aboutsummaryrefslogtreecommitdiffstats
path: root/contrib/libs/curl/lib/vquic
diff options
context:
space:
mode:
authorrobot-contrib <robot-contrib@yandex-team.ru>2022-05-15 13:30:59 +0300
committerrobot-contrib <robot-contrib@yandex-team.ru>2022-05-15 13:30:59 +0300
commit00e5165677c67bdda88ef5b51216688eac357a3a (patch)
tree230fc76cb76d47655f8481f9ae231c3590f55bfa /contrib/libs/curl/lib/vquic
parent7a146619b8d5b192fddae23c34605f0494256956 (diff)
downloadydb-00e5165677c67bdda88ef5b51216688eac357a3a.tar.gz
Update contrib/libs/curl to 7.83.1
ref:e0fbfbe6faf65e15f45ef0f846e92356916e91cf
Diffstat (limited to 'contrib/libs/curl/lib/vquic')
-rw-r--r--contrib/libs/curl/lib/vquic/msh3.c11
-rw-r--r--contrib/libs/curl/lib/vquic/ngtcp2.c13
2 files changed, 18 insertions, 6 deletions
diff --git a/contrib/libs/curl/lib/vquic/msh3.c b/contrib/libs/curl/lib/vquic/msh3.c
index 071f13e1fc..47279bd2b2 100644
--- a/contrib/libs/curl/lib/vquic/msh3.c
+++ b/contrib/libs/curl/lib/vquic/msh3.c
@@ -95,7 +95,9 @@ static const MSH3_REQUEST_IF msh3_request_if = {
void Curl_quic_ver(char *p, size_t len)
{
- (void)msnprintf(p, len, "msh3/%s", "0.0.1");
+ uint32_t v[4];
+ MsH3Version(v);
+ (void)msnprintf(p, len, "msh3/%d.%d.%d.%d", v[0], v[1], v[2], v[3]);
}
CURLcode Curl_quic_connect(struct Curl_easy *data,
@@ -121,7 +123,10 @@ CURLcode Curl_quic_connect(struct Curl_easy *data,
return CURLE_FAILED_INIT;
}
- qs->conn = MsH3ConnectionOpen(qs->api, conn->host.name, unsecure);
+ qs->conn = MsH3ConnectionOpen(qs->api,
+ conn->host.name,
+ (uint16_t)conn->remote_port,
+ unsecure);
if(!qs->conn) {
failf(data, "can't create msh3 connection");
if(qs->api) {
@@ -357,7 +362,7 @@ static void MSH3_CALL msh3_complete(MSH3_REQUEST *Request, void *IfContext,
struct HTTP *stream = IfContext;
(void)Request;
(void)AbortError;
- H3BUGF(printf("* msh3_complete, aborted=%hhu\n", Aborted));
+ H3BUGF(printf("* msh3_complete, aborted=%s\n", Aborted ? "true" : "false"));
msh3_lock_acquire(&stream->recv_lock);
if(Aborted) {
stream->recv_error = CURLE_HTTP3; /* TODO - how do we pass AbortError? */
diff --git a/contrib/libs/curl/lib/vquic/ngtcp2.c b/contrib/libs/curl/lib/vquic/ngtcp2.c
index 233d7e2e4f..2636985597 100644
--- a/contrib/libs/curl/lib/vquic/ngtcp2.c
+++ b/contrib/libs/curl/lib/vquic/ngtcp2.c
@@ -264,6 +264,7 @@ static SSL_QUIC_METHOD quic_method = {quic_set_encryption_secrets,
static SSL_CTX *quic_ssl_ctx(struct Curl_easy *data)
{
+ struct connectdata *conn = data->conn;
SSL_CTX *ssl_ctx = SSL_CTX_new(TLS_method());
SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_3_VERSION);
@@ -291,12 +292,11 @@ static SSL_CTX *quic_ssl_ctx(struct Curl_easy *data)
SSL_CTX_set_keylog_callback(ssl_ctx, keylog_callback);
}
- {
- struct connectdata *conn = data->conn;
+ if(conn->ssl_config.verifypeer) {
const char * const ssl_cafile = conn->ssl_config.CAfile;
const char * const ssl_capath = conn->ssl_config.CApath;
- if(conn->ssl_config.verifypeer) {
+ if(ssl_cafile || ssl_capath) {
SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL);
/* tell OpenSSL where to find CA certificates that are used to verify
the server's certificate. */
@@ -311,6 +311,13 @@ static SSL_CTX *quic_ssl_ctx(struct Curl_easy *data)
infof(data, " CAfile: %s", ssl_cafile ? ssl_cafile : "none");
infof(data, " CApath: %s", ssl_capath ? ssl_capath : "none");
}
+#ifdef CURL_CA_FALLBACK
+ else {
+ /* verifying the peer without any CA certificates won't work so
+ use openssl's built-in default as fallback */
+ SSL