* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
#include "cookie.h"
#include "formdata.h"
+#ifdef USE_SSLEAY
#ifdef USE_OPENSSL
+#include <openssl/rsa.h>
+#include <openssl/crypto.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
#include <openssl/ssl.h>
+#include <openssl/err.h>
#ifdef HAVE_OPENSSL_ENGINE_H
#include <openssl/engine.h>
#endif
+#ifdef HAVE_OPENSSL_PKCS12_H
+#include <openssl/pkcs12.h>
+#endif
+#else /* SSLeay-style includes */
+#include <rsa.h>
+#include <crypto.h>
+#include <x509.h>
+#include <pem.h>
+#include <ssl.h>
+#include <err.h>
+#ifdef HAVE_OPENSSL_ENGINE_H
+#include <engine.h>
+#endif
+#ifdef HAVE_OPENSSL_PKCS12_H
+#include <pkcs12.h>
+#endif
#endif /* USE_OPENSSL */
+#ifdef USE_GNUTLS
+#error Configuration error; cannot use GnuTLS *and* OpenSSL.
+#endif
+#endif /* USE_SSLEAY */
#ifdef USE_GNUTLS
#include <gnutls/gnutls.h>
#endif
#ifdef USE_AXTLS
-#include <axTLS/config.h>
#include <axTLS/ssl.h>
#undef malloc
#undef calloc
#define HEADERSIZE 256
#define CURLEASY_MAGIC_NUMBER 0xc0dedbadU
-#define GOOD_EASY_HANDLE(x) \
- ((x) && (((struct SessionHandle *)(x))->magic == CURLEASY_MAGIC_NUMBER))
/* Some convenience macros to get the larger/smaller value out of two given.
We prefix with CURL to prevent name collisions. */
current state of the connection. */
bool use;
ssl_connection_state state;
-#ifdef USE_OPENSSL
+#ifdef USE_NGHTTP2
+ bool asked_for_h2;
+#endif
+#ifdef USE_SSLEAY
/* these ones requires specific SSL-types */
SSL_CTX* ctx;
SSL* handle;
X509* server_cert;
ssl_connect_state connecting_state;
-#endif /* USE_OPENSSL */
+#endif /* USE_SSLEAY */
#ifdef USE_GNUTLS
gnutls_session_t session;
gnutls_certificate_credentials_t cred;
size_t encdata_offset, decdata_offset;
unsigned char *encdata_buffer, *decdata_buffer;
unsigned long req_flags, ret_flags;
- CURLcode recv_unrecoverable_err; /* schannel_recv had an unrecoverable err */
- bool recv_sspi_close_notify; /* true if connection closed by close_notify */
- bool recv_connection_closed; /* true if connection closed, regardless how */
#endif /* USE_SCHANNEL */
#ifdef USE_DARWINSSL
SSLContextRef ssl_ctx;
bool verifypeer; /* set TRUE if this is desired */
bool verifyhost; /* set TRUE if CN/SAN must match hostname */
- bool verifystatus; /* set TRUE if certificate status must be checked */
char *CApath; /* certificate dir (doesn't work on windows) */
char *CAfile; /* certificate to verify peer against */
const char *CRLfile; /* CRL to check certificate revocation */
void *fsslctxp; /* parameter for call back */
bool sessionid; /* cache session IDs or not */
bool certinfo; /* gather lots of certificate info */
- bool falsestart;
#ifdef USE_TLS_SRP
char *username; /* TLS username (for, e.g., SRP) */
requests */
bool netrc; /* name+password provided by netrc */
bool userpwd_in_url; /* name+password found in url */
+
+ bool done; /* set to FALSE when Curl_do() is called and set to TRUE
+ when Curl_done() is called, to prevent Curl_done() to
+ get invoked twice when the multi interface is
+ used. */
bool stream_was_rewound; /* Indicates that the stream was rewound after a
request read past the end of its response byte
boundary */
bool bound; /* set true if bind() has already been done on this socket/
connection */
bool type_set; /* type= was used in the URL */
- bool multiplex; /* connection is multiplexed */
};
struct hostname {
UPGR101_WORKING /* talking upgraded protocol */
};
+enum negotiatenpn {
+ NPN_INIT, /* default state */
