end of extern "C" */
 #endif
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index b149d40cf..5d125141f 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -131,13 +131,13 @@ void Curl_free_primary_ssl_config(struct 
ssl_primary_config* sslc)
 }
 
 #ifdef USE_SSL
-static int multissl_init(void);
+static int multissl_init(const struct Curl_ssl *backend);
 #endif
 
 int Curl_ssl_backend(void)
 {
 #ifdef USE_SSL
-  multissl_init();
+  multissl_init(NULL);
   return Curl_ssl->info.id;
 #else
   return (int)CURLSSLBACKEND_NONE;
@@ -1056,21 +1056,21 @@ CURLcode Curl_none_md5sum(unsigned char *input, size_t 
inputlen,
 
 static int Curl_multissl_init(void)
 {
-  if(multissl_init())
+  if(multissl_init(NULL))
     return 1;
   return Curl_ssl->init();
 }
 
 static size_t Curl_multissl_version(char *buffer, size_t size)
 {
-  if(multissl_init())
+  if(multissl_init(NULL))
     return 0;
   return Curl_ssl->version(buffer, size);
 }
 
 static CURLcode Curl_multissl_connect(struct connectdata *conn, int sockindex)
 {
-  if(multissl_init())
+  if(multissl_init(NULL))
     return CURLE_FAILED_INIT;
   return Curl_ssl->connect(conn, sockindex);
 }
@@ -1078,7 +1078,7 @@ static CURLcode Curl_multissl_connect(struct connectdata 
*conn, int sockindex)
 static CURLcode Curl_multissl_connect_nonblocking(struct connectdata *conn,
                                                   int sockindex, bool *done)
 {
-  if(multissl_init())
+  if(multissl_init(NULL))
     return CURLE_FAILED_INIT;
   return Curl_ssl->connect_nonblocking(conn, sockindex, done);
 }
@@ -1086,14 +1086,14 @@ static CURLcode 
Curl_multissl_connect_nonblocking(struct connectdata *conn,
 static void *Curl_multissl_get_internals(struct ssl_connect_data *connssl,
                                          CURLINFO info)
 {
-  if(multissl_init())
+  if(multissl_init(NULL))
     return NULL;
   return Curl_ssl->get_internals(connssl, info);
 }
 
 static void Curl_multissl_close(struct connectdata *conn, int sockindex)
 {
-  if(multissl_init())
+  if(multissl_init(NULL))
     return;
   Curl_ssl->close(conn, sockindex);
 }
@@ -1167,7 +1167,7 @@ static const struct Curl_ssl *available_backends[] = {
   NULL
 };
 
-static int multissl_init(void)
+static int multissl_init(const struct Curl_ssl *backend)
 {
   const char *env;
   int i;
@@ -1175,6 +1175,11 @@ static int multissl_init(void)
   if(Curl_ssl != &Curl_ssl_multi)
     return 1;
 
+  if(backend) {
+    Curl_ssl = backend;
+    return 0;
+  }
+
   if(!available_backends[0])
     return 1;
 
@@ -1191,4 +1196,24 @@ static int multissl_init(void)
   return 0;
 }
 
+CURLsslset curl_global_sslset(curl_sslbackend id, const char *name,
+                              const curl_ssl_backend ***avail)
+{
+  int i;
+
+  if(Curl_ssl != &Curl_ssl_multi)
+    return id == Curl_ssl->info.id ? CURLSSLSET_OK : CURLSSLSET_TOO_LATE;
+
+  for(i = 0; available_backends[i]; i++)
+    if(available_backends[i]->info.id == id ||
+       (name && !strcmp(available_backends[i]->info.name, name))) {
+      multissl_init(available_backends[i]);
+      return CURLSSLSET_OK;
+    }
+
+  if(avail)
+    *avail = (const curl_ssl_backend **)&available_backends;
+  return CURLSSLSET_UNKNOWN_BACKEND;
+}
+
 #endif /* USE_SSL */
diff --git a/tests/data/test1135 b/tests/data/test1135
index f7c6a7ae2..fb0a4e0c1 100644
--- a/tests/data/test1135
+++ b/tests/data/test1135
@@ -89,6 +89,7 @@ CURL_EXTERN CURLMcode curl_multi_setopt(CURLM *multi_handle,
 CURL_EXTERN CURLMcode curl_multi_assign(CURLM *multi_handle,
 CURL_EXTERN char *curl_pushheader_bynum(struct curl_pushheaders *h,
 CURL_EXTERN char *curl_pushheader_byname(struct curl_pushheaders *h,
+CURL_EXTERN CURLsslset curl_global_sslset(curl_sslbackend id, const char *name,
 </stdout>
 </verify>
 

-- 
To stop receiving notification emails like this one, please contact
address@hidden

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-SVN] [gnurl] 92/256: vtls: use Curl_ssl_multi pseudo backend only when needed, (continued)
- [GNUnet-SVN] [gnurl] 92/256: vtls: use Curl_ssl_multi pseudo backend only when needed, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 83/256: vtls: fold the backend ID into the Curl_ssl structure, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 68/256: vtls: move md5sum into the Curl_ssl struct, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 45/256: tool_main: turn off MinGW CRT's globbing, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 25/256: system.h: remove all CURL_SIZEOF_* defines, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 96/256: asyn-thread: Improved cleanup after OOM situations, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 42/256: cmake: enable picky compiler options with clang and gcc, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 76/256: vtls: move SSL backends' private constants out of their header files, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 97/256: unit1606: Fixed shadowed variable warning, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 65/256: vtls: introduce a new struct for SSL backends, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 86/256: vtls: introduce curl_global_sslset(), gnunet <=
- [GNUnet-SVN] [gnurl] 105/256: curl.h: CURLSSLBACKEND_WOLFSSL used wrong value, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 77/256: getinfo: access SSL internals via Curl_ssl, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 87/256: Add a man page for curl_global_sslset(), gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 103/256: curl/multi.h: remove duplicated closing c++ brace, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 43/256: config-win32: define SIZEOF_LONG, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 94/256: configure: Handle "MultiSSL" specially When versioning symbols, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 57/256: tests: Make sure libtests & unittests call curl_global_cleanup(), gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 67/256: vtls: use the Curl_ssl struct to access all SSL backends' functionality, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 20/256: ssh: add the ability to enable compression (for SCP/SFTP), gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 79/256: urldata.h: move SSPI-specific #include to correct location, gnunet, 2017/10/06

Prev by Date: [GNUnet-SVN] [gnurl] 65/256: vtls: introduce a new struct for SSL backends
Next by Date: [GNUnet-SVN] [gnurl] 105/256: curl.h: CURLSSLBACKEND_WOLFSSL used wrong value
Previous by thread: [GNUnet-SVN] [gnurl] 65/256: vtls: introduce a new struct for SSL backends
Next by thread: [GNUnet-SVN] [gnurl] 105/256: curl.h: CURLSSLBACKEND_WOLFSSL used wrong value
Index(es):
- Date
- Thread