diff options
Diffstat (limited to 'lib/vtls')
| -rw-r--r-- | lib/vtls/bearssl.c | 9 | ||||
| -rw-r--r-- | lib/vtls/gskit.c | 144 | ||||
| -rw-r--r-- | lib/vtls/gtls.c | 10 | ||||
| -rw-r--r-- | lib/vtls/mbedtls.c | 14 | ||||
| -rw-r--r-- | lib/vtls/mesalink.c | 12 | ||||
| -rw-r--r-- | lib/vtls/nss.c | 36 | ||||
| -rw-r--r-- | lib/vtls/openssl.c | 33 | ||||
| -rw-r--r-- | lib/vtls/schannel.c | 48 | ||||
| -rw-r--r-- | lib/vtls/sectransp.c | 16 | ||||
| -rw-r--r-- | lib/vtls/wolfssl.c | 23 |
10 files changed, 196 insertions, 149 deletions
diff --git a/lib/vtls/bearssl.c b/lib/vtls/bearssl.c index 847a361e0..6eb61943a 100644 --- a/lib/vtls/bearssl.c +++ b/lib/vtls/bearssl.c @@ -552,7 +552,7 @@ static CURLcode bearssl_connect_step3(struct connectdata *conn, int sockindex) conn->negnpn = CURL_HTTP_VERSION_1_1; else infof(data, "ALPN, unrecognized protocol %s\n", protocol); - Curl_multiuse_state(conn, conn->negnpn == CURL_HTTP_VERSION_2 ? + Curl_multiuse_state(data, conn->negnpn == CURL_HTTP_VERSION_2 ? BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE); } else @@ -585,10 +585,10 @@ static CURLcode bearssl_connect_step3(struct connectdata *conn, int sockindex) return CURLE_OK; } -static ssize_t bearssl_send(struct connectdata *conn, int sockindex, +static ssize_t bearssl_send(struct Curl_easy *data, int sockindex, const void *buf, size_t len, CURLcode *err) { - struct Curl_easy *data = conn->data; + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; struct ssl_backend_data *backend = connssl->backend; unsigned char *app; @@ -618,9 +618,10 @@ static ssize_t bearssl_send(struct connectdata *conn, int sockindex, } } -static ssize_t bearssl_recv(struct connectdata *conn, int sockindex, +static ssize_t bearssl_recv(struct Curl_easy *data, int sockindex, char *buf, size_t len, CURLcode *err) { + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; struct ssl_backend_data *backend = connssl->backend; unsigned char *app; diff --git a/lib/vtls/gskit.c b/lib/vtls/gskit.c index 17584c750..26a1e8215 100644 --- a/lib/vtls/gskit.c +++ b/lib/vtls/gskit.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -301,10 +301,9 @@ static CURLcode set_callback(struct Curl_easy *data, } -static CURLcode set_ciphers(struct connectdata *conn, +static CURLcode set_ciphers(struct Curl_easy *data, gsk_handle h, unsigned int *protoflags) { - struct Curl_easy *data = conn->data; const char *cipherlist = SSL_CONN_CONFIG(cipher_list); const char *clp; const struct gskit_cipher *ctp; @@ -435,7 +434,7 @@ static CURLcode set_ciphers(struct connectdata *conn, } -static int Curl_gskit_init(void) +static int gskit_init(void) { /* No initialisation needed. */ @@ -443,7 +442,7 @@ static int Curl_gskit_init(void) } -static void Curl_gskit_cleanup(void) +static void gskit_cleanup(void) { /* Nothing to do. */ } @@ -587,11 +586,11 @@ static int pipe_ssloverssl(struct connectdata *conn, int sockindex, } -static void close_one(struct ssl_connect_data *connssl, +static void close_one(struct ssl_connect_data *connssl, struct Curl_easy *data, struct connectdata *conn, int sockindex) { if(BACKEND->handle) { - gskit_status(conn->data, gsk_secure_soc_close(&BACKEND->handle), + gskit_status(data, gsk_secure_soc_close(&BACKEND->handle), "gsk_secure_soc_close()", 0); /* Last chance to drain output. */ while(pipe_ssloverssl(conn, sockindex, SOS_WRITE) > 0) @@ -611,11 +610,11 @@ static void close_one(struct ssl_connect_data *connssl, } -static ssize_t gskit_send(struct connectdata *conn, int sockindex, - const void *mem, size_t len, CURLcode *curlcode) +static ssize_t real_gskit_send(struct Curl_easy *data, + struct connectdata *conn, int sockindex, + const void *mem, size_t len, CURLcode *curlcode) { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - struct Curl_easy *data = conn->data; CURLcode cc = CURLE_SEND_ERROR; int written; @@ -635,12 +634,18 @@ static ssize_t gskit_send(struct connectdata *conn, int sockindex, return (ssize_t) written; /* number of bytes */ } +static ssize_t gskit_send(struct connectdata *conn, int sockindex, + const void *mem, size_t len, CURLcode *curlcode) +{ + return real_gskit_send(conn->data, conn, sockindex, mem, len, curlcode); +} + -static ssize_t gskit_recv(struct connectdata *conn, int num, char *buf, - size_t buffersize, CURLcode *curlcode) +static ssize_t real_gskit_recv(struct Curl_easy *data, + struct connectdata *conn, int num, char *buf, + size_t buffersize, CURLcode *curlcode) { struct ssl_connect_data *connssl = &conn->ssl[num]; - struct Curl_easy *data = conn->data; int nread; CURLcode cc = CURLE_RECV_ERROR; @@ -663,10 +668,15 @@ static ssize_t gskit_recv(struct connectdata *conn, int num, char *buf, return (ssize_t) nread; } +static ssize_t gskit_recv(struct connectdata *conn, int num, char *buf, + size_t buffersize, CURLcode *curlcode) +{ + return real_gskit_recv(conn->data, conn, num, buf, buffersize, curlcode); +} + static CURLcode -set_ssl_version_min_max(unsigned int *protoflags, struct connectdata *conn) +set_ssl_version_min_max(unsigned