31 #ifndef GSK_SSL_EXTN_SERVERNAME_REQUEST 32 #define GSK_SSL_EXTN_SERVERNAME_REQUEST 230 35 #ifndef GSK_TLSV10_CIPHER_SPECS 36 #define GSK_TLSV10_CIPHER_SPECS 236 39 #ifndef GSK_TLSV11_CIPHER_SPECS 40 #define GSK_TLSV11_CIPHER_SPECS 237 43 #ifndef GSK_TLSV12_CIPHER_SPECS 44 #define GSK_TLSV12_CIPHER_SPECS 238 47 #ifndef GSK_PROTOCOL_TLSV11 48 #define GSK_PROTOCOL_TLSV11 437 51 #ifndef GSK_PROTOCOL_TLSV12 52 #define GSK_PROTOCOL_TLSV12 438 86 #define SOS_WRITE 0x02 89 #define CURL_GSKPROTO_SSLV2 0 90 #define CURL_GSKPROTO_SSLV2_MASK (1 << CURL_GSKPROTO_SSLV2) 91 #define CURL_GSKPROTO_SSLV3 1 92 #define CURL_GSKPROTO_SSLV3_MASK (1 << CURL_GSKPROTO_SSLV3) 93 #define CURL_GSKPROTO_TLSV10 2 94 #define CURL_GSKPROTO_TLSV10_MASK (1 << CURL_GSKPROTO_TLSV10) 95 #define CURL_GSKPROTO_TLSV11 3 96 #define CURL_GSKPROTO_TLSV11_MASK (1 << CURL_GSKPROTO_TLSV11) 97 #define CURL_GSKPROTO_TLSV12 4 98 #define CURL_GSKPROTO_TLSV12_MASK (1 << CURL_GSKPROTO_TLSV12) 99 #define CURL_GSKPROTO_LAST 5 101 struct ssl_backend_data {
108 #define BACKEND connssl->backend 113 const char *gsktoken;
114 unsigned int versions;
117 static const gskit_cipher ciphertable[] = {
119 CURL_GSKPROTO_SSLV3_MASK | CURL_GSKPROTO_TLSV10_MASK |
120 CURL_GSKPROTO_TLSV11_MASK | CURL_GSKPROTO_TLSV12_MASK },
122 CURL_GSKPROTO_SSLV3_MASK | CURL_GSKPROTO_TLSV10_MASK |
123 CURL_GSKPROTO_TLSV11_MASK | CURL_GSKPROTO_TLSV12_MASK },
124 {
"exp-rc4-md5",
"03",
125 CURL_GSKPROTO_SSLV3_MASK | CURL_GSKPROTO_TLSV10_MASK },
127 CURL_GSKPROTO_SSLV3_MASK | CURL_GSKPROTO_TLSV10_MASK |
128 CURL_GSKPROTO_TLSV11_MASK | CURL_GSKPROTO_TLSV12_MASK },
130 CURL_GSKPROTO_SSLV3_MASK | CURL_GSKPROTO_TLSV10_MASK |
131 CURL_GSKPROTO_TLSV11_MASK | CURL_GSKPROTO_TLSV12_MASK },
132 {
"exp-rc2-cbc-md5",
"06",
133 CURL_GSKPROTO_SSLV3_MASK | CURL_GSKPROTO_TLSV10_MASK },
134 {
"exp-des-cbc-sha",
"09",
135 CURL_GSKPROTO_SSLV3_MASK | CURL_GSKPROTO_TLSV10_MASK |
136 CURL_GSKPROTO_TLSV11_MASK },
137 {
"des-cbc3-sha",
"0A",
138 CURL_GSKPROTO_SSLV3_MASK | CURL_GSKPROTO_TLSV10_MASK |
139 CURL_GSKPROTO_TLSV11_MASK | CURL_GSKPROTO_TLSV12_MASK },
140 {
"aes128-sha",
"2F",
141 CURL_GSKPROTO_TLSV10_MASK | CURL_GSKPROTO_TLSV11_MASK |
142 CURL_GSKPROTO_TLSV12_MASK },
143 {
"aes256-sha",
"35",
144 CURL_GSKPROTO_TLSV10_MASK | CURL_GSKPROTO_TLSV11_MASK |
145 CURL_GSKPROTO_TLSV12_MASK },
146 {
"null-sha256",
"3B", CURL_GSKPROTO_TLSV12_MASK },
147 {
"aes128-sha256",
"3C", CURL_GSKPROTO_TLSV12_MASK },
148 {
"aes256-sha256",
"3D", CURL_GSKPROTO_TLSV12_MASK },
