Mercurial > trustbridge
annotate patches/0001-Implement-CURLOPT_SSLVERSION-for-polarssl.patch @ 1070:f110a3f6e387
(issue114) Fine tune ACL propagation
using mkdir_p the ACL of the parent directories would
propagate to all subdirectories and objects in the directory.
Now we only use ACL propagation in the last directory to make
sure that files we might create in that directory inherit the
correct (resitricted) ACL
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Wed, 10 Sep 2014 16:41:36 +0200 |
| parents | 0570b1e562c2 |
| children |
| rev | line source |
|---|---|
|
998
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
1 From bebf7d617091042828fc5838170b35c42ab60396 Mon Sep 17 00:00:00 2001 |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
2 From: Andre Heinecke <aheinecke@intevation.de> |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
3 Date: Mon, 1 Sep 2014 16:06:03 +0200 |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
4 Subject: [PATCH 1/3] Implement CURLOPT_SSLVERSION for polarssl |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
5 |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
6 Forwards the setting as minimum ssl version to polarssl. |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
7 If the server does not support the requested version the |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
8 SSL Handshake will fail. |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
9 --- |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
10 lib/vtls/polarssl.c | 21 +++++++++++++++++++++ |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
11 1 file changed, 21 insertions(+) |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
12 |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
13 diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
14 index f948486..e18cadf 100644 |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
15 --- a/lib/vtls/polarssl.c |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
16 +++ b/lib/vtls/polarssl.c |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
17 @@ -270,6 +270,27 @@ polarssl_connect_step1(struct connectdata *conn, |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
18 return CURLE_SSL_CONNECT_ERROR; |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
19 } |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
20 |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
21 + if(data->set.ssl.version == CURL_SSLVERSION_SSLv3) { |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
22 + ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3, |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
23 + SSL_MINOR_VERSION_0); |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
24 + infof(data, "PolarSSL: Forced min. SSL Version to be SSLv3\n"); |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
25 + } |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
26 + else if(data->set.ssl.version == CURL_SSLVERSION_TLSv1_0) { |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
27 + ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3, |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
28 + SSL_MINOR_VERSION_1); |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
29 + infof(data, "PolarSSL: Forced min. SSL Version to be TLS 1.0\n"); |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
30 + } |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
31 + else if(data->set.ssl.version == CURL_SSLVERSION_TLSv1_1) { |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
32 + ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3, |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
33 + SSL_MINOR_VERSION_2); |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
34 + infof(data, "PolarSSL: Forced min. SSL Version to be TLS 1.1\n"); |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
35 + } |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
36 + else if(data->set.ssl.version == CURL_SSLVERSION_TLSv1_2) { |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
37 + ssl_set_min_version(&connssl->ssl, SSL_MAJOR_VERSION_3, |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
38 + SSL_MINOR_VERSION_3); |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
39 + infof(data, "PolarSSL: Forced min. SSL Version to be TLS 1.2\n"); |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
40 + } |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
41 + |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
42 ssl_set_endpoint(&connssl->ssl, SSL_IS_CLIENT); |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
43 ssl_set_authmode(&connssl->ssl, SSL_VERIFY_OPTIONAL); |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
44 |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
45 -- |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
46 1.9.1 |
|
0570b1e562c2
(issue90) Add curl patches for the problems we had with curl.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
47 |