diff options
Diffstat (limited to 'lib/vtls/gskit.c')
| -rw-r--r-- | lib/vtls/gskit.c | 144 |
1 files changed, 89 insertions, 55 deletions
diff --git a/lib/vtls/gskit.c b/lib/vtls/gskit.c index 17584c750..26a1e8215 100644 --- a/lib/vtls/gskit.c +++ b/lib/vtls/gskit.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -301,10 +301,9 @@ static CURLcode set_callback(struct Curl_easy *data, } -static CURLcode set_ciphers(struct connectdata *conn, +static CURLcode set_ciphers(struct Curl_easy *data, gsk_handle h, unsigned int *protoflags) { - struct Curl_easy *data = conn->data; const char *cipherlist = SSL_CONN_CONFIG(cipher_list); const char *clp; const struct gskit_cipher *ctp; @@ -435,7 +434,7 @@ static CURLcode set_ciphers(struct connectdata *conn, } -static int Curl_gskit_init(void) +static int gskit_init(void) { /* No initialisation needed. */ @@ -443,7 +442,7 @@ static int Curl_gskit_init(void) } -static void Curl_gskit_cleanup(void) +static void gskit_cleanup(void) { /* Nothing to do. */ } @@ -587,11 +586,11 @@ static int pipe_ssloverssl(struct connectdata *conn, int sockindex, } -static void close_one(struct ssl_connect_data *connssl, +static void close_one(struct ssl_connect_data *connssl, struct Curl_easy *data, struct connectdata *conn, int sockindex) { if(BACKEND->handle) { - gskit_status(conn->data, gsk_secure_soc_close(&BACKEND->handle), + gskit_status(data, gsk_secure_soc_close(&BACKEND->handle), "gsk_secure_soc_close()", 0); /* Last chance to drain output. */ while(pipe_ssloverssl(conn, sockindex, SOS_WRITE) > 0) @@ -611,11 +610,11 @@ static void close_one(struct ssl_connect_data *connssl, } -static ssize_t gskit_send(struct connectdata *conn, int sockindex, - const void *mem, size_t len, CURLcode *curlcode) +static ssize_t real_gskit_send(struct Curl_easy *data, + struct connectdata *conn, int sockindex, + const void *mem, size_t len, CURLcode *curlcode) { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - struct Curl_easy *data = conn->data; CURLcode cc = CURLE_SEND_ERROR; int written; @@ -635,12 +634,18 @@ static ssize_t gskit_send(struct connectdata *conn, int sockindex, return (ssize_t) written; /* number of bytes */ } +static ssize_t gskit_send(struct connectdata *conn, int sockindex, + const void *mem, size_t len, CURLcode *curlcode) +{ + return real_gskit_send(conn->data, conn, sockindex, mem, len, curlcode); +} + -static ssize_t gskit_recv(struct connectdata *conn, int num, char *buf, - size_t buffersize, CURLcode *curlcode) +static ssize_t real_gskit_recv(struct Curl_easy *data, + struct connectdata *conn, int num, char *buf, + size_t buffersize, CURLcode *curlcode) { struct ssl_connect_data *connssl = &conn->ssl[num]; - struct Curl_easy *data = conn->data; int nread; CURLcode cc = CURLE_RECV_ERROR; @@ -663,10 +668,15 @@ static ssize_t gskit_recv(struct connectdata *conn, int num, char *buf, return (ssize_t) nread; } +static ssize_t gskit_recv(struct connectdata *conn, int num, char *buf, + size_t buffersize, CURLcode *curlcode) +{ + return real_gskit_recv(conn->data, conn, num, buf, buffersize, curlcode); +} + static CURLcode -set_ssl_version_min_max(unsigned int *protoflags, struct connectdata *conn) +set_ssl_version_min_max(unsigned int *protoflags, struct Curl_easy *data) { - struct Curl_easy *data = conn->data; long ssl_version = SSL_CONN_CONFIG(version); long ssl_version_max = SSL_CONN_CONFIG(version_max); long i = ssl_version; @@ -696,9 +706,9 @@ set_ssl_version_min_max(unsigned int *protoflags, struct connectdata *conn) return CURLE_OK; } -static CURLcode gskit_connect_step1(struct connectdata *conn, int sockindex) +static CURLcode gskit_connect_step1(struct Curl_easy *data, + struct connectdata *conn, int sockindex) { - struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; gsk_handle envir; CURLcode result; @@ -798,7 +808,7 @@ static CURLcode gskit_connect_step1(struct connectdata *conn, int sockindex) case CURL_SSLVERSION_TLSv1_1: case CURL_SSLVERSION_TLSv1_2: case CURL_SSLVERSION_TLSv1_3: - result = set_ssl_version_min_max(&protoflags, conn); + result = set_ssl_version_min_max(&protoflags, data); if(result != CURLE_OK) return result; break; @@ -832,7 +842,7 @@ static CURLcode gskit_connect_step1(struct connectdata *conn, int sockindex) result = set_numeric(data, BACKEND->handle, GSK_FD, BACKEND->localfd >= 0? BACKEND->localfd: conn->sock[sockindex]); if(!result) - result = set_ciphers(conn, BACKEND->handle, &protoflags); + result = set_ciphers(data, BACKEND->handle, &protoflags); if(!protoflags) { failf(data, "No SSL protocol/cipher combination enabled"); result = CURLE_SSL_CIPHER; @@ -915,15 +925,15 @@ static CURLcode gskit_connect_step1(struct connectdata *conn, int sockindex) } /* Error: rollback. */ - close_one(connssl, conn, sockindex); + close_one(connssl, data, conn, sockindex); return result; } -static CURLcode gskit_connect_step2(struct connectdata *conn, int sockindex, +static CURLcode gskit_connect_step2(struct Curl_easy *data, + struct connectdata *conn, int sockindex, bool nonblocking) { - struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; Qso_OverlappedIO_t cstat; struct timeval stmv; @@ -971,9 +981,9 @@ static CURLcode gskit_connect_step2(struct connectdata *conn, int sockindex, } -static CURLcode gskit_connect_step3(struct connectdata *conn, int sockindex) +static CURLcode gskit_connect_step3(struct Curl_easy *data, + struct connectdata *conn, int sockindex) { - struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; const gsk_cert_data_elem *cdev; int cdec; @@ -1016,7 +1026,7 @@ static CURLcode gskit_connect_step3(struct connectdata *conn, int sockindex) } /* Verify host. */ - result = Curl_verifyhost(conn, cert, certend); + result = Curl_verifyhost(data, conn, cert, certend); if(result) return result; @@ -1031,7 +1041,7 @@ static CURLcode gskit_connect_step3(struct connectdata *conn, int sockindex) return result; if(cert) { - result = Curl_extract_certinfo(conn, 0, cert, certend); + result = Curl_extract_certinfo(data, 0, cert, certend); if(result) return result; } @@ -1059,10 +1069,10 @@ static CURLcode gskit_connect_step3(struct connectdata *conn, int sockindex) } -static CURLcode gskit_connect_common(struct connectdata *conn, int sockindex, +static CURLcode gskit_connect_common(struct Curl_easy *data, + struct connectdata *conn, int sockindex, bool nonblocking, bool *done) { - struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; timediff_t timeout_ms; CURLcode result = CURLE_OK; @@ -1082,7 +1092,7 @@ static CURLcode gskit_connect_common(struct connectdata *conn, int sockindex, result = CURLE_OPERATION_TIMEDOUT; } else - result = gskit_connect_step1(conn, sockindex); + result = gskit_connect_step1(data, conn, sockindex); } /* Handle handshake pipelining. */ @@ -1101,7 +1111,7 @@ static CURLcode gskit_connect_common(struct connectdata *conn, int sockindex, result = CURLE_OPERATION_TIMEDOUT; } else - result = gskit_connect_step2(conn, sockindex, nonblocking); + result = gskit_connect_step2(data, conn, sockindex, nonblocking); } /* Handle handshake pipelining. */ @@ -1111,10 +1121,10 @@ static CURLcode gskit_connect_common(struct connectdata *conn, int sockindex, /* Step 3: gather certificate info, verify host. */ if(!result && connssl->connecting_state == ssl_connect_3) - result = gskit_connect_step3(conn, sockindex); + result = gskit_connect_step3(data, conn, sockindex); if(result) - close_one(connssl, conn, sockindex); + close_one(connssl, data, conn, sockindex); else if(connssl->connecting_state == ssl_connect_done) { connssl->state = ssl_connection_complete; connssl->connecting_state = ssl_connect_1; @@ -1127,25 +1137,33 @@ static CURLcode gskit_connect_common(struct connectdata *conn, int sockindex, } -static CURLcode Curl_gskit_connect_nonblocking(struct connectdata *conn, +static CURLcode real_gskit_connect_nonblocking(struct Curl_easy *data, + struct connectdata *conn, int sockindex, bool *done) { CURLcode result; - result = gskit_connect_common(conn, sockindex, TRUE, done); + result = gskit_connect_common(data, conn, sockindex, TRUE, done); if(*done || result) conn->ssl[sockindex].connecting_state = ssl_connect_1; return result; } +static CURLcode gskit_connect_nonblocking(struct connectdata *conn, + int sockindex, bool *done) +{ + return real_gskit_connect_nonblocking(conn->data, conn, sockindex, done); +} + -static CURLcode Curl_gskit_connect(struct connectdata *conn, int sockindex) +static CURLcode real_gskit_connect(struct Curl_easy *data, + struct connectdata *conn, int sockindex) { CURLcode result; bool done; conn->ssl[sockindex].connecting_state = ssl_connect_1; - result = gskit_connect_common(conn, sockindex, FALSE, &done); + result = gskit_connect_common(data, conn, sockindex, FALSE, &done); if(result) return result; @@ -1154,18 +1172,29 @@ static CURLcode Curl_gskit_connect(struct connectdata *conn, int sockindex) return CURLE_OK; } +static CURLcode gskit_connect(struct connectdata *conn, int sockindex) +{ + return real_gskit_connect(conn->data, conn, sockindex); +} + -static void Curl_gskit_close(struct connectdata *conn, int sockindex) +static void real_gskit_close(struct Curl_easy *data, struct connectdata *conn, + int sockindex) { - close_one(&conn->ssl[sockindex], conn, sockindex); - close_one(&conn->proxy_ssl[sockindex], conn, sockindex); + close_one(&conn->ssl[sockindex], data, conn, sockindex); + close_one(&conn->proxy_ssl[sockindex], data, conn, sockindex); +} + +static void gskit_close(struct connectdata *conn, int sockindex) +{ + real_gskit_close(conn->data, conn, sockindex); } -static int Curl_gskit_shutdown(struct connectdata *conn, int sockindex) +static int real_gskit_shutdown(struct Curl_easy *data, + struct connectdata *conn, int sockindex) { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - struct Curl_easy *data = conn->data; int what; int rc; char buf[120]; @@ -1178,7 +1207,7 @@ static int Curl_gskit_shutdown(struct connectdata *conn, int sockindex) return 0; #endif - close_one(connssl, conn, sockindex); + close_one(connssl, data, conn, sockindex); rc = 0; what = SOCKET_READABLE(conn->sock[sockindex], SSL_SHUTDOWN_TIMEOUT); @@ -1218,14 +1247,19 @@ static int Curl_gskit_shutdown(struct connectdata *conn, int sockindex) return rc; } +static int gskit_shutdown(struct connectdata *conn, int sockindex) +{ + return real_gskit_shutdown(conn->data, conn, sockindex); +} + -static size_t Curl_gskit_version(char *buffer, size_t size) +static size_t gskit_version(char *buffer, size_t size) { return msnprintf(buffer, size, "GSKit"); } -static int Curl_gskit_check_cxn(struct connectdata *cxn) +static int gskit_check_cxn(struct connectdata *cxn) { struct ssl_connect_data *connssl = &cxn->ssl[FIRSTSOCKET]; int err; @@ -1247,8 +1281,8 @@ static int Curl_gskit_check_cxn(struct connectdata *cxn) return -1; /* connection status unknown */ } -static void *Curl_gskit_get_internals(struct ssl_connect_data *connssl, - CURLINFO info UNUSED_PARAM) +static void *gskit_get_internals(struct ssl_connect_data *connssl, + CURLINFO info UNUSED_PARAM) { (void)info; return BACKEND->handle; @@ -1262,18 +1296,18 @@ const struct Curl_ssl Curl_ssl_gskit = { sizeof(struct ssl_backend_data), - Curl_gskit_init, /* init */ - Curl_gskit_cleanup, /* cleanup */ - Curl_gskit_version, /* version */ - Curl_gskit_check_cxn, /* check_cxn */ - Curl_gskit_shutdown, /* shutdown */ + gskit_init, /* init */ + gskit_cleanup, /* cleanup */ + gskit_version, /* version */ + gskit_check_cxn, /* check_cxn */ + gskit_shutdown, /* shutdown */ Curl_none_data_pending, /* data_pending */ Curl_none_random, /* random */ Curl_none_cert_status_request, /* cert_status_request */ - Curl_gskit_connect, /* connect */ - Curl_gskit_connect_nonblocking, /* connect_nonblocking */ - Curl_gskit_get_internals, /* get_internals */ - Curl_gskit_close, /* close_one */ + gskit_connect, /* connect */ + gskit_connect_nonblocking, /* connect_nonblocking */ + gskit_get_internals, /* get_internals */ + gskit_close, /* close_one */ Curl_none_close_all, /* close_all */ /* No session handling for GSKit */ Curl_none_session_free, /* session_free */ |