149 {
"aes128-gcm-sha256",
150 "9C", CURL_GSKPROTO_TLSV12_MASK },
151 {
"aes256-gcm-sha384",
152 "9D", CURL_GSKPROTO_TLSV12_MASK },
153 {
"rc4-md5",
"1", CURL_GSKPROTO_SSLV2_MASK },
154 {
"exp-rc4-md5",
"2", CURL_GSKPROTO_SSLV2_MASK },
155 {
"rc2-md5",
"3", CURL_GSKPROTO_SSLV2_MASK },
156 {
"exp-rc2-md5",
"4", CURL_GSKPROTO_SSLV2_MASK },
157 {
"des-cbc-md5",
"6", CURL_GSKPROTO_SSLV2_MASK },
158 {
"des-cbc3-md5",
"7", CURL_GSKPROTO_SSLV2_MASK },
159 { (
const char *) NULL, (
const char *) NULL, 0 }
163 static bool is_separator(
char c)
179 const char *procname,
CURLcode defcode)
184 case GSK_OS400_ASYNCHRONOUS_SOC_INIT:
186 case GSK_KEYRING_OPEN_ERROR:
187 case GSK_OS400_ERROR_NO_ACCESS:
189 case GSK_INSUFFICIENT_STORAGE:
191 case GSK_ERROR_BAD_V2_CIPHER:
192 case GSK_ERROR_BAD_V3_CIPHER:
193 case GSK_ERROR_NO_CIPHERS:
195 case GSK_OS400_ERROR_NOT_TRUSTED_ROOT:
196 case GSK_ERROR_CERT_VALIDATION:
198 case GSK_OS400_ERROR_TIMED_OUT:
200 case GSK_WOULD_BLOCK:
202 case GSK_OS400_ERROR_NOT_REGISTERED:
209 failf(data,
"%s I/O error: %s", procname, strerror(errno));
222 GSK_ENUM_ID
id, GSK_ENUM_VALUE
value,
bool unsupported_ok)
230 failf(data,
"gsk_attribute_set_enum() I/O error: %s", strerror(errno));
232 case GSK_ATTRIBUTE_INVALID_ID:
244 GSK_BUF_ID
id,
const char *
buffer,
bool unsupported_ok)
252 failf(data,
"gsk_attribute_set_buffer() I/O error: %s", strerror(errno));
254 case GSK_ATTRIBUTE_INVALID_ID:
266 gsk_handle h, GSK_NUM_ID
id,
int value)
274 failf(data,
"gsk_attribute_set_numeric_value() I/O error: %s",
286 gsk_handle h, GSK_CALLBACK_ID
id,
void *info)
294 failf(data,
"gsk_attribute_set_callback() I/O error: %s", strerror(errno));
305 gsk_handle h,
unsigned int *protoflags)
310 const gskit_cipher *ctp;
318 } ciphers[CURL_GSKPROTO_LAST];
324 while(is_separator(*cipherlist))
332 l = strlen(cipherlist) + 1;
333 memset((
char *) ciphers, 0,
sizeof ciphers);
334 for(i = 0; i < CURL_GSKPROTO_LAST; i++) {
336 if(!ciphers[i].
buf) {
338 free(ciphers[i].buf);
341 ciphers[
i].ptr = ciphers[
i].buf;
342 *ciphers[
i].ptr =
'\0';
349 for(clp = cipherlist; *cipherlist && !is_separator(*cipherlist);)
351 l = cipherlist - clp;
355 for(ctp = ciphertable; ctp->name; ctp++)
359 failf(data,
"Unknown cipher %.*s", l, clp);
363 unsupported |= !(ctp->versions & (CURL_GSKPROTO_SSLV2_MASK |
364 CURL_GSKPROTO_SSLV3_MASK | CURL_GSKPROTO_TLSV10_MASK));
365 for(i = 0; i < CURL_GSKPROTO_LAST; i++) {
366 if(ctp->versions & (1 << i)) {
367 strcpy(ciphers[i].
