diff options
author | Stefan Eissing <stefan@eissing.org> | 2023-04-06 09:54:57 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2023-04-06 13:04:46 +0200 |
commit | 4ae2d9f24d3ba506f828df69357ac80b346348de (patch) | |
tree | b4c9d1866849d2707dff6532316cf04bb1ec0397 /lib/vtls/sectransp.c | |
parent | 8f50e393ab0d2305cb5fc1aa4b47fd9d83f415dc (diff) | |
download | curl-4ae2d9f24d3ba506f828df69357ac80b346348de.tar.gz |
proxy: http2 proxy tunnel implementation
- currently only on debug build and when env variable
CURL_PROXY_TUNNEL_H2 is present.
- will ALPN negotiate with the proxy server and switch
tunnel filter based on the protocol negotiated.
- http/1.1 tunnel code moved into cf-h1-proxy.[ch]
- http/2 tunnel code implemented in cf-h2-proxy.[ch]
- tunnel start and ALPN set remains in http_proxy.c
- moving all haproxy related code into cf-haproxy.[ch]
VTLS changes
- SSL filters rely solely on the "alpn" specification they
are created with and no longer check conn->bits.tls_enable_alpn.
- checks on which ALPN specification to use (or none at all) are
done in vtls.c when creating the filter.
Testing
- added a nghttpx forward proxy to the pytest setup that
speaks HTTP/2 and forwards all requests to the Apache httpd
forward proxy server.
- extending test coverage in test_10 cases
- adding proxy tests for direct/tunnel h1/h2 use of basic auth.
- adding test for http/1.1 and h2 proxy tunneling to pytest
Closes #10780
Diffstat (limited to 'lib/vtls/sectransp.c')
-rw-r--r-- | lib/vtls/sectransp.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c index 7f55fb5be..d59f2a8c0 100644 --- a/lib/vtls/sectransp.c +++ b/lib/vtls/sectransp.c @@ -2796,7 +2796,7 @@ check_handshake: } #if(CURL_BUILD_MAC_10_13 || CURL_BUILD_IOS_11) && HAVE_BUILTIN_AVAILABLE == 1 - if(cf->conn->bits.tls_enable_alpn) { + if(connssl->alpn) { if(__builtin_available(macOS 10.13.4, iOS 11, tvOS 11, *)) { CFArrayRef alpnArr = NULL; CFStringRef chosenProtocol = NULL; |