vtls: move the SUPPORT_HTTPS_PROXY flag into the Curl_ssl struct

That will allow us to choose the SSL backend at runtime. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
author: Johannes Schindelin <johannes.schindelin@gmx.de> 2017-06-26 18:05:38 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2017-08-28 14:56:56 +0200
commit: f0b4db1ab0f803fdad576d77220434d04651db76 (patch)
tree: 0a7aaa97f79e184999d8bd7e8eb28e7fe4b3ad64
parent: 937899a3b8e1124df7a66b83925349d5c9f9e5a9 (diff)
download: curl-f0b4db1ab0f803fdad576d77220434d04651db76.tar.gz
18 files changed, 27 insertions, 25 deletions
diff --git a/lib/url.c b/lib/url.c
index dd254af54..6d6a56e1f 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -5082,13 +5082,14 @@ static CURLcode parse_proxy(struct Curl_easy *data,
   else
     proxyptr = proxy; /* No xxx:// head: It's a HTTP proxy */
 
-#ifndef HTTPS_PROXY_SUPPORT
-  if(proxytype == CURLPROXY_HTTPS) {
-    failf(data, "Unsupported proxy \'%s\'"
-                ", libcurl is built without the HTTPS-proxy support.", proxy);
-    return CURLE_NOT_BUILT_IN;
-  }
+#ifdef USE_SSL
+  if(!Curl_ssl->support_https_proxy)
 #endif
+    if(proxytype == CURLPROXY_HTTPS) {
+      failf(data, "Unsupported proxy \'%s\', libcurl is built without the "
+                  "HTTPS-proxy support.", proxy);
+      return CURLE_NOT_BUILT_IN;
+    }
 
   sockstype = proxytype == CURLPROXY_SOCKS5_HOSTNAME ||
               proxytype == CURLPROXY_SOCKS5 ||
diff --git a/lib/version.c b/lib/version.c
index 3d1776813..b1959dee1 100644
--- a/lib/version.c
+++ b/lib/version.c
@@ -324,9 +324,6 @@ static curl_version_info_data version_info = {
 #if defined(USE_LIBPSL)
   | CURL_VERSION_PSL
 #endif
-#if defined(HTTPS_PROXY_SUPPORT)
-  | CURL_VERSION_HTTPS_PROXY
-#endif
   ,
   NULL, /* ssl_version */
   0,    /* ssl_version_num, this is kept at zero */
@@ -355,6 +352,10 @@ curl_version_info_data *curl_version_info(CURLversion stamp)
 #ifdef USE_SSL
   Curl_ssl_version(ssl_buffer, sizeof(ssl_buffer));
   version_info.ssl_version = ssl_buffer;
+  if(Curl_ssl->support_https_proxy)
+    version_info.features |= CURL_VERSION_HTTPS_PROXY;
+  else
+    version_info.features &= ~CURL_VERSION_HTTPS_PROXY;
 #endif
 
 #ifdef HAVE_LIBZ
diff --git a/lib/vtls/axtls.c b/lib/vtls/axtls.c
index 885cbf532..12c3a4fff 100644
--- a/lib/vtls/axtls.c
+++ b/lib/vtls/axtls.c
@@ -709,6 +709,7 @@ const struct Curl_ssl Curl_ssl_axtls = {
   0, /* have_certinfo */
   0, /* have_pinnedpubkey */
   0, /* have_ssl_ctx */
+  0, /* support_https_proxy */
 
   Curl_axtls_init,                /* init */
   Curl_axtls_cleanup,             /* cleanup */
diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c
index 7f90e913f..59aa1d5b2 100644
--- a/lib/vtls/cyassl.c
+++ b/lib/vtls/cyassl.c
@@ -974,6 +974,7 @@ const struct Curl_ssl Curl_ssl_cyassl = {
   0, /* have_pinnedpubkey */
 #endif
   1, /* have_ssl_ctx */
+  0, /* support_https_proxy */
 
