Lines 1530-1536
static long op_bio_retry_ctrl(BIO *_b,int _cmd,long _num,void *_ptr){
Link Here
|
1530 |
return ret; |
1530 |
return ret; |
1531 |
} |
1531 |
} |
1532 |
|
1532 |
|
1533 |
# if OPENSSL_VERSION_NUMBER<0x10100000L |
1533 |
# if OPENSSL_VERSION_NUMBER<0x10100000L || defined (LIBRESSL_VERSION_NUMBER) |
1534 |
# define BIO_set_data(_b,_ptr) ((_b)->ptr=(_ptr)) |
1534 |
# define BIO_set_data(_b,_ptr) ((_b)->ptr=(_ptr)) |
1535 |
# define BIO_set_init(_b,_init) ((_b)->init=(_init)) |
1535 |
# define BIO_set_init(_b,_init) ((_b)->init=(_init)) |
1536 |
# define ASN1_STRING_get0_data ASN1_STRING_data |
1536 |
# define ASN1_STRING_get0_data ASN1_STRING_data |
Lines 1538-1544
static long op_bio_retry_ctrl(BIO *_b,int _cmd,long _num,void *_ptr){
Link Here
|
1538 |
|
1538 |
|
1539 |
static int op_bio_retry_new(BIO *_b){ |
1539 |
static int op_bio_retry_new(BIO *_b){ |
1540 |
BIO_set_init(_b,1); |
1540 |
BIO_set_init(_b,1); |
1541 |
# if OPENSSL_VERSION_NUMBER<0x10100000L |
1541 |
# if OPENSSL_VERSION_NUMBER<0x10100000L || defined (LIBRESSL_VERSION_NUMBER) |
|
|
1542 |
|
1542 |
_b->num=0; |
1543 |
_b->num=0; |
1543 |
# endif |
1544 |
# endif |
1544 |
BIO_set_data(_b,NULL); |
1545 |
BIO_set_data(_b,NULL); |
Lines 1549-1555
static int op_bio_retry_free(BIO *_b){
Link Here
|
1549 |
return _b!=NULL; |
1550 |
return _b!=NULL; |
1550 |
} |
1551 |
} |
1551 |
|
1552 |
|
1552 |
# if OPENSSL_VERSION_NUMBER<0x10100000L |
1553 |
# if OPENSSL_VERSION_NUMBER<0x10100000L || defined (LIBRESSL_VERSION_NUMBER) |
|
|
1554 |
|
1553 |
/*This is not const because OpenSSL doesn't allow it, even though it won't |
1555 |
/*This is not const because OpenSSL doesn't allow it, even though it won't |
1554 |
write to it.*/ |
1556 |
write to it.*/ |
1555 |
static BIO_METHOD op_bio_retry_method={ |
1557 |
static BIO_METHOD op_bio_retry_method={ |
Lines 1570-1576
static BIO_METHOD op_bio_retry_method={
Link Here
|
1570 |
proxying https URL requests.*/ |
1572 |
proxying https URL requests.*/ |
1571 |
static int op_http_conn_establish_tunnel(OpusHTTPStream *_stream, |
1573 |
static int op_http_conn_establish_tunnel(OpusHTTPStream *_stream, |
1572 |
OpusHTTPConn *_conn,op_sock _fd,SSL *_ssl_conn,BIO *_ssl_bio){ |
1574 |
OpusHTTPConn *_conn,op_sock _fd,SSL *_ssl_conn,BIO *_ssl_bio){ |
1573 |
# if OPENSSL_VERSION_NUMBER>=0x10100000L |
1575 |
# if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined (LIBRESSL_VERSION_NUMBER) |
1574 |
BIO_METHOD *bio_retry_method; |
1576 |
BIO_METHOD *bio_retry_method; |
1575 |
# endif |
1577 |
# endif |
1576 |
BIO *retry_bio; |
1578 |
BIO *retry_bio; |
Lines 1583-1589
static int op_http_conn_establish_tunnel(OpusHTTPStream *_stream,
Link Here
|
1583 |
ret=op_http_conn_write_fully(_conn, |
1585 |
ret=op_http_conn_write_fully(_conn, |
1584 |
_stream->proxy_connect.buf,_stream->proxy_connect.nbuf); |
1586 |
_stream->proxy_connect.buf,_stream->proxy_connect.nbuf); |
1585 |
if(OP_UNLIKELY(ret<0))return ret; |
1587 |
if(OP_UNLIKELY(ret<0))return ret; |
1586 |
# if OPENSSL_VERSION_NUMBER>=0x10100000L |
1588 |
# if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined (LIBRESSL_VERSION_NUMBER) |
1587 |
bio_retry_method=BIO_meth_new(BIO_TYPE_NULL,"retry"); |
1589 |
bio_retry_method=BIO_meth_new(BIO_TYPE_NULL,"retry"); |
1588 |
if(bio_retry_method==NULL)return OP_EFAULT; |
1590 |
if(bio_retry_method==NULL)return OP_EFAULT; |
1589 |
BIO_meth_set_write(bio_retry_method,op_bio_retry_write); |
1591 |