int *protoflags, struct Curl_easy *data) { - struct Curl_easy *data = conn->data; long ssl_version = SSL_CONN_CONFIG(version); long ssl_version_max = SSL_CONN_CONFIG(version_max); long i = ssl_version; @@ -696,9 +706,9 @@ set_ssl_version_min_max(unsigned int *protoflags, struct connectdata *conn) return CURLE_OK; } -static CURLcode gskit_connect_step1(struct connectdata *conn, int sockindex) +static CURLcode gskit_connect_step1(struct Curl_easy *data, + struct connectdata *conn, int sockindex) { - struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; gsk_handle envir; CURLcode result; @@ -798,7 +808,7 @@ static CURLcode gskit_connect_step1(struct connectdata *conn, int sockindex) case CURL_SSLVERSION_TLSv1_1: case CURL_SSLVERSION_TLSv1_2: case CURL_SSLVERSION_TLSv1_3: - result = set_ssl_version_min_max(&protoflags, conn); + result = set_ssl_version_min_max(&protoflags, data); if(result != CURLE_OK) return result; break; @@ -832,7 +842,7 @@ static CURLcode gskit_connect_step1(struct connectdata *conn, int sockindex) result = set_numeric(data, BACKEND->handle, GSK_FD, BACKEND->localfd >= 0? BACKEND->localfd: conn->sock[sockindex]); if(!result) - result = set_ciphers(conn, BACKEND->handle, &protoflags); + result = set_ciphers(data, BACKEND->handle, &protoflags); if(!protoflags) { failf(data, "No SSL protocol/cipher combination enabled"); result = CURLE_SSL_CIPHER; @@ -915,15 +925,15 @@ static CURLcode gskit_connect_step1(struct connectdata *conn, int sockindex) } /* Error: rollback. */ - close_one(connssl, conn, sockindex); + close_one(connssl, data, conn, sockindex); return result; } -static CURLcode gskit_connect_step2(struct connectdata *conn, int sockindex, +static CURLcode gskit_connect_step2(struct Curl_easy *data, + struct connectdata *conn, int sockindex, bool nonblocking) { - struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; Qso_OverlappedIO_t cstat; struct timeval stmv; @@ -971,9 +981,9 @@ static CURLcode gskit_connect_step2(struct connectdata *conn, int sockindex, } -static CURLcode gskit_connect_step3(struct connectdata *conn, int sockindex) +static CURLcode gskit_connect_step3(struct Curl_easy *data, + struct connectdata *conn, int sockindex) { - struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; const gsk_cert_data_elem *cdev; int cdec; @@ -1016,7 +1026,7 @@ static CURLcode gskit_connect_step3(struct connectdata *conn, int sockindex) } /* Verify host. */ - result = Curl_verifyhost(conn, cert, certend); + result = Curl_verifyhost(data, conn, cert, certend); if(result) return result; @@ -1031,7 +1041,7 @@ static CURLcode gskit_connect_step3(struct connectdata *conn, int sockindex) return result; if(cert) { - result = Curl_extract_certinfo(conn, 0, cert, certend); + result = Curl_extract_certinfo(data, 0, cert, certend); if(result) return result; } @@ -1059,10 +1069,10 @@ static CURLcode gskit_connect_step3(struct connectdata *conn, int sockindex) } -static CURLcode gskit_connect_common(struct connectdata *conn, int sockindex, +static CURLcode gskit_connect_common(struct Curl_easy *data, + struct connectdata *conn, int sockindex, bool nonblocking, bool *done) { - struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; timediff_t timeout_ms; CURLcode result = CURLE_OK; @@ -1082,7 +1092,7 @@ static CURLcode gskit_connect_common(struct connectdata *conn, int sockindex, result = CURLE_OPERATION_TIMEDOUT; } else - result = gskit_connect_step1(conn, sockindex); + result = gskit_connect_step1(data, conn, sockindex); } /* Handle handshake pipelining. */ @@ -1101,7 +1111,7 @@ static CURLcode gskit_connect_common(struct connectdata *conn, int sockindex, result = CURLE_OPERATION_TIMEDOUT; } else - result = gskit_connect_step2(conn, sockindex, nonblocking); + result = gskit_connect_step2(data, conn, sockindex, nonblocking); } /* Handle handshake pipelining. */ @@ -1111,10 +1121,10 @@ static CURLcode gskit_connect_common(struct connectdata *conn, int sockindex, /* Step 3: gather certificate info, verify host. */ if(!result && connssl->connecting_state == ssl_connect_3) - result = gskit_connect_step3(conn, sockindex); + result = gskit_connect_step3(data, conn, sockindex); if(result) - close_one(connssl, conn, sockindex); + close_one(connssl, data, conn, sockindex); else if(connssl->connecting_state == ssl_connect_done) { connssl->state = ssl_connection_complete; connssl->connecting_state = ssl_connect_1; @@ -1127,25 +1137,33 @@ static CURLcode gskit_connect_common(struct connectdata *conn, int sockindex, } -static CURLcode Curl_gskit_connect_nonblocking(struct connectdata *conn, +static CURLcode real_gskit_connect_nonblocking(struct Curl_easy *data, + struct connectdata *conn, int sockindex, bool *done) { CURLcode result; - result = gskit_connect_common(conn, sockindex, TRUE, done); + result = gskit_connect_common(data, conn, sockindex, TRUE, done); if(*done || result) conn->ssl[sockindex].connecting_state = ssl_connect_1; return result; } +static CURLcode gskit_connect_nonblocking(struct connectdata *conn, + int