generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

mbedtls: Fix ALPN support

Browse Source 
- Fix ALPN reply detection.

- Wrap nghttp2 code in ifdef USE_NGHTTP2.


Prior to this change ALPN and HTTP/2 did not work properly in mbedTLS.
This commit is contained in:
Jay Satiro 2016-01-07 01:49:31 -05:00
parent 973ee6bdd3
commit 89a1eb7b1c
1 changed files with 23 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
lib/vtls/mbedtls.c
View File

@ -374,15 +374,21 @@ mbedtls_connect_step1(struct connectdata *conn,
} }
#ifdef HAS_ALPN #ifdef HAS_ALPN
if(data->set.httpversion >= CURL_HTTP_VERSION_2) { if(data->set.ssl_enable_alpn) {
if(data->set.ssl_enable_alpn) { const char *protocols[3];
static const char* protocols[] = { const char **p = protocols;
NGHTTP2_PROTO_VERSION_ID, ALPN_HTTP_1_1, NULL #ifdef USE_NGHTTP2
}; if(data->set.httpversion >= CURL_HTTP_VERSION_2)
mbedtls_ssl_conf_alpn_protocols(&connssl->config, protocols); *p++ = NGHTTP2_PROTO_VERSION_ID;
infof(data, "ALPN, offering %s, %s\n", protocols[0], #endif
protocols[1]); *p++ = ALPN_HTTP_1_1;
*p = NULL;
if(mbedtls_ssl_conf_alpn_protocols(&connssl->config, protocols)) {
failf(data, "Failed setting ALPN protocols");
return CURLE_SSL_CONNECT_ERROR;
} }
for(p = protocols; *p; ++p)
infof(data, "ALPN, offering %s\n", *p);
} }
#endif #endif
@ -470,14 +476,18 @@ mbedtls_connect_step2(struct connectdata *conn,
if(data->set.ssl_enable_alpn) { if(data->set.ssl_enable_alpn) {
next_protocol = mbedtls_ssl_get_alpn_protocol(&connssl->ssl); next_protocol = mbedtls_ssl_get_alpn_protocol(&connssl->ssl);
if(next_protocol != NULL) { if(next_protocol) {
infof(data, "ALPN, server accepted to use %s\n", next_protocol); infof(data, "ALPN, server accepted to use %s\n", next_protocol);
#ifdef USE_NGHTTP2
if(strncmp(next_protocol, NGHTTP2_PROTO_VERSION_ID, if(!strncmp(next_protocol, NGHTTP2_PROTO_VERSION_ID,
NGHTTP2_PROTO_VERSION_ID_LEN)) { NGHTTP2_PROTO_VERSION_ID_LEN) &&
!next_protocol[NGHTTP2_PROTO_VERSION_ID_LEN]) {
conn->negnpn = CURL_HTTP_VERSION_2; conn->negnpn = CURL_HTTP_VERSION_2;
} }
else if(strncmp(next_protocol, ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH)) { else
#endif
if(!strncmp(next_protocol, ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH) &&
!next_protocol[ALPN_HTTP_1_1_LENGTH]) {
conn->negnpn = CURL_HTTP_VERSION_1_1; conn->negnpn = CURL_HTTP_VERSION_1_1;
} }
} }