   Curl_cyassl_init,                /* init */
   Curl_none_cleanup,               /* cleanup */
diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c
index 4d755d6b6..076ee293c 100644
--- a/lib/vtls/darwinssl.c
+++ b/lib/vtls/darwinssl.c
@@ -2886,6 +2886,7 @@ const struct Curl_ssl Curl_ssl_darwinssl = {
   0, /* have_pinnedpubkey */
 #endif /* DARWIN_SSL_PINNEDPUBKEY */
   0, /* have_ssl_ctx */
+  0, /* support_https_proxy */
 
   Curl_none_init,                     /* init */
   Curl_none_cleanup,                  /* cleanup */
diff --git a/lib/vtls/gskit.c b/lib/vtls/gskit.c
index dc24f044b..fc73cf289 100644
--- a/lib/vtls/gskit.c
+++ b/lib/vtls/gskit.c
@@ -1341,6 +1341,9 @@ const struct Curl_ssl Curl_ssl_gskit = {
   1, /* have_certinfo */
   0, /* have_pinnedpubkey */
   0, /* have_ssl_ctx */
+  /* TODO: convert to 1 and fix test #1014 (if need) */
+  0, /* support_https_proxy */
+
 
   Curl_gskit_init,                /* init */
   Curl_gskit_cleanup,             /* cleanup */
diff --git a/lib/vtls/gskit.h b/lib/vtls/gskit.h
index f2f5eb89a..c8a2810e5 100644
--- a/lib/vtls/gskit.h
+++ b/lib/vtls/gskit.h
@@ -41,9 +41,6 @@ int Curl_gskit_shutdown(struct connectdata *conn, int sockindex);
 size_t Curl_gskit_version(char *buffer, size_t size);
 int Curl_gskit_check_cxn(struct connectdata *cxn);
 
-/* Support HTTPS-proxy */
-/* TODO: add '#define HTTPS_PROXY_SUPPORT 1' and fix test #1014 (if need) */
-
 extern const struct Curl_ssl Curl_ssl_gskit;
 
 /* Set the API backend definition to GSKit */
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index fbbcdf334..493520a62 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -1793,6 +1793,7 @@ const struct Curl_ssl Curl_ssl_gnutls = {
   1, /* have_certinfo */
   1, /* have_pinnedpubkey */
   0, /* have_ssl_ctx */
+  1, /* support_https_proxy */
 
   Curl_gtls_init,                /* init */
   Curl_gtls_cleanup,             /* cleanup */
diff --git a/lib/vtls/gtls.h b/lib/vtls/gtls.h
index d393b889d..f51cd70cf 100644
--- a/lib/vtls/gtls.h
+++ b/lib/vtls/gtls.h
@@ -49,9 +49,6 @@ CURLcode Curl_gtls_random(struct Curl_easy *data,
 
 bool Curl_gtls_cert_status_request(void);
 
-/* Support HTTPS-proxy */
-#define HTTPS_PROXY_SUPPORT 1
-
 extern const struct Curl_ssl Curl_ssl_gnutls;
 
 /* Set the API backend definition to GnuTLS */
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index c925ea93c..b13c617a4 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -1022,6 +1022,7 @@ const struct Curl_ssl Curl_ssl_mbedtls = {
   0, /* have_certinfo */
   1, /* have_pinnedpubkey */
   1, /* have_ssl_ctx */
+  0, /* support_https_proxy */
 
   Curl_mbedtls_init,                /* init */
   Curl_mbedtls_cleanup,             /* cleanup */
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index ff338940c..8c2161843 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -2331,6 +2331,7 @@ const struct Curl_ssl Curl_ssl_nss = {
   1, /* have_certinfo */
   1, /* have_pinnedpubkey */
   0, /* have_ssl_ctx */
+  1, /* support_https_proxy */
 
   Curl_nss_init,                /* init */
   Curl_nss_cleanup,             /* cleanup */
diff --git a/lib/vtls/nssg.h b/lib/vtls/nssg.h
index 222c6e28e..7bf8123a6 100644
--- a/lib/vtls/nssg.h
+++ b/lib/vtls/nssg.h
@@ -56,9 +56,6 @@ bool Curl_nss_cert_status_request(void);
 
 bool Curl_nss_false_start(void);
 