ptr, ctp->gsktoken);
368 ciphers[
i].ptr += strlen(ctp->gsktoken);
374 while(is_separator(*cipherlist))
379 for(i = 0; i < CURL_GSKPROTO_LAST; i++) {
380 if(!(*protoflags & (1 << i)) || !ciphers[i].buf[0]) {
381 *protoflags &= ~(1 <<
i);
382 ciphers[
i].buf[0] =
'\0';
387 if(*protoflags & CURL_GSKPROTO_TLSV11_MASK) {
388 result = set_buffer(data, h, GSK_TLSV11_CIPHER_SPECS,
389 ciphers[CURL_GSKPROTO_TLSV11].buf,
TRUE);
393 failf(data,
"TLSv1.1-only ciphers are not yet supported");
398 if(!result && (*protoflags & CURL_GSKPROTO_TLSV12_MASK)) {
399 result = set_buffer(data, h, GSK_TLSV12_CIPHER_SPECS,
400 ciphers[CURL_GSKPROTO_TLSV12].buf,
TRUE);
404 failf(data,
"TLSv1.2-only ciphers are not yet supported");
412 if(!result && (*protoflags & CURL_GSKPROTO_TLSV10_MASK)) {
413 result = set_buffer(data, h, GSK_TLSV10_CIPHER_SPECS,
414 ciphers[CURL_GSKPROTO_TLSV10].buf,
TRUE);
417 strcpy(ciphers[CURL_GSKPROTO_SSLV3].
ptr,
418 ciphers[CURL_GSKPROTO_TLSV10].ptr);
423 if(!result && (*protoflags & CURL_GSKPROTO_SSLV3_MASK))
424 result = set_buffer(data, h, GSK_V3_CIPHER_SPECS,
425 ciphers[CURL_GSKPROTO_SSLV3].buf,
FALSE);
426 if(!result && (*protoflags & CURL_GSKPROTO_SSLV2_MASK))
427 result = set_buffer(data, h, GSK_V2_CIPHER_SPECS,
428 ciphers[CURL_GSKPROTO_SSLV2].buf,
FALSE);
431 for(i = 0; i < CURL_GSKPROTO_LAST; i++)
432 free(ciphers[i].buf);
438 static int Curl_gskit_init(
void)
446 static void Curl_gskit_cleanup(
void)
453 gsk_handle *envir,
const char *appid,
454 const char *file,
const char *label,
467 case GSK_INSUFFICIENT_STORAGE:
474 result = set_enum(data, h, GSK_SESSION_TYPE, GSK_CLIENT_SESSION,
FALSE);
476 result = set_buffer(data, h, GSK_OS400_APPLICATION_ID, appid,
FALSE);
478 result = set_buffer(data, h, GSK_KEYRING_FILE, file,
FALSE);
480 result = set_buffer(data, h, GSK_KEYRING_LABEL, label,
FALSE);
481 if(!result && password)
482 result = set_buffer(data, h, GSK_KEYRING_PW, password,
FALSE);
500 static void cancel_async_handshake(
struct connectdata *conn,
int sockindex)
503 Qso_OverlappedIO_t cstat;
505 if(QsoCancelOperation(conn->
sock[sockindex], 0) > 0)
506 QsoWaitForIOCompletion(BACKEND->iocport, &cstat, (
struct timeval *) NULL);
512 QsoDestroyIOCompletionPort(BACKEND->iocport);
513 BACKEND->iocport = -1;
528 inetsocketpair(
int sv[2])
534 struct sockaddr_in addr1;
535 struct sockaddr_in addr2;
538 lfd = socket(AF_INET, SOCK_STREAM, 0);
541 memset((
char *) &addr1, 0,
sizeof addr1);
542 addr1.sin_family = AF_INET;
543 addr1.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
545 if(
bind(lfd, (
struct sockaddr *) &addr1,
sizeof addr1) ||
546 listen(lfd, 2) < 0) {
