diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2021-04-01 16:25:19 +0200 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2021-04-02 22:53:17 +0200 |
| commit | f573998c22a20b0fbe4edb8dbd968aa2f7ca5864 (patch) | |
| tree | 25bad18884e85c1b4d61f5c8418d9fdfcb468656 | |
| parent | 3085ccfae996bb0fa606d2c7bc6783dc15d76a30 (diff) | |
| download | curl-f573998c22a20b0fbe4edb8dbd968aa2f7ca5864.tar.gz | |
TLS: fix HTTP/2 selection
for GnuTLS, BearSSL, mbedTLS, NSS, SChannnel, Secure Transport and
wolfSSL...
Regression since 88dd1a8a115b1f5ece (shipped in 7.76.0)
Reported-by: Kenneth Davidson
Reported-by: romamik om github
Fixes #6825
Closes #6827
| -rw-r--r-- | lib/vtls/bearssl.c | 2 | ||||
| -rw-r--r-- | lib/vtls/gtls.c | 2 | ||||
| -rw-r--r-- | lib/vtls/mbedtls.c | 2 | ||||
| -rw-r--r-- | lib/vtls/nss.c | 2 | ||||
| -rw-r--r-- | lib/vtls/schannel.c | 2 | ||||
| -rw-r--r-- | lib/vtls/sectransp.c | 2 | ||||
| -rw-r--r-- | lib/vtls/wolfssl.c | 4 |
7 files changed, 8 insertions, 8 deletions
diff --git a/lib/vtls/bearssl.c b/lib/vtls/bearssl.c index 39fc1a292..a63056d4e 100644 --- a/lib/vtls/bearssl.c +++ b/lib/vtls/bearssl.c @@ -391,7 +391,7 @@ static CURLcode bearssl_connect_step1(struct Curl_easy *data, */ #ifdef USE_NGHTTP2 - if(data->state.httpversion >= CURL_HTTP_VERSION_2 + if(data->state.httpwant >= CURL_HTTP_VERSION_2 #ifndef CURL_DISABLE_PROXY && (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy) #endif diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 3b0d940a6..e3fad7fe0 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -612,7 +612,7 @@ gtls_connect_step1(struct Curl_easy *data, gnutls_datum_t protocols[2]; #ifdef USE_NGHTTP2 - if(data->state.httpversion >= CURL_HTTP_VERSION_2 + if(data->state.httpwant >= CURL_HTTP_VERSION_2 #ifndef CURL_DISABLE_PROXY && (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy) #endif diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index 93a7ac1fd..4b36f2d20 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -497,7 +497,7 @@ mbed_connect_step1(struct Curl_easy *data, struct connectdata *conn, if(conn->bits.tls_enable_alpn) { const char **p = &backend->protocols[0]; #ifdef USE_NGHTTP2 - if(data->state.httpversion >= CURL_HTTP_VERSION_2) + if(data->state.httpwant >= CURL_HTTP_VERSION_2) *p++ = NGHTTP2_PROTO_VERSION_ID; #endif *p++ = ALPN_HTTP_1_1; diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c index bc6c3caeb..a9f6959e3 100644 --- a/lib/vtls/nss.c +++ b/lib/vtls/nss.c @@ -2080,7 +2080,7 @@ static CURLcode nss_setup_connect(struct Curl_easy *data, unsigned char protocols[128]; #ifdef USE_NGHTTP2 - if(data->state.httpversion >= CURL_HTTP_VERSION_2 + if(data->state.httpwant >= CURL_HTTP_VERSION_2 #ifndef CURL_DISABLE_PROXY && (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy) #endif diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 931bd853e..961a71f6d 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -862,7 +862,7 @@ schannel_connect_step1(struct Curl_easy *data, struct connectdata *conn, list_start_index = cur; #ifdef USE_NGHTTP2 - if(data->state.httpversion >= CURL_HTTP_VERSION_2) { + if(data->state.httpwant >= CURL_HTTP_VERSION_2) { memcpy(&alpn_buffer[cur], NGHTTP2_PROTO_ALPN, NGHTTP2_PROTO_ALPN_LEN); cur += NGHTTP2_PROTO_ALPN_LEN; infof(data, "schannel: ALPN, offering %s\n", NGHTTP2_PROTO_VERSION_ID); diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c index e69b99b72..9d637da2e 100644 --- a/lib/vtls/sectransp.c +++ b/lib/vtls/sectransp.c @@ -1613,7 +1613,7 @@ static CURLcode sectransp_connect_step1(struct Curl_easy *data, &kCFTypeArrayCallBacks); #ifdef USE_NGHTTP2 - if(data->state.httpversion >= CURL_HTTP_VERSION_2 + if(data->state.httpwant >= CURL_HTTP_VERSION_2 #ifndef CURL_DISABLE_PROXY && (!isproxy || !conn->bits.tunnel_proxy) #endif diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index 8fb2ea7ac..c6f428034 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -475,7 +475,7 @@ wolfssl_connect_step1(struct Curl_easy *data, struct connectdata *conn, protocols in descending order of preference, eg: "h2,http/1.1" */ #ifdef USE_NGHTTP2 - if(data->state.httpversion >= CURL_HTTP_VERSION_2) { + if(data->state.httpwant >= CURL_HTTP_VERSION_2) { strcpy(protocols + strlen(protocols), NGHTTP2_PROTO_VERSION_ID ","); infof(data, "ALPN, offering %s\n", NGHTTP2_PROTO_VERSION_ID); } @@ -726,7 +726,7 @@ wolfssl_connect_step2(struct Curl_easy *data, struct connectdata *conn, !memcmp(protocol, ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH)) conn->negnpn = CURL_HTTP_VERSION_1_1; #ifdef USE_NGHTTP2 - else if(data->state.httpversion >= CURL_HTTP_VERSION_2 && + else if(data->state.httpwant >= CURL_HTTP_VERSION_2 && protocol_len == NGHTTP2_PROTO_VERSION_ID_LEN && !memcmp(protocol, NGHTTP2_PROTO_VERSION_ID, NGHTTP2_PROTO_VERSION_ID_LEN)) |