BIO_meth_set_write(bio_retry_method,op_bio_retry_write); |
Lines 1606-1612
static int op_http_conn_establish_tunnel(OpusHTTPStream *_stream,
Link Here
|
1606 |
/*This shouldn't succeed, since we can't read yet.*/ |
1608 |
/*This shouldn't succeed, since we can't read yet.*/ |
1607 |
OP_ALWAYS_TRUE(SSL_connect(_ssl_conn)<0); |
1609 |
OP_ALWAYS_TRUE(SSL_connect(_ssl_conn)<0); |
1608 |
SSL_set_bio(_ssl_conn,_ssl_bio,_ssl_bio); |
1610 |
SSL_set_bio(_ssl_conn,_ssl_bio,_ssl_bio); |
1609 |
# if OPENSSL_VERSION_NUMBER>=0x10100000L |
1611 |
# if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined (LIBRESSL_VERSION_NUMBER) |
1610 |
BIO_meth_free(bio_retry_method); |
1612 |
BIO_meth_free(bio_retry_method); |
1611 |
# endif |
1613 |
# endif |
1612 |
/*Only now do we disable write coalescing, to allow the CONNECT |
1614 |
/*Only now do we disable write coalescing, to allow the CONNECT |
Lines 1635-1641
static struct addrinfo *op_inet_pton(const char *_host){
Link Here
|
1635 |
return NULL; |
1637 |
return NULL; |
1636 |
} |
1638 |
} |
1637 |
|
1639 |
|
1638 |
# if OPENSSL_VERSION_NUMBER<0x10002000L |
1640 |
# if OPENSSL_VERSION_NUMBER<0x10002000L || defined (LIBRESSL_VERSION_NUMBER) |
1639 |
/*Match a host name against a host with a possible wildcard pattern according |
1641 |
/*Match a host name against a host with a possible wildcard pattern according |
1640 |
to the rules of RFC 6125 Section 6.4.3. |
1642 |
to the rules of RFC 6125 Section 6.4.3. |
1641 |
Return: 0 if the pattern doesn't match, and a non-zero value if it does.*/ |
1643 |
Return: 0 if the pattern doesn't match, and a non-zero value if it does.*/ |
Lines 1893-1899
static int op_http_conn_start_tls(OpusHTTPStream *_stream,OpusHTTPConn *_conn,
Link Here
|
1893 |
SSL_set_tlsext_host_name(_ssl_conn,_stream->url.host); |
1895 |
SSL_set_tlsext_host_name(_ssl_conn,_stream->url.host); |
1894 |
# endif |
1896 |
# endif |
1895 |
skip_certificate_check=_stream->skip_certificate_check; |
1897 |
skip_certificate_check=_stream->skip_certificate_check; |
1896 |
# if OPENSSL_VERSION_NUMBER>=0x10002000L |
1898 |
# if OPENSSL_VERSION_NUMBER>=0x10002000L && !defined (LIBRESSL_VERSION_NUMBER) |
1897 |
/*As of version 1.0.2, OpenSSL can finally do hostname checks automatically. |
1899 |
/*As of version 1.0.2, OpenSSL can finally do hostname checks automatically. |
1898 |
Of course, they make it much more complicated than it needs to be.*/ |
1900 |
Of course, they make it much more complicated than it needs to be.*/ |
1899 |
if(!skip_certificate_check){ |
1901 |
if(!skip_certificate_check){ |
Lines 2314-2320
static int op_http_stream_open(OpusHTTPStream *_stream,const char *_url,
Link Here
|
2314 |
/*Initialize the SSL library if necessary.*/ |
2316 |
/*Initialize the SSL library if necessary.*/ |
2315 |
if(OP_URL_IS_SSL(&_stream->url)&&_stream->ssl_ctx==NULL){ |
2317 |
if(OP_URL_IS_SSL(&_stream->url)&&_stream->ssl_ctx==NULL){ |
2316 |
SSL_CTX *ssl_ctx; |
2318 |
SSL_CTX *ssl_ctx; |
2317 |
# if OPENSSL_VERSION_NUMBER<0x10100000L |
2319 |
# if OPENSSL_VERSION_NUMBER<0x10100000L || defined (LIBRESSL_VERSION_NUMBER) |
2318 |
# if !defined(OPENSSL_NO_LOCKING) |
2320 |
# if !defined(OPENSSL_NO_LOCKING) |
2319 |
/*The documentation says SSL_library_init() is not reentrant. |
2321 |
/*The documentation says SSL_library_init() is not reentrant. |
2320 |
We don't want to add our own depenencies on a threading library, and it |
2322 |
We don't want to add our own depenencies on a threading library, and it |