553 if(getsockname(lfd, (
struct sockaddr *) &addr1, &len) < 0) {
559 cfd = socket(AF_INET, SOCK_STREAM, 0);
567 if(
connect(cfd, (
struct sockaddr *) &addr1,
sizeof addr1) < 0 &&
568 errno != EINPROGRESS) {
576 if(getsockname(cfd, (
struct sockaddr *) &addr2, &len) < 0) {
586 sfd = accept(lfd, (
struct sockaddr *) &addr1, &len);
594 if(addr1.sin_addr.s_addr == addr2.sin_addr.s_addr &&
595 addr1.sin_port == addr2.sin_port)
610 static int pipe_ssloverssl(
struct connectdata *conn,
int sockindex,
624 if(!connssl->
use || !connproxyssl->
use)
630 if(directions & SOS_READ) {
631 FD_SET(BACKEND->remotefd, &fds_write);
632 n = BACKEND->remotefd;
634 if(directions & SOS_WRITE) {
635 FD_SET(BACKEND->remotefd, &fds_read);
636 n = BACKEND->remotefd;
637 FD_SET(conn->
sock[sockindex], &fds_write);
638 if(n < conn->sock[sockindex])
639 n = conn->
sock[sockindex];
641 i = select(n + 1, &fds_read, &fds_write, NULL, &tv);
645 if(FD_ISSET(BACKEND->remotefd, &fds_write)) {
649 buf,
sizeof buf, &n);
653 i = write(BACKEND->remotefd, buf, n);
659 case GSK_OS400_ERROR_TIMED_OUT:
660 case GSK_WOULD_BLOCK:
667 if(FD_ISSET(BACKEND->remotefd, &fds_read) &&
668 FD_ISSET(conn->
sock[sockindex], &fds_write)) {
670 n = read(BACKEND->remotefd, buf,
sizeof buf);
675 if(i != GSK_OK || n != m)
688 if(BACKEND->handle) {
690 "gsk_secure_soc_close()", 0);
692 while(pipe_ssloverssl(conn, sockindex, SOS_WRITE) > 0)
694 BACKEND->handle = (gsk_handle) NULL;
695 if(BACKEND->localfd >= 0) {
696 close(BACKEND->localfd);
697 BACKEND->localfd = -1;
699 if(BACKEND->remotefd >= 0) {
700 close(BACKEND->remotefd);
701 BACKEND->remotefd = -1;
704 if(BACKEND->iocport >= 0)
705 close_async_handshake(connssl);
710 const void *mem,
size_t len,
CURLcode *curlcode)
717 if(pipe_ssloverssl(conn, sockindex, SOS_WRITE) >= 0) {
718 cc = gskit_status(data,
720 (
char *) mem, (
int) len, &written),
723 if(pipe_ssloverssl(conn, sockindex, SOS_WRITE) < 0)
735 size_t buffersize,
CURLcode *curlcode)
743 if(pipe_ssloverssl(conn, num, SOS_READ) >= 0) {
744 buffsize = buffersize > (
size_t) INT_MAX? INT_MAX: (
int) buffersize;
746 buf, buffsize, &nread),
763 set_ssl_version_min_max(
unsigned int *protoflags,
struct connectdata *conn)
768 long i = ssl_version;
769 switch(ssl_version_max) {
771 ssl_version_max = ssl_version;
777 for(; i <= (ssl_version_max >> 16); ++
i) {
780 *protoflags |= CURL_GSKPROTO_TLSV10_MASK;
783 *protoflags |= CURL_GSKPROTO_TLSV11_MASK;
786 *protoflags |= CURL_GSKPROTO_TLSV11_MASK;
789 failf(data,
"GSKit: TLS 1.3 is not yet supported");
812 unsigned int protoflags = 0;
814 Qso_OverlappedIO_t commarea;
820 BACKEND->handle = (gsk_handle) NULL;
