- I did a cleanup of the internal generic SSL layer and how the various SSL

                                  Changelog

Daniel Stenberg (11 Jun 2008)

- I did a cleanup of the internal generic SSL layer and how the various SSL

  libraries are supported. Starting now, each underlying SSL library support

  code does a set of defines for the 16 functions the generic layer (sslgen.c)

  uses (all these new function defines use the prefix "curlssl_"). This

  greatly simplified the generic layer in readability by involving much less

  #ifdefs and other preprocessor stuff and should make it easier for people to

  make libcurl work with new SSL libraries.

  Hopefully I can later on document these 16 functions somewhat as well.

  I also made most of the internal SSL-dependent functions (using Curl_ssl_

  prefix) #defined to nothing when no SSL support is requested - previously

  they would unnecessarily call mostly empty functions.

  I've built libcurl with OpenSSL and GnuTLS and without SSL to test this and

  I've also tried building with NSS but the NSS support is a mystery to me and

  I failed to build libcurl with the NSS libraries I have installed. We really

  should A) improve our configure script to detect unsuitable NSS versions

  already at configure time and B) document our requirements better for the

  SSL libraries.

Daniel Stenberg (10 Jun 2008)

- I made the OpenSSL code build again with OpenSSL 0.9.6. The CRLFILE

  functionality killed it due to its unconditional use of

 *

 * $Id$

 ***************************************************************************/

#ifdef USE_GNUTLS

int Curl_gtls_init(void);

int Curl_gtls_cleanup(void);

CURLcode Curl_gtls_connect(struct connectdata *conn, int sockindex);

size_t Curl_gtls_version(char *buffer, size_t size);

int Curl_gtls_shutdown(struct connectdata *conn, int sockindex);

/* API setup for GnuTLS */

#define curlssl_init Curl_gtls_init

#define curlssl_cleanup Curl_gtls_cleanup

#define curlssl_connect Curl_gtls_connect

#define curlssl_session_free(x)  Curl_gtls_session_free(x)

#define curlssl_close_all Curl_gtls_close_all

#define curlssl_close Curl_gtls_close

#define curlssl_shutdown(x,y) Curl_gtls_shutdown(x,y)

#define curlssl_set_engine(x,y) (x=x, y=y, CURLE_FAILED_INIT)

#define curlssl_set_engine_default(x) (x=x, CURLE_FAILED_INIT)

#define curlssl_engines_list(x) (x=x, NULL)

#define curlssl_send Curl_gtls_send

#define curlssl_recv Curl_gtls_recv

#define curlssl_version Curl_gtls_version

#define curlssl_check_cxn(x) (x=x, -1)

#define curlssl_data_pending(x,y) (x=x, y=y, 0)

#endif /* USE_GNUTLS */

#endif

 * issuer check, so we provide comments that mimic the OpenSSL

 * X509_check_issued function (in x509v3/v3_purp.c)

 */

static SECStatus check_issuer_cert(struct connectdata *conn, PRFileDesc *sock,

static SECStatus check_issuer_cert(struct connectdata *conn,

                                   PRFileDesc *sock,

                                   char* issuer_nickname)

{

  CERTCertificate *cert,*cert_issuer,*issuer;

 *                            | (__| |_| |  _ <| |___

 *                             \___|\___/|_| \_\_____|

 *

 * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.

 * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.

 *

 * This software is licensed as described in the file COPYING, which

 * you should have received as part of this distribution. The terms

 * $Id$

 ***************************************************************************/

#ifdef USE_NSS

/*

 * This header should only be needed to get included by sslgen.c and nss.c

 */

int Curl_nss_check_cxn(struct connectdata *cxn);

int Curl_nss_seed(struct SessionHandle *data);

/* API setup for NSS */

#define curlssl_init Curl_nss_init

#define curlssl_cleanup Curl_nss_cleanup

#define curlssl_connect Curl_nss_connect

/* NSS has its own session ID cache */

#define curlssl_session_free(x)

#define curlssl_close_all Curl_nss_close_all

#define curlssl_close Curl_nss_close

/* NSS has no shutdown function provided and thus always fail */

#define curlssl_shutdown(x,y) (x=x, y=y, 1)

#define curlssl_set_engine(x,y) (x=x, y=y, CURLE_FAILED_INIT)

#define curlssl_set_engine_default(x) (x=x, CURLE_FAILED_INIT)

#define curlssl_engines_list(x) (x=x, NULL)

#define curlssl_send Curl_nss_send

#define curlssl_recv Curl_nss_recv

#define curlssl_version Curl_nss_version

#define curlssl_check_cxn(x) Curl_nss_check_cxn(x)

#define curlssl_data_pending(x,y) (x=x, y=y, 0)

#endif /* USE_NSS */

#endif

 *                            | (__| |_| |  _ <| |___

 *                             \___|\___/|_| \_\_____|

 *

 * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.

 * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.

 *

 * This software is licensed as described in the file COPYING, which

 * you should have received as part of this distribution. The terms

#include "urldata.h"

#ifdef USE_QSOSSL

int Curl_qsossl_init(void);

void Curl_qsossl_cleanup(void);

CURLcode Curl_qsossl_connect(struct connectdata * conn, int sockindex);

size_t Curl_qsossl_version(char * buffer, size_t size);

int Curl_qsossl_check_cxn(struct connectdata * cxn);

/* API setup for QsoSSL */

#define curlssl_init Curl_qossl_init

#define curlssl_cleanup Curl_qossl_cleanup

#define curlssl_connect Curl_qossl_connect

/*  No session handling for QsoSSL */

#define curlssl_session_free(x)

#define curlssl_close_all Curl_qsossl_close_all

#define curlssl_close Curl_qsossl_close

#define curlssl_shutdown(x,y) Curl_qsossl_shutdown(x,y)

#define curlssl_set_engine(x,y) CURLE_FAILED_INIT

#define curlssl_set_engine_default(x) CURLE_FAILED_INIT

#define curlssl_engines_list(x) NULL

#define curlssl_send Curl_qsossl_send

#define curlssl_recv Curl_qsossl_recv

#define curlssl_version Curl_qsossl_version

#define curlssl_check_cxn(x) Curl_qsossl_check_cxn(x)

#define curlssl_data_pending(x,y) 0

#endif /* USE_QSOSSL */

#endif