[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libmicrohttpd] branch master updated: Added support for ALPN protocols
From: |
gnunet |
Subject: |
[libmicrohttpd] branch master updated: Added support for ALPN protocols list for TLS connections |
Date: |
Mon, 19 Apr 2021 17:42:45 +0200 |
This is an automated email from the git hooks/post-receive script.
karlson2k pushed a commit to branch master
in repository libmicrohttpd.
The following commit(s) were added to refs/heads/master by this push:
new 4e8f86a6 Added support for ALPN protocols list for TLS connections
4e8f86a6 is described below
commit 4e8f86a655a7d786bdce3f1330fd8fa083df8dfe
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
AuthorDate: Mon Apr 19 18:39:56 2021 +0300
Added support for ALPN protocols list for TLS connections
---
src/include/microhttpd.h | 13 +++++++++++--
src/microhttpd/daemon.c | 38 ++++++++++++++++++++++++++++++++++++++
src/microhttpd/internal.h | 7 ++++++-
3 files changed, 55 insertions(+), 3 deletions(-)
diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h
index 5eda9845..5211d354 100644
--- a/src/include/microhttpd.h
+++ b/src/include/microhttpd.h
@@ -135,7 +135,7 @@ typedef intptr_t ssize_t;
* they are parsed as decimal numbers.
* Example: 0x01093001 = 1.9.30-1.
*/
-#define MHD_VERSION 0x00097206
+#define MHD_VERSION 0x00097207
/**
* Operational results from MHD calls.
@@ -1743,7 +1743,16 @@ enum MHD_OPTION
* This option should be followed by an `int` argument.
* @note Available since #MHD_VERSION 0x00097205
*/
- MHD_OPTION_SIGPIPE_HANDLED_BY_APP = 33
+ MHD_OPTION_SIGPIPE_HANDLED_BY_APP = 33,
+
+ /**
+ * If followed by 'int' with value '1' disables usage of ALPN for TLS
+ * connections even if supported by TLS library.
+ * Valid only for daemons with #MHD_USE_TLS.
+ * This option should be followed by an `int` argument.
+ * @note Available since #MHD_VERSION 0x00097207
+ */
+ MHD_OPTION_TLS_NO_ALPN = 34
};
diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c
index 8d721203..0ce0a242 100644
--- a/src/microhttpd/daemon.c
+++ b/src/microhttpd/daemon.c
@@ -2550,6 +2550,32 @@ new_connection_prepare_ (struct MHD_Daemon *daemon,
#endif
return NULL;
}
+#if (GNUTLS_VERSION_NUMBER + 0 >= 0x030200)
+ if (!daemon->disable_alpn)
+ {
+ gnutls_datum_t prts[2];
+ const char prt1[] = "http/1.1";
+ const char prt2[] = "http/1.0";
+
+ prts[0].data = (void*) prt1;
+ prts[0].size = MHD_STATICSTR_LEN_ (prt1);
+ prts[1].data = (void*) prt2;
+ prts[1].size = MHD_STATICSTR_LEN_ (prt2);
+ if (GNUTLS_E_SUCCESS !=
+ gnutls_alpn_set_protocols(connection->tls_session,
+ prts,
+ sizeof(prts) / sizeof(prts[0]),
+ 0 /* || GNUTLS_ALPN_SERVER_PRECEDENCE */))
+ {
+#ifdef HAVE_MESSAGES
+ MHD_DLOG (daemon,
+ _ ("Failed to set ALPN protocols.\n"));
+#else /* ! HAVE_MESSAGES */
+ (void) 0; /* Mute compiler warning */
+#endif /* ! HAVE_MESSAGES */
+ }
+ }
+#endif /* GNUTLS_VERSION_NUMBER >= 0x030200 */
gnutls_session_set_ptr (connection->tls_session,
connection);
switch (daemon->cred_type)
@@ -5963,6 +5989,7 @@ parse_options_va (struct MHD_Daemon *daemon,
/* all options taking 'int' */
case MHD_OPTION_STRICT_FOR_CLIENT:
case MHD_OPTION_SIGPIPE_HANDLED_BY_APP:
+ case MHD_OPTION_TLS_NO_ALPN:
if (MHD_NO == parse_options (daemon,
servaddr,
opt,
@@ -6051,6 +6078,17 @@ parse_options_va (struct MHD_Daemon *daemon,
int);
}
break;
+ case MHD_OPTION_TLS_NO_ALPN:
+ daemon->disable_alpn = (va_arg (ap,
+ int) != 0);
+#ifdef HAVE_MESSAGES
+ if (0 == (daemon->options & MHD_USE_TLS))
+ MHD_DLOG (daemon,
+ _ ("MHD HTTPS option %d passed to MHD " \
+ "but MHD_USE_TLS not set.\n"),
+ (int) opt);
+#endif /* HAVE_MESSAGES */
+ break;
default:
#ifdef HAVE_MESSAGES
if ( ( (opt >= MHD_OPTION_HTTPS_MEM_KEY) &&
diff --git a/src/microhttpd/internal.h b/src/microhttpd/internal.h
index fe71e9ab..f660dff1 100644
--- a/src/microhttpd/internal.h
+++ b/src/microhttpd/internal.h
@@ -1889,7 +1889,12 @@ struct MHD_Daemon
*/
bool have_dhparams;
-#endif /* HTTPS_SUPPORT */
+ /**
+ * true if ALPN is disabled.
+ */
+ bool disable_alpn;
+
+ #endif /* HTTPS_SUPPORT */
#ifdef DAUTH_SUPPORT
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [libmicrohttpd] branch master updated: Added support for ALPN protocols list for TLS connections,
gnunet <=