821 BACKEND->iocport = -1;
822 BACKEND->localfd = -1;
823 BACKEND->remotefd = -1;
838 envir = (gsk_handle) NULL;
840 if(keyringlabel && *keyringlabel && !keyringpwd &&
843 init_environment(data, &envir, keyringlabel, (
const char *) NULL,
844 (
const char *) NULL, (
const char *) NULL);
849 result = init_environment(data, &envir, (
const char *) NULL,
850 keyringfile, keyringlabel, keyringpwd);
864 if(inetsocketpair(sockpair))
866 BACKEND->localfd = sockpair[0];
867 BACKEND->remotefd = sockpair[1];
868 setsockopt(BACKEND->localfd, SOL_SOCKET, SO_RCVBUF,
869 (
void *) sobufsize,
sizeof sobufsize);
870 setsockopt(BACKEND->remotefd, SOL_SOCKET, SO_RCVBUF,
871 (
void *) sobufsize,
sizeof sobufsize);
872 setsockopt(BACKEND->localfd, SOL_SOCKET, SO_SNDBUF,
873 (
void *) sobufsize,
sizeof sobufsize);
874 setsockopt(BACKEND->remotefd, SOL_SOCKET, SO_SNDBUF,
875 (
void *) sobufsize,
sizeof sobufsize);
882 switch(ssl_version) {
884 protoflags = CURL_GSKPROTO_SSLV2_MASK;
888 protoflags = CURL_GSKPROTO_SSLV3_MASK;
893 protoflags = CURL_GSKPROTO_TLSV10_MASK |
894 CURL_GSKPROTO_TLSV11_MASK | CURL_GSKPROTO_TLSV12_MASK;
900 result = set_ssl_version_min_max(&protoflags, conn);
905 failf(data,
"Unrecognized parameter passed via CURLOPT_SSLVERSION");
911 result = set_buffer(data, BACKEND->handle,
912 GSK_SSL_EXTN_SERVERNAME_REQUEST, sni,
TRUE);
925 result = set_numeric(data, BACKEND->handle, GSK_HANDSHAKE_TIMEOUT,
926 (timeout + 999) / 1000);
929 result = set_numeric(data, BACKEND->handle, GSK_OS400_READ_TIMEOUT, 1);
931 result = set_numeric(data, BACKEND->handle, GSK_FD, BACKEND->localfd >= 0?
932 BACKEND->localfd: conn->
sock[sockindex]);
934 result = set_ciphers(conn, BACKEND->handle, &protoflags);
936 failf(data,
"No SSL protocol/cipher combination enabled");
940 result = set_enum(data, BACKEND->handle, GSK_PROTOCOL_SSLV2,
941 (protoflags & CURL_GSKPROTO_SSLV2_MASK)?
942 GSK_PROTOCOL_SSLV2_ON: GSK_PROTOCOL_SSLV2_OFF,
FALSE);
944 result = set_enum(data, BACKEND->handle, GSK_PROTOCOL_SSLV3,
945 (protoflags & CURL_GSKPROTO_SSLV3_MASK)?
946 GSK_PROTOCOL_SSLV3_ON: GSK_PROTOCOL_SSLV3_OFF,
FALSE);
948 result = set_enum(data, BACKEND->handle, GSK_PROTOCOL_TLSV1,
949 (protoflags & CURL_GSKPROTO_TLSV10_MASK)?
950 GSK_PROTOCOL_TLSV1_ON: GSK_PROTOCOL_TLSV1_OFF,
FALSE);
952 result = set_enum(data, BACKEND->handle, GSK_PROTOCOL_TLSV11,
953 (protoflags & CURL_GSKPROTO_TLSV11_MASK)?
954 GSK_TRUE: GSK_FALSE,
TRUE);
957 if(protoflags == CURL_GSKPROTO_TLSV11_MASK) {
958 failf(data,
"TLS 1.1 not yet supported");
964 result = set_enum(data, BACKEND->handle, GSK_PROTOCOL_TLSV12,
965 (protoflags & CURL_GSKPROTO_TLSV12_MASK)?