-/* Support HTTPS-proxy */
-#define HTTPS_PROXY_SUPPORT 1
-
 extern const struct Curl_ssl Curl_ssl_nss;
 
 /* Set the API backend definition to NSS */
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 7376588c3..00956f986 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -3394,6 +3394,7 @@ const struct Curl_ssl Curl_ssl_openssl = {
   1, /* have_certinfo */
   1, /* have_pinnedpubkey */
   1, /* have_ssl_ctx */
+  1, /* support_https_proxy */
 
   Curl_ossl_init,                /* init */
   Curl_ossl_cleanup,             /* cleanup */
diff --git a/lib/vtls/openssl.h b/lib/vtls/openssl.h
index c17dff284..9df0503ea 100644
--- a/lib/vtls/openssl.h
+++ b/lib/vtls/openssl.h
@@ -71,9 +71,6 @@ CURLcode Curl_ossl_random(struct Curl_easy *data, unsigned char *entropy,
 
 bool Curl_ossl_cert_status_request(void);
 
-/* Support HTTPS-proxy */
-#define HTTPS_PROXY_SUPPORT 1
-
 extern const struct Curl_ssl Curl_ssl_openssl;
 
 /* Set the API backend definition to OpenSSL */
diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c
index 4d8db72d8..ee5a942da 100644
--- a/lib/vtls/polarssl.c
+++ b/lib/vtls/polarssl.c
@@ -885,6 +885,7 @@ const struct Curl_ssl Curl_ssl_polarssl = {
   0, /* have_certinfo */
   1, /* have_pinnedpubkey */
   0, /* have_ssl_ctx */
+  0, /* support_https_proxy */
 
   Curl_polarssl_init,                /* init */
   Curl_polarssl_cleanup,             /* cleanup */
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index fe7ec47b8..c65f6b394 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -1733,6 +1733,7 @@ const struct Curl_ssl Curl_ssl_schannel = {
   1, /* have_certinfo */
   0, /* have_pinnedpubkey */
   0, /* have_ssl_ctx */
+  0, /* support_https_proxy */
 
   Curl_schannel_init,                /* init */
   Curl_schannel_cleanup,             /* cleanup */
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index 86bb46c2a..d55328b8c 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -205,12 +205,10 @@ ssl_connect_init_proxy(struct connectdata *conn, int sockindex)
   DEBUGASSERT(conn->bits.proxy_ssl_connected[sockindex]);
   if(ssl_connection_complete == conn->ssl[sockindex].state &&
      !conn->proxy_ssl[sockindex].use) {
-#if defined(HTTPS_PROXY_SUPPORT)
+    if(!Curl_ssl->support_https_proxy)
+      return CURLE_NOT_BUILT_IN;
     conn->proxy_ssl[sockindex] = conn->ssl[sockindex];
     memset(&conn->ssl[sockindex], 0, sizeof(conn->ssl[sockindex]));
-#else
-    return CURLE_NOT_BUILT_IN;
-#endif
   }
   return CURLE_OK;
 }
diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h
index 8b3ff05ae..de98df027 100644
--- a/lib/vtls/vtls.h
+++ b/lib/vtls/vtls.h
@@ -33,6 +33,8 @@ struct Curl_ssl {
   unsigned have_pinnedpubkey:1; /* supports CURLOPT_PINNEDPUBLICKEY */
   unsigned have_ssl_ctx:1;      /* supports CURLOPT_SSL_CTX_* */
 
+  unsigned support_https_proxy:1; /* supports access via HTTPS proxies */
+
   int (*init)(void);
   void (*cleanup)(void);
author	Johannes Schindelin <johannes.schindelin@gmx.de>	2017-06-26 18:05:38 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2017-08-28 14:56:56 +0200
commit	f0b4db1ab0f803fdad576d77220434d04651db76 (patch)
tree	0a7aaa97f79e184999d8bd7e8eb28e7fe4b3ad64
parent	937899a3b8e1124df7a66b83925349d5c9f9e5a9 (diff)
download	curl-f0b4db1ab0f803fdad576d77220434d04651db76.tar.gz