sockindex, bool *done) +{ + return real_gskit_connect_nonblocking(conn->data, conn, sockindex, done); +} + -static CURLcode Curl_gskit_connect(struct connectdata *conn, int sockindex) +static CURLcode real_gskit_connect(struct Curl_easy *data, + struct connectdata *conn, int sockindex) { CURLcode result; bool done; conn->ssl[sockindex].connecting_state = ssl_connect_1; - result = gskit_connect_common(conn, sockindex, FALSE, &done); + result = gskit_connect_common(data, conn, sockindex, FALSE, &done); if(result) return result; @@ -1154,18 +1172,29 @@ static CURLcode Curl_gskit_connect(struct connectdata *conn, int sockindex) return CURLE_OK; } +static CURLcode gskit_connect(struct connectdata *conn, int sockindex) +{ + return real_gskit_connect(conn->data, conn, sockindex); +} + -static void Curl_gskit_close(struct connectdata *conn, int sockindex) +static void real_gskit_close(struct Curl_easy *data, struct connectdata *conn, + int sockindex) { - close_one(&conn->ssl[sockindex], conn, sockindex); - close_one(&conn->proxy_ssl[sockindex], conn, sockindex); + close_one(&conn->ssl[sockindex], data, conn, sockindex); + close_one(&conn->proxy_ssl[sockindex], data, conn, sockindex); +} + +static void gskit_close(struct connectdata *conn, int sockindex) +{ + real_gskit_close(conn->data, conn, sockindex); } -static int Curl_gskit_shutdown(struct connectdata *conn, int sockindex) +static int real_gskit_shutdown(struct Curl_easy *data, + struct connectdata *conn, int sockindex) { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - struct Curl_easy *data = conn->data; int what; int rc; char buf[120]; @@ -1178,7 +1207,7 @@ static int Curl_gskit_shutdown(struct connectdata *conn, int sockindex) return 0; #endif - close_one(connssl, conn, sockindex); + close_one(connssl, data, conn, sockindex); rc = 0; what = SOCKET_READABLE(conn->sock[sockindex], SSL_SHUTDOWN_TIMEOUT); @@ -1218,14 +1247,19 @@ static int Curl_gskit_shutdown(struct connectdata *conn, int sockindex) return rc; } +static int gskit_shutdown(struct connectdata *conn, int sockindex) +{ + return real_gskit_shutdown(conn->data, conn, sockindex); +} + -static size_t Curl_gskit_version(char *buffer, size_t size) +static size_t gskit_version(char *buffer, size_t size) { return msnprintf(buffer, size, "GSKit"); } -static int Curl_gskit_check_cxn(struct connectdata *cxn) +static int gskit_check_cxn(struct connectdata *cxn) { struct ssl_connect_data *connssl = &cxn->ssl[FIRSTSOCKET]; int err; @@ -1247,8 +1281,8 @@ static int Curl_gskit_check_cxn(struct connectdata *cxn) return -1; /* connection status unknown */ } -static void *Curl_gskit_get_internals(struct ssl_connect_data *connssl, - CURLINFO info UNUSED_PARAM) +static void *gskit_get_internals(struct ssl_connect_data *connssl, + CURLINFO info UNUSED_PARAM) { (void)info; return BACKEND->handle; @@ -1262,18 +1296,18 @@ const struct Curl_ssl Curl_ssl_gskit = { sizeof(struct ssl_backend_data), - Curl_gskit_init, /* init */ - Curl_gskit_cleanup, /* cleanup */ - Curl_gskit_version, /* version */ - Curl_gskit_check_cxn, /* check_cxn */ - Curl_gskit_shutdown, /* shutdown */ + gskit_init, /* init */ + gskit_cleanup, /* cleanup */ + gskit_version, /* version */ + gskit_check_cxn, /* check_cxn */ + gskit_shutdown, /* shutdown */ Curl_none_data_pending, /* data_pending */ Curl_none_random, /* random */ Curl_none_cert_status_request, /* cert_status_request */ - Curl_gskit_connect, /* connect */ - Curl_gskit_connect_nonblocking, /* connect_nonblocking */ - Curl_gskit_get_internals, /* get_internals */ - Curl_gskit_close, /* close_one */ + gskit_connect, /* connect */ + gskit_connect_nonblocking, /* connect_nonblocking */ + gskit_get_internals, /* get_internals */ + gskit_close, /* close_one */ Curl_none_close_all, /* close_all */ /* No session handling for GSKit */ Curl_none_session_free, /* session_free */ diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 3ffd2e528..4e2700fa1 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -885,7 +885,7 @@ gtls_connect_step3(struct connectdata *conn, const char *beg = (const char *) chainp[i].data; const char *end = beg + chainp[i].size; - result = Curl_extract_certinfo(conn, i, beg, end); + result = Curl_extract_certinfo(data, i, beg, end); if(result) return result; } @@ -1263,7 +1263,7 @@ gtls_connect_step3(struct connectdata *conn, else infof(data, "ALPN, server did not agree to a protocol\n"); - Curl_multiuse_state(conn, conn->negnpn == CURL_HTTP_VERSION_2 ? + Curl_multiuse_state(data, conn->negnpn == CURL_HTTP_VERSION_2 ? BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE); } @@ -1399,12 +1399,13 @@ static bool gtls_data_pending(const struct connectdata *conn, return res; } -static ssize_t gtls_send(struct connectdata *conn, +static ssize_t gtls_send(struct Curl_easy *data, int sockindex, const void *mem, size_t len, CURLcode *curlcode) { + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; struct ssl_backend_data *backend = connssl->backend; ssize_t rc = gnutls_record_send(backend->session, mem, len); @@ -1526,12 +1527,13 @@ static int gtls_shutdown(struct connectdata *conn, int sockindex) return retval; } -static ssize_t gtls_recv(struct connectdata *conn, /* connection data */ +static ssize_t gtls_recv(struct Curl_easy *data, /* connection data */ int num, /* socketindex */ char *buf, /* store read data here */ size_t buffersize, /* max amount to read */ CURLcode *curlcode) { + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[num]; struct ssl_backend_data *backend = connssl->backend; ssize_t ret; diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index c279b8d7d..f8baa1c34 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -5,8 +5,8 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2010 - 2011, Hoi-Ho Chan, <hoiho.chan@gmail.com> * Copyright (C) 2012 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 2010 - 2011, Hoi-Ho Chan, <hoiho.chan@gmail.com> * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -701,7 +701,7 @@ mbed_connect_step2(struct connectdata *conn, else { infof(data, "ALPN, server did not agree to a protocol\n"); } - Curl_multiuse_state(conn, conn->negnpn == CURL_HTTP_VERSION_2 ? + Curl_multiuse_state(data, conn->negnpn == CURL_HTTP_VERSION_2 ? BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE); } #endif @@ -763,16 +763,16 @@ mbed_connect_step3(struct connectdata *conn, return CURLE_OK; } -static ssize_t mbed_send(struct connectdata *conn, int sockindex, +static ssize_t mbed_send(struct Curl_easy *data, int sockindex, const void *mem, size_t len, CURLcode *curlcode) { + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; struct ssl_backend_data *backend = connssl->backend; int ret = -1; - ret = mbedtls_ssl_write(&backend->ssl, - (unsigned char *)mem, len); + ret = mbedtls_ssl_write(&backend->ssl, (unsigned char *)mem, len); if(ret < 0) { *curlcode = (ret == MBEDTLS_ERR_SSL_WANT_WRITE) ? @@ -804,16 +804,16 @@ static void mbedtls_close(struct connectdata *conn, int sockindex) #endif /* THREADING_SUPPORT */ } -static ssize_t mbed_recv(struct connectdata *conn, int num, +static ssize_t mbed_recv(struct Curl_easy *data, int num, char *buf, size_t buffersize, CURLcode *curlcode) { + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[num]; struct ssl_backend_data *backend = connssl->backend; int ret = -1; ssize_t len = -1; - memset(buf, 0, buffersize); ret = mbedtls_ssl_read(&backend->ssl, (unsigned char *)buf, buffersize); diff --git a/lib/vtls/mesalink.c b/lib/vtls/mesalink.c index 309786cf8..93e3381cf 100644 --- a/lib/vtls/mesalink.c +++ b/lib/vtls/mesalink.c @@ -6,7 +6,7 @@ * \___|\___/|_| \_\_____| * * Copyright (C) 2017 - 2018, Yiming Jing, <jingyiming@baidu.com> - * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -378,9 +378,10 @@ mesalink_connect_step3(struct connectdata *conn, int sockindex) } static ssize_t -mesalink_send(struct connectdata *conn, int sockindex, const void *mem, +mesalink_send(struct Curl_easy *data, int sockindex, const void *mem, size_t len, CURLcode *curlcode) { + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; char error_buffer[MESALINK_MAX_ERROR_SZ]; int memlen = (len > (size_t)INT_MAX) ? INT_MAX : (int)len; @@ -395,7 +396,7 @@ mesalink_send(struct connectdata *conn, int sockindex, const void *mem, *curlcode = CURLE_AGAIN; return -1; default: - failf(conn->data, + failf(data, "SSL write: %s, errno %d", ERR_error_string_n(err, error_buffer, sizeof(error_buffer)), SOCKERRNO); @@ -423,9 +424,10 @@ Curl_mesalink_close(struct connectdata *conn, int sockindex) } static ssize_t -mesalink_recv(struct connectdata *conn, int num, char *buf, size_t buffersize, +mesalink_recv(struct Curl_easy *data, int num, char *buf, size_t buffersize, CURLcode *curlcode) { + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[num]; char error_buffer[MESALINK_MAX_ERROR_SZ]; int buffsize = (buffersize > (size_t)INT_MAX) ? INT_MAX : (int)buffersize; @@ -444,7 +446,7 @@ mesalink_recv(struct connectdata *conn, int num, char *buf, size_t buffersize, *curlcode = CURLE_AGAIN; return -1; default: - failf(conn->data, + failf(data, "SSL read: %s, errno %d", ERR_error_string_n(err, error_buffer, sizeof(error_buffer)), SOCKERRNO); diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c index 1ae9d5510..5d043931f 100644 --- a/lib/vtls/nss.c +++ b/lib/vtls/nss.c @@ -814,6 +814,7 @@ static SECStatus nss_auth_cert_hook(void *arg, PRFileDesc *fd, PRBool checksig, static void HandshakeCallback(PRFileDesc *sock, void *arg) { struct connectdata *conn = (struct connectdata*) arg; + struct Curl_easy *data = conn->data; unsigned int buflenmax = 50; unsigned char buf[50]; unsigned int buflen; @@ -833,15 +834,15 @@ static void HandshakeCallback(PRFileDesc *sock, void *arg) #endif case SSL_NEXT_PROTO_NO_SUPPORT: case SSL_NEXT_PROTO_NO_OVERLAP: - infof(conn->data, "ALPN/NPN, server did not agree to a protocol\n"); + infof(data, "ALPN/NPN, server did not agree to a protocol\n"); return; #ifdef SSL_ENABLE_ALPN case SSL_NEXT_PROTO_SELECTED: - infof(conn->data, "ALPN, server accepted to use %.*s\n", buflen, buf); + infof(data, "ALPN, server accepted to use %.*s\n", buflen, buf); break; #endif case SSL_NEXT_PROTO_NEGOTIATED: - infof(conn->data, "NPN, server accepted to use %.*s\n", buflen, buf); + infof(data, "NPN, server accepted to use %.*s\n", buflen, buf); break; } @@ -856,7 +857,7 @@ static void HandshakeCallback(PRFileDesc *sock, void *arg) !memcmp(ALPN_HTTP_1_1, buf, ALPN_HTTP_1_1_LENGTH)) { conn->negnpn = CURL_HTTP_VERSION_1_1; } - Curl_multiuse_state(conn, conn->negnpn == CURL_HTTP_VERSION_2 ? + Curl_multiuse_state(conn->data, conn->negnpn == CURL_HTTP_VERSION_2 ? BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE); } } @@ -952,6 +953,7 @@ static void display_cert_info(struct Curl_easy *data, static CURLcode display_conn_info(struct connectdata *conn, PRFileDesc *sock) { CURLcode result = CURLE_OK; + struct Curl_easy *data = conn->data; SSLChannelInfo channel; SSLCipherSuiteInfo suite; CERTCertificate *cert; @@ -965,16 +967,16 @@ static CURLcode display_conn_info(struct connectdata *conn, PRFileDesc *sock) channel.cipherSuite) { if(SSL_GetCipherSuiteInfo(channel.cipherSuite, &suite, sizeof(suite)) == SECSuccess) { - infof(conn->data, "SSL connection using %s\n", suite.cipherSuiteName); + infof(data, "SSL connection using %s\n", suite.cipherSuiteName); } } cert = SSL_PeerCertificate(sock); if(cert) { - infof(conn->data, "Server certificate:\n"); + infof(data, "Server certificate:\n"); - if(!conn->data->set.ssl.certinfo) { - display_cert_info(conn->data, cert); + if(!data->set.ssl.certinfo) { + display_cert_info(data, cert); CERT_DestroyCertificate(cert); } else { @@ -995,10 +997,10 @@ static CURLcode display_conn_info(struct connectdata *conn, PRFileDesc *sock) } } - result = Curl_ssl_init_certinfo(conn->data, i); + result = Curl_ssl_init_certinfo(data, i); if(!result) { for(i = 0; cert; cert = cert2) { - result = Curl_extract_certinfo(conn, i++, (char *)cert->derCert.data, + result = Curl_extract_certinfo(data, i++, (char *)cert->derCert.data, (char *)cert->derCert.data + cert->derCert.len); if(result) @@ -2260,19 +2262,20 @@ static CURLcode nss_connect_nonblocking(struct connectdata *conn, return nss_connect_common(conn, sockindex, done); } -static ssize_t nss_send(struct connectdata *conn, /* connection data */ +static ssize_t nss_send(struct Curl_easy *data, /* transfer */ int sockindex, /* socketindex */ const void *mem, /* send this data */ size_t len, /* amount to write */ CURLcode *curlcode) { + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; struct ssl_backend_data *backend = connssl->backend; ssize_t rc; /* The SelectClientCert() hook uses this for infof() and failf() but the handle stored in nss_setup_connect() could have already been freed. */ - backend->data = conn->data; + backend->data = data; rc = PR_Send(backend->handle, mem, (int)len, 0, PR_INTERVAL_NO_WAIT); if(rc < 0) { @@ -2282,7 +2285,7 @@ static ssize_t nss_send(struct connectdata *conn, /* connection data */ else { /* print the error number and error string */ const char *err_name = nss_error_to_name(err); - infof(conn->data, "SSL write: error %d (%s)\n", err, err_name); + infof(data, "SSL write: error %d (%s)\n", err, err_name); /* print a human-readable message describing the error if available */ nss_print_error_message(conn->data, err); @@ -2298,19 +2301,20 @@ static ssize_t nss_send(struct connectdata *conn, /* connection data */ return rc; /* number of bytes */ } -static ssize_t nss_recv(struct connectdata *conn, /* connection data */ +static ssize_t nss_recv(struct Curl_easy *data, /* transfer */ int sockindex, /* socketindex */ char *buf, /* store read data here */ size_t buffersize, /* max amount to read */ CURLcode *curlcode) { + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; struct ssl_backend_data *backend = connssl->backend; ssize_t nread; /* The SelectClientCert() hook uses this for infof() and failf() but the handle stored in nss_setup_connect() could have already been freed. */ - backend->data = conn->data; + backend->data = data; nread = PR_Recv(backend->handle, buf, (int)buffersize, 0, PR_INTERVAL_NO_WAIT); @@ -2323,7 +2327,7 @@ static ssize_t nss_recv(struct connectdata *conn, /* connection data */ else { /* print the error number and error string */ const char *err_name = nss_error_to_name(err); - infof(conn->data, "SSL read: errno %d (%s)\n", err, err_name); + infof(data, "SSL read: errno %d (%s)\n", err, err_name); /* print a human-readable message describing the error if available */ nss_print_error_message(conn->data, err); diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 15e0235fc..319d27deb 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -1433,7 +1433,7 @@ static int ossl_shutdown(struct connectdata *conn, int sockindex) default: /* openssl/ssl.h says "look at error stack/return value/errno" */ sslerror = ERR_get_error(); - failf(conn->data, OSSL_PACKAGE " SSL_read on shutdown: %s, errno %d", + failf(data, OSSL_PACKAGE " SSL_read on shutdown: %s, errno %d", (sslerror ? ossl_strerror(sslerror, buf, sizeof(buf)) : SSL_ERROR_to_str(err)), @@ -2206,15 +2206,15 @@ select_next_proto_cb(SSL *ssl, const unsigned char *in, unsigned int inlen, void *arg) { - struct connectdata *conn = (struct connectdata*) arg; - + struct Curl_easy *data = (struct Curl_easy *)arg; + struct connectdata *conn = data->conn; (void)ssl; #ifdef USE_NGHTTP2 - if(conn->data->set.httpversion >= CURL_HTTP_VERSION_2 && + if(data->set.httpversion >= CURL_HTTP_VERSION_2 && !select_next_protocol(out, outlen, in, inlen, NGHTTP2_PROTO_VERSION_ID, NGHTTP2_PROTO_VERSION_ID_LEN)) { - infof(conn->data, "NPN, negotiated HTTP2 (%s)\n", + infof(data, "NPN, negotiated HTTP2 (%s)\n", NGHTTP2_PROTO_VERSION_ID); conn->negnpn = CURL_HTTP_VERSION_2; return SSL_TLSEXT_ERR_OK; @@ -2223,12 +2223,12 @@ select_next_proto_cb(SSL *ssl, if(!select_next_protocol(out, outlen, in, inlen, ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH)) { - infof(conn->data, "NPN, negotiated HTTP1.1\n"); + infof(data, "NPN, negotiated HTTP1.1\n"); conn->negnpn = CURL_HTTP_VERSION_1_1; return SSL_TLSEXT_ERR_OK; } - infof(conn->data, "NPN, no overlap, use HTTP1.1\n"); + infof(data, "NPN, no overlap, use HTTP1.1\n"); *out = (unsigned char *)ALPN_HTTP_1_1; *outlen = ALPN_HTTP_1_1_LENGTH; conn->negnpn = CURL_HTTP_VERSION_1_1; @@ -2729,7 +2729,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) #ifdef HAS_NPN if(conn->bits.tls_enable_npn) - SSL_CTX_set_next_proto_select_cb(backend->ctx, select_next_proto_cb, conn); + SSL_CTX_set_next_proto_select_cb(backend->ctx, select_next_proto_cb, data); #endif #ifdef HAS_ALPN @@ -3385,7 +3385,7 @@ static CURLcode ossl_connect_step2(struct connectdata *conn, int sockindex) else infof(data, "ALPN, server did not agree to a protocol\n"); - Curl_multiuse_state(conn, conn->negnpn == CURL_HTTP_VERSION_2 ? + Curl_multiuse_state(data, conn->negnpn == CURL_HTTP_VERSION_2 ? BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE); } #endif @@ -4130,7 +4130,7 @@ static bool ossl_data_pending(const struct connectdata *conn, static size_t ossl_version(char *buffer, size_t size); -static ssize_t ossl_send(struct connectdata *conn, +static ssize_t ossl_send(struct Curl_easy *data, int sockindex, const void *mem, size_t len, @@ -4143,6 +4143,7 @@ static ssize_t ossl_send(struct connectdata *conn, unsigned long sslerror; int memlen; int rc; + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; struct ssl_backend_data *backend = connssl->backend; @@ -4174,7 +4175,7 @@ static ssize_t ossl_send(struct connectdata *conn, strncpy(error_buffer, SSL_ERROR_to_str(err), sizeof(error_buffer)); error_buffer[sizeof(error_buffer) - 1] = '\0'; } - failf(conn->data, OSSL_PACKAGE " SSL_write: %s, errno %d", + failf(data, OSSL_PACKAGE " SSL_write: %s, errno %d", error_buffer, sockerr); *curlcode = CURLE_SEND_ERROR; return -1; @@ -4192,17 +4193,16 @@ static ssize_t ossl_send(struct connectdata *conn, ) { char ver[120]; ossl_version(ver, 120); - failf(conn->data, "Error: %s does not support double SSL tunneling.", - ver); + failf(data, "Error: %s does not support double SSL tunneling.", ver); } else - failf(conn->data, "SSL_write() error: %s", + failf(data, "SSL_write() error: %s", ossl_strerror(sslerror, error_buffer, sizeof(error_buffer))); *curlcode = CURLE_SEND_ERROR; return -1; } /* a true error */ - failf(conn->data, OSSL_PACKAGE " SSL_write: %s, errno %d", + failf(data, OSSL_PACKAGE " SSL_write: %s, errno %d", SSL_ERROR_to_str(err), SOCKERRNO); *curlcode = CURLE_SEND_ERROR; return -1; @@ -4211,7 +4211,7 @@ static ssize_t ossl_send(struct connectdata *conn, return (ssize_t)rc; /* number of bytes */ } -static ssize_t ossl_recv(struct connectdata *conn, /* connection data */ +static ssize_t ossl_recv(struct Curl_easy *data, /* transfer */ int num, /* socketindex */ char *buf, /* store read data here */ size_t buffersize, /* max amount to read */ @@ -4221,6 +4221,7 @@ static ssize_t ossl_recv(struct connectdata *conn, /* connection data */ unsigned long sslerror; ssize_t nread; int buffsize; + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[num]; struct ssl_backend_data *backend = connssl->backend; diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 8c195b0f4..4f647bd5d 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -5,9 +5,9 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * + * Copyright (C) 2012 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 2012 - 2016, Marc Hoersken, <info@marc-hoersken.de> * Copyright (C) 2012, Mark Salisbury, <mark.salisbury@hp.com> - * Copyright (C) 2012 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -956,7 +956,7 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) "sending %lu bytes...\n", outbuf.cbBuffer)); /* send initial handshake data which is now stored in output buffer */ - result = Curl_write_plain(conn, conn->sock[sockindex], outbuf.pvBuffer, + result = Curl_write_plain(data, conn->sock[sockindex], outbuf.pvBuffer, outbuf.cbBuffer, &written); s_pSecFn->FreeContextBuffer(outbuf.pvBuffer); if((result != CURLE_OK) || (outbuf.cbBuffer != (size_t) written)) { @@ -1153,7 +1153,7 @@ schannel_connect_step2(struct connectdata *conn, int sockindex) "sending %lu bytes...