966 GSK_TRUE: GSK_FALSE,
TRUE);
969 if(protoflags == CURL_GSKPROTO_TLSV12_MASK) {
970 failf(data,
"TLS 1.2 not yet supported");
976 result = set_enum(data, BACKEND->handle, GSK_SERVER_AUTH_TYPE,
977 verifypeer? GSK_SERVER_AUTH_FULL:
978 GSK_SERVER_AUTH_PASSTHRU,
FALSE);
982 memset(&commarea, 0,
sizeof commarea);
983 BACKEND->iocport = QsoCreateIOCompletionPort();
984 if(BACKEND->iocport != -1) {
985 result = gskit_status(data,
989 "gsk_secure_soc_startInit()",
996 close_async_handshake(connssl);
998 else if(errno != ENOBUFS)
999 result = gskit_status(data, GSK_ERROR_IO,
1000 "QsoCreateIOCompletionPort()", 0);
1017 close_one(connssl, conn, sockindex);
1027 Qso_OverlappedIO_t cstat;
1038 stmv.tv_sec = timeout_ms / 1000;
1039 stmv.tv_usec = (timeout_ms - stmv.tv_sec * 1000) * 1000;
1040 switch(QsoWaitForIOCompletion(BACKEND->iocport, &cstat, &stmv)) {
1044 if(errno == EINTR) {
1049 if(errno != ETIME) {
1050 failf(data,
"QsoWaitForIOCompletion() I/O error: %s", strerror(errno));
1051 cancel_async_handshake(conn, sockindex);
1052 close_async_handshake(connssl);
1059 cancel_async_handshake(conn, sockindex);
1060 close_async_handshake(connssl);
1065 result = gskit_status(data, cstat.returnValue,
"SSL handshake",
1069 close_async_handshake(connssl);
1078 const gsk_cert_data_elem *cdev;
1080 const gsk_cert_data_elem *
p;
1081 const char *cert = (
const char *) NULL;
1082 const char *certend;
1090 GSK_PARTNER_CERT_INFO,
1094 infof(data,
"Server certificate:\n");
1096 for(i = 0; i++ < cdec; p++)
1097 switch(p->cert_data_id) {
1099 cert = p->cert_data_p;
1100 certend = cert + cdev->cert_data_l;
1102 case CERT_DN_PRINTABLE:
1103 infof(data,
"\t subject: %.*s\n", p->cert_data_l, p->cert_data_p);
1105 case CERT_ISSUER_DN_PRINTABLE:
1106 infof(data,
"\t issuer: %.*s\n", p->cert_data_l, p->cert_data_p);
1108 case CERT_VALID_FROM:
1109 infof(data,
"\t start date: %.*s\n", p->cert_data_l, p->cert_data_p);
1112 infof(data,
"\t expire date: %.*s\n", p->cert_data_l, p->cert_data_p);
1118 result = Curl_verifyhost(conn, cert, certend);
1128 result = Curl_ssl_init_certinfo(data, 1);
1133 result = Curl_extract_certinfo(conn, 0, cert, certend);
1142 if(!result && ptr) {
1143 curl_X509certificate x509;
1144 curl_asn1Element *
p;
1146 if(Curl_parseX509(&x509, cert, certend))
1148 p = &x509.subjectPublicKeyInfo;
1149 result = Curl_pin_peer_pubkey(data, ptr, p->header, p->end - p->header);
1151 failf(data,
"SSL: public key does not match pinned public key!");
1162 bool nonblocking,
bool *done)
1167 Qso_OverlappedIO_t cstat;
1179 if(timeout_ms < 0) {
1181 failf(data,
"SSL connection timeout");
1185 result = gskit_connect_step1(conn, sockindex);
1190 if(pipe_ssloverssl(conn, sockindex, SOS_READ | SOS_WRITE) < 0)
1198 if(timeout_ms < 0) {
1200 failf(data,
"SSL connection timeout");
1204 result = gskit_connect_step2(conn, sockindex, nonblocking);
1209 if(pipe_ssloverssl(conn, sockindex, SOS_READ | SOS_WRITE) < 0)
1214 result = gskit_connect_step3(conn, sockindex);
1217 close_one(connssl, conn, sockindex);
1221 conn->
recv[sockindex] = gskit_recv;
1222 conn->
send[sockindex] = gskit_send;
1231 int sockindex,
bool *done)
1235 result = gskit_connect_common(conn, sockindex,
TRUE, done);
1248 result = gskit_connect_common(conn, sockindex,
FALSE, &done);
1258 static void Curl_gskit_close(
struct connectdata *conn,
int sockindex)
1260 close_one(&conn->
ssl[sockindex], conn, sockindex);
1261 close_one(&conn->
proxy_ssl[sockindex], conn, sockindex);