+ NPN_HTTP1_1, /* HTTP/1.1 negotiated */
+ NPN_HTTP2 /* HTTP2 (draft-xx) negotiated */
+};
+
/*
* Request specific data in the easy handle (SessionHandle). Previously,
* these members were on the connectdata struct but since a conn struct may
#define IDENTITY 0 /* No encoding */
#define DEFLATE 1 /* zlib deflate [RFC 1950 & 1951] */
#define GZIP 2 /* gzip algorithm [RFC 1952] */
+#define COMPRESS 3 /* Not handled, added for completeness */
#ifdef HAVE_LIBZ
zlibInitState zlib_init; /* possible zlib init state;
/*************** Request - specific items ************/
+ /* previously this was in the urldata struct */
+ curl_read_callback fread_func; /* function that reads the input */
+ void *fread_in; /* pointer to pass to the fread() above */
+
#if defined(USE_NTLM)
struct ntlmdata ntlm; /* NTLM differs from other authentication schemes
because it authenticates connections, not
} tunnel_state[2]; /* two separate ones to allow FTP */
struct connectbundle *bundle; /* The bundle we are member of */
- int negnpn; /* APLN or NPN TLS negotiated protocol, CURL_HTTP_VERSION* */
+ enum negotiatenpn negnpn;
};
/* The end of connectdata. */
void *resolver; /* resolver state, if it is used in the URL state -
ares_channel f.e. */
-#if defined(USE_OPENSSL) && defined(HAVE_OPENSSL_ENGINE_H)
+#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)
ENGINE *engine;
-#endif /* USE_OPENSSL */
+#endif /* USE_SSLEAY */
struct timeval expiretime; /* set this with Curl_expire() only */
struct Curl_tree timenode; /* for the splay stuff */
struct curl_llist *timeoutlist; /* list of pending timeouts */
curl_off_t infilesize; /* size of file to upload, -1 means unknown.
Copied from set.filesize at start of operation */
-
- int drain; /* Increased when this stream has data to read, even if its
- socket not necessarily is readable. Decreased when
- checked. */
- bool done; /* set to FALSE when Curl_do() is called and set to TRUE when
- Curl_done() is called, to prevent Curl_done() to get invoked
- twice when the multi interface is used. */
};
#endif
#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
STRING_SOCKS5_GSSAPI_SERVICE, /* GSSAPI service name */
- STRING_PROXY_SERVICE_NAME, /* Proxy service name */
- STRING_SERVICE_NAME, /* Service name */
#endif
STRING_MAIL_FROM,
STRING_MAIL_AUTH,
long proxyport; /* If non-zero, use this port number by default. If the
proxy string features a ":[port]" that one will override
this. */
- void *out; /* CURLOPT_WRITEDATA */
- void *in; /* CURLOPT_READDATA */
+ void *out; /* the fetched file goes here */
+ void *in; /* the uploaded file is read from here */
void *writeheader; /* write the header to this if non-NULL */
void *rtp_out; /* write RTP to this if non-NULL */
long use_port; /* which port to use (when not using default) */
bool connect_only; /* make connection, let application use the socket */
bool ssl_enable_beast; /* especially allow this flaw for interoperability's
sake*/
- bool ssl_no_revoke; /* disable SSL certificate revocation checks */
long ssh_auth_types; /* allowed SSH auth types */
bool http_te_skip; /* pass the raw body data to the user, even when
transfer-encoded (chunked, compressed) */
bool ssl_enable_npn; /* TLS NPN extension? */
bool ssl_enable_alpn; /* TLS ALPN extension? */
- bool path_as_is; /* allow dotdots? */
- bool pipewait; /* wait for pipe/multiplex status before starting a
- new connection */
+
long expect_100_timeout; /* in milliseconds */
};