\n", outbuf[i].cbBuffer)); /* send handshake token to server */ - result = Curl_write_plain(conn, conn->sock[sockindex], + result = Curl_write_plain(data, conn->sock[sockindex], outbuf[i].pvBuffer, outbuf[i].cbBuffer, &written); if((result != CURLE_OK) || @@ -1305,7 +1305,7 @@ cert_counter_callback(const CERT_CONTEXT *ccert_context, void *certs_count) struct Adder_args { - struct connectdata *conn; + struct Curl_easy *data; CURLcode result; int idx; int certs_count; @@ -1320,7 +1320,8 @@ add_cert_to_certinfo(const CERT_CONTEXT *ccert_context, void *raw_arg) const char *beg = (const char *) ccert_context->pbCertEncoded; const char *end = beg + ccert_context->cbCertEncoded; int insert_index = (args->certs_count - 1) - args->idx; - args->result = Curl_extract_certinfo(args->conn, insert_index, beg, end); + args->result = Curl_extract_certinfo(args->data, insert_index, + beg, end); args->idx++; } return args->result == CURLE_OK; @@ -1400,7 +1401,7 @@ schannel_connect_step3(struct connectdata *conn, int sockindex) } else infof(data, "ALPN, server did not agree to a protocol\n"); - Curl_multiuse_state(conn, conn->negnpn == CURL_HTTP_VERSION_2 ? + Curl_multiuse_state(data, conn->negnpn == CURL_HTTP_VERSION_2 ? BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE); } #endif @@ -1458,7 +1459,7 @@ schannel_connect_step3(struct connectdata *conn, int sockindex) result = Curl_ssl_init_certinfo(data, certs_count); if(!result) { struct Adder_args args; - args.conn = conn; + args.data = data; args.idx = 0; args.certs_count = certs_count; traverse_cert_store(ccert_context, add_cert_to_certinfo, &args); @@ -1597,12 +1598,13 @@ schannel_connect_common(struct connectdata *conn, int sockindex, } static ssize_t -schannel_send(struct connectdata *conn, int sockindex, +schannel_send(struct Curl_easy *data, int sockindex, const void *buf, size_t len, CURLcode *err) { ssize_t written = -1; size_t data_len = 0; - unsigned char *data = NULL; + unsigned char *ptr = NULL; + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; SecBuffer outbuf[4]; SecBufferDesc outbuf_desc; @@ -1629,19 +1631,19 @@ schannel_send(struct connectdata *conn, int sockindex, /* calculate the complete message length and allocate a buffer for it */ data_len = BACKEND->stream_sizes.cbHeader + len + BACKEND->stream_sizes.cbTrailer; - data = (unsigned char *) malloc(data_len); - if(data == NULL) { + ptr = (unsigned char *) malloc(data_len); + if(!ptr) { *err = CURLE_OUT_OF_MEMORY; return -1; } /* setup output buffers (header, data, trailer, empty) */ InitSecBuffer(&outbuf[0], SECBUFFER_STREAM_HEADER, - data, BACKEND->stream_sizes.cbHeader); + ptr, BACKEND->stream_sizes.cbHeader); InitSecBuffer(&outbuf[1], SECBUFFER_DATA, - data + BACKEND->stream_sizes.cbHeader, curlx_uztoul(len)); + ptr + BACKEND->stream_sizes.cbHeader, curlx_uztoul(len)); InitSecBuffer(&outbuf[2], SECBUFFER_STREAM_TRAILER, - data + BACKEND->stream_sizes.cbHeader + len, + ptr + BACKEND->stream_sizes.cbHeader + len, BACKEND->stream_sizes.cbTrailer); InitSecBuffer(&outbuf[3], SECBUFFER_EMPTY, NULL, 0); InitSecBufferDesc(&outbuf_desc, outbuf, 4); @@ -1680,10 +1682,10 @@ schannel_send(struct connectdata *conn, int sockindex, while(len > (size_t)written) { ssize_t this_write = 0; int what; - timediff_t timeout_ms = Curl_timeleft(conn->data, NULL, FALSE); + timediff_t timeout_ms = Curl_timeleft(data, NULL, FALSE); if(timeout_ms < 0) { /* we already got the timeout */ - failf(conn->data, "schannel: timed out sending data " + failf(data, "schannel: timed out sending data " "(bytes sent: %zd)", written); *err = CURLE_OPERATION_TIMEDOUT; written = -1; @@ -1694,13 +1696,13 @@ schannel_send(struct connectdata *conn, int sockindex, what = SOCKET_WRITABLE(conn->sock[sockindex], timeout_ms); if(what < 0) { /* fatal error */ - failf(conn->data, "select/poll on SSL socket, errno: %d", SOCKERRNO); + failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO); *err = CURLE_SEND_ERROR; written = -1; break; } else if(0 == what) { - failf(conn->data, "schannel: timed out sending data " + failf(data, "schannel: timed out sending data " "(bytes sent: %zd)", written); *err = CURLE_OPERATION_TIMEDOUT; written = -1; @@ -1708,7 +1710,7 @@ schannel_send(struct connectdata *conn, int sockindex, } /* socket is writable */ - result = Curl_write_plain(conn, conn->sock[sockindex], data + written, + result = Curl_write_plain(data, conn->sock[sockindex], ptr + written, len - written, &this_write); if(result == CURLE_AGAIN) continue; @@ -1728,7 +1730,7 @@ schannel_send(struct connectdata *conn, int sockindex, *err = CURLE_SEND_ERROR; } - Curl_safefree(data); + Curl_safefree(ptr); if(len == (size_t)written) /* Encrypted message including header, data and trailer entirely sent. @@ -1739,12 +1741,12 @@ schannel_send(struct connectdata *conn, int sockindex, } static ssize_t -schannel_recv(struct connectdata *conn, int sockindex, +schannel_recv(struct Curl_easy *data, int sockindex, char *buf, size_t len, CURLcode *err) { size_t size = 0; ssize_t nread = -1; - struct Curl_easy *data = conn->data; + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; unsigned char *reallocated_buffer; size_t reallocated_length; @@ -2181,7 +2183,7 @@ static int Curl_schannel_shutdown(struct connectdata *conn, int sockindex) if((sspi_status == SEC_E_OK) || (sspi_status == SEC_I_CONTEXT_EXPIRED)) { /* send close message which is in output buffer */ ssize_t written; - result = Curl_write_plain(conn, conn->sock[sockindex], outbuf.pvBuffer, + result = Curl_write_plain(data, conn->sock[sockindex], outbuf.pvBuffer, outbuf.cbBuffer, &written); s_pSecFn->FreeContextBuffer(outbuf.pvBuffer); diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c index 8ef60cb1f..aae614946 100644 --- a/lib/vtls/sectransp.c +++ b/lib/vtls/sectransp.c @@ -5,8 +5,8 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * + * Copyright (C) 2012 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 2012 - 2017, Nick Zitzmann, <nickzman@gmail.com>. - * Copyright (C) 2012 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -2693,7 +2693,7 @@ sectransp_connect_step2(struct connectdata *conn, int sockindex) else infof(data, "ALPN, server did not agree to a protocol\n"); - Curl_multiuse_state(conn, conn->negnpn == CURL_HTTP_VERSION_2 ? + Curl_multiuse_state(data, conn->negnpn == CURL_HTTP_VERSION_2 ? BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE); /* chosenProtocol is a reference to the string within alpnArr @@ -3157,13 +3157,13 @@ static bool Curl_sectransp_false_start(void) return FALSE; } -static ssize_t sectransp_send(struct connectdata *conn, +static ssize_t sectransp_send(struct Curl_easy *data, int sockindex, const void *mem, size_t len, CURLcode *curlcode) { - /*struct Curl_easy *data = conn->data;*/ + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; struct ssl_backend_data *backend = connssl->backend; size_t processed = 0UL; @@ -3215,7 +3215,7 @@ static ssize_t sectransp_send(struct connectdata *conn, *curlcode = CURLE_AGAIN; return -1L; default: - failf(conn->data, "SSLWrite() returned error %d", err); + failf(data, "SSLWrite() returned error %d", err); *curlcode = CURLE_SEND_ERROR; return -1L; } @@ -3224,13 +3224,13 @@ static ssize_t sectransp_send(struct connectdata *conn, return (ssize_t)processed; } -static ssize_t sectransp_recv(struct connectdata *conn, +static ssize_t sectransp_recv(struct Curl_easy *data, int num, char *buf, size_t buffersize, CURLcode *curlcode) { - /*struct Curl_easy *data = conn->data;*/ + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[num]; struct ssl_backend_data *backend = connssl->backend; size_t processed = 0UL; @@ -3269,7 +3269,7 @@ static ssize_t sectransp_recv(struct connectdata *conn, } goto again; default: - failf(conn->data, "SSLRead() return error %d", err); + failf(data, "SSLRead() return error %d", err); *curlcode = CURLE_RECV_ERROR; return -1L; break; diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index f459399e5..be3c2c510 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -735,7 +735,7 @@ wolfssl_connect_step2(struct connectdata *conn, else infof(data, "ALPN, unrecognized protocol %.*s\n", protocol_len, protocol); - Curl_multiuse_state(conn, conn->negnpn == CURL_HTTP_VERSION_2 ? + Curl_multiuse_state(data, conn->negnpn == CURL_HTTP_VERSION_2 ? BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE); } else if(rc == SSL_ALPN_NOT_FOUND) @@ -807,12 +807,13 @@ wolfssl_connect_step3(struct connectdata *conn, } -static ssize_t wolfssl_send(struct connectdata *conn, - int sockindex, - const void *mem, - size_t len, - CURLcode *curlcode) +static ssize_t wolfssl_send(struct Curl_easy *data, + int sockindex, + const void *mem, + size_t len, + CURLcode *curlcode) { + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; struct ssl_backend_data *backend = connssl->backend; char error_buffer[WOLFSSL_MAX_ERROR_SZ]; @@ -829,7 +830,7 @@ static ssize_t wolfssl_send(struct connectdata *conn, *curlcode = CURLE_AGAIN; return -1; default: - failf(conn->data, "SSL write: %s, errno %d", + failf(data, "SSL write: %s, errno %d", ERR_error_string(err, error_buffer), SOCKERRNO); *curlcode = CURLE_SEND_ERROR; @@ -855,12 +856,13 @@ static void wolfssl_close(struct connectdata *conn, int sockindex) } } -static ssize_t wolfssl_recv(struct connectdata *conn, +static ssize_t wolfssl_recv(struct Curl_easy *data, int num, char *buf, size_t buffersize, CURLcode *curlcode) { + struct connectdata *conn = data->conn; struct ssl_connect_data *connssl = &conn->ssl[num]; struct ssl_backend_data *backend = connssl->backend; char error_buffer[WOLFSSL_MAX_ERROR_SZ]; @@ -879,9 +881,8 @@ static ssize_t wolfssl_recv(struct connectdata *conn, *curlcode = CURLE_AGAIN; return -1; default: - failf(conn->data, "SSL read: %s, errno %d", - ERR_error_string(err, error_buffer), - SOCKERRNO); + failf(data, "SSL read: %s, errno %d", + ERR_error_string(err, error_buffer), SOCKERRNO); *curlcode = CURLE_RECV_ERROR; return -1; } |