1265 static int Curl_gskit_shutdown(
struct connectdata *conn,
int sockindex)
1274 if(!BACKEND->handle)
1280 close_one(connssl, conn, sockindex);
1283 SSL_SHUTDOWN_TIMEOUT);
1294 failf(data,
"SSL shutdown timeout");
1302 nread = read(conn->
sock[sockindex], buf,
sizeof(buf));
1305 failf(data,
"read: %s", strerror(errno));
1319 static size_t Curl_gskit_version(
char *buffer,
size_t size)
1321 strncpy(buffer,
"GSKit", size);
1322 return strlen(buffer);
1326 static int Curl_gskit_check_cxn(
struct connectdata *cxn)
1334 if(!BACKEND->handle)
1338 errlen =
sizeof err;
1341 (
unsigned char *) &err, &errlen) ||
1342 errlen !=
sizeof err || err)
1352 return BACKEND->handle;
1355 const struct Curl_ssl Curl_ssl_gskit = {
1365 sizeof(
struct ssl_backend_data),
1370 Curl_gskit_check_cxn,
1371 Curl_gskit_shutdown,
1376 Curl_gskit_connect_nonblocking,
1377 Curl_gskit_get_internals,
struct ssl_connect_data ssl[2]
#define SSL_CONN_CONFIG(var)
#define gsk_environment_open
#define gsk_environment_init
#define gsk_attribute_set_enum
#define gsk_attribute_set_numeric_value
void Curl_none_session_free(void *ptr)
#define SSL_SET_OPTION(var)
ssl_connect_state connecting_state
#define CURL_MAX_WRITE_SIZE
UNITTEST_START char * ptr
#define gsk_secure_soc_open
bool Curl_none_data_pending(const struct connectdata *conn, int connindex)
#define gsk_secure_soc_write
#define gsk_attribute_set_callback
UNITTEST_START int result
struct ssl_config_data ssl
#define gsk_attribute_set_buffer
int curlx_nonblock(curl_socket_t sockfd, int nonblock)
struct proxy_info http_proxy
ssl_connection_state state
CURLcode Curl_none_random(struct Curl_easy *data, unsigned char *entropy, size_t length)
#define gsk_environment_close
#define gsk_secure_soc_read
time_t Curl_timeleft(struct Curl_easy *data, struct curltime *nowp, bool duringconnect)
curl_easy_setopt expects a curl_off_t argument for this option curl_easy_setopt expects a curl_write_callback argument for this option curl_easy_setopt expects a curl_ioctl_callback argument for this option curl_easy_setopt expects a curl_opensocket_callback argument for this option curl_easy_setopt expects a curl_debug_callback argument for this option curl_easy_setopt expects a curl_conv_callback argument for this option curl_easy_setopt expects a private data pointer as argument for this option curl_easy_setopt expects a FILE *argument for this option curl_easy_setopt expects a struct curl_httppost *argument for this option curl_easy_setopt expects a struct curl_slist *argument for this option curl_easy_getinfo expects a pointer to char *for this info curl_easy_getinfo expects a pointer to double for this info curl_easy_getinfo expects a pointer to struct curl_tlssessioninfo *for this info curl_easy_getinfo expects a pointer to curl_socket_t for this info size_t
bool Curl_none_false_start(void)
#define SOCKET_READABLE(x, z)
bool Curl_none_cert_status_request(void)
#define strncasecompare(a, b, c)
#define gsk_secure_soc_init
#define gsk_secure_soc_close
CURLcode Curl_none_md5sum(unsigned char *input, size_t inputlen, unsigned char *md5sum, size_t md5len)
CURLcode Curl_none_set_engine(struct Curl_easy *data, const char *engine)
#define gsk_secure_soc_startInit
struct curl_slist * Curl_none_engines_list(struct Curl_easy *data)
UNITTEST_START int * value
struct ssl_connect_data proxy_ssl[2]
#define gsk_attribute_get_cert_info
CURLcode Curl_none_set_engine_default(struct Curl_easy *data)
void Curl_none_close_all(struct Curl_easy *data)