Commit bdb06205 authored by Gisle Vanem's avatar Gisle Vanem
Browse files

Added handling of CURLINFO_SSL_ENGINES; 

Added Curl_SSL_engines_list(), cleanup SSL in url.c
(no HAVE_OPENSSL_x etc.).
parent be9ea07e

lib/ssluse.c

+78 −2
Original line number Diff line number Diff line
@@ -482,6 +482,77 @@ void Curl_SSL_Close(struct connectdata *conn) 
}

#endif





/* Selects an OpenSSL crypto engine

 */

CURLcode Curl_SSL_set_engine(struct SessionHandle *data, const char *engine)

{

#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)

  ENGINE *e = ENGINE_by_id(engine);



  if (!e) {

    failf(data, "SSL Engine '%s' not found", engine);

    return (CURLE_SSL_ENGINE_NOTFOUND);

  }



  if (data->engine) {

    ENGINE_finish(data->engine);

    ENGINE_free(data->engine);

  }

  data->engine = NULL;

  if (!ENGINE_init(e)) {

    ENGINE_free(e);

    failf(data, "Failed to initialise SSL Engine '%s'", engine);

    return (CURLE_SSL_ENGINE_INITFAILED);

  }

  data->engine = e;

  return (CURLE_OK);

#else

  failf(data, "SSL Engine not supported");

  return (CURLE_SSL_ENGINE_NOTFOUND);

#endif

}



/* Sets above engine as default for all SSL operations

 */

CURLcode Curl_SSL_set_engine_default(struct SessionHandle *data)

{

#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)

  if (data->engine) {

    if (ENGINE_set_default(data->engine, ENGINE_METHOD_ALL) > 0) {

      infof(data,"set default crypto engine %s\n", data->engine);

    }

    else {

      failf(data, "set default crypto engine %s failed", data->engine);

      return CURLE_SSL_ENGINE_SETFAILED;

    }

  }

#else

  (void) data;

#endif

  return (CURLE_OK);

}



/* Build the list of OpenSSL crypto engine names. Add to

 * linked list at data->engine_list.

 */

CURLcode Curl_SSL_engines_list(struct SessionHandle *data)

{

#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)

  ENGINE *e;



  /* Free previous list */

  if (data->engine_list)

    curl_slist_free_all(data->engine_list);



  data->engine_list = NULL;

  for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))

    data->engine_list = curl_slist_append(data->engine_list, ENGINE_get_id(e));

#endif

  return (CURLE_OK);

}





#ifdef USE_SSLEAY



/*
@@ -620,11 +691,15 @@ int Curl_SSL_Close_All(struct SessionHandle *data) 
    free(data->state.session);

  }

#ifdef HAVE_OPENSSL_ENGINE_H

  if(data->engine)

  {

  if(data->engine) {

    ENGINE_finish(data->engine);

    ENGINE_free(data->engine);

    data->engine = NULL;

  }

  if (data->engine_list)

    curl_slist_free_all(data->engine_list);

  data->engine_list = NULL;



#endif

  return 0;

}
@@ -1483,3 +1558,4 @@ Curl_SSLConnect(struct connectdata *conn, 
#endif

  return retcode;

}

lib/ssluse.h

+16 −6
Original line number Diff line number Diff line
@@ -35,4 +35,14 @@ void Curl_SSL_Close(struct connectdata *conn); /* close a SSL connection */ 
/* tell the SSL stuff to close down all open information regarding

   connections (and thus session ID caching etc) */

int Curl_SSL_Close_All(struct SessionHandle *data);



/* Sets an OpenSSL engine */

CURLcode Curl_SSL_set_engine(struct SessionHandle *data, const char *engine);



/* Sets above engine as default for all SSL operations */

CURLcode Curl_SSL_set_engine_default(struct SessionHandle *data);



/* Build list of OpenSSL engines */

CURLcode Curl_SSL_engines_list(struct SessionHandle *data);



#endif

lib/strerror.c

+3 −0
Original line number Diff line number Diff line
@@ -200,6 +200,9 @@ curl_easy_strerror(CURLcode error) 
  case CURLE_SSL_ENGINE_SETFAILED:

    return "can not set SSL crypto engine as default";



  case CURLE_SSL_ENGINE_INITFAILED:

    return "failed to initialise SSL crypto engine";



  case CURLE_SEND_ERROR:

    return "failed sending data to the peer";

lib/url.c

+3 −36
Original line number Diff line number Diff line
@@ -97,9 +97,6 @@ void idn_free (void *ptr); /* prototype from idn-free.h, not provided by 
#endif

#endif



#ifdef HAVE_OPENSSL_ENGINE_H

#include <openssl/engine.h>

#endif

#include "urldata.h"

#include "netrc.h"
@@ -1150,45 +1147,15 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, ...) 
     * String that holds the SSL crypto engine.

     */

    argptr = va_arg(param, char *);

    if (argptr && argptr[0]) {

#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)

      ENGINE *e = ENGINE_by_id(argptr);

      if (e) {

        if (data->engine) {

          ENGINE_free(data->engine);

        }

        data->engine = e;

      }

      else {

        failf(data, "SSL Engine '%s' not found", argptr);

        result = CURLE_SSL_ENGINE_NOTFOUND;

      }

#else

      failf(data, "SSL Engine not supported");

      result = CURLE_SSL_ENGINE_NOTFOUND;

#endif

    }

    if (argptr && argptr[0])

       result = Curl_SSL_set_engine(data, argptr);

    break;



  case CURLOPT_SSLENGINE_DEFAULT:

    /*

     * flag to set engine as default.

     */

#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)

    if (data->engine) {

      if (ENGINE_set_default(data->engine, ENGINE_METHOD_ALL) > 0) {

#ifdef DEBUG

        fprintf(stderr,"set default crypto engine\n");

#endif

      }

      else {

#ifdef DEBUG

        failf(data, "set default crypto engine failed");

#endif

        return CURLE_SSL_ENGINE_SETFAILED;

      }

    }

#endif

    result = Curl_SSL_set_engine_default(data);

    break;

  case CURLOPT_CRLF:

    /*

lib/urldata.h

+2 −1
Original line number Diff line number Diff line
@@ -975,6 +975,7 @@ struct SessionHandle { 
  struct PureInfo info;        /* stats, reports and info data */

#if defined(USE_SSLEAY) && defined(HAVE_OPENSSL_ENGINE_H)

  ENGINE *engine;

  struct curl_slist *engine_list; /* list of names from ENGINE_get_id() */

#endif /* USE_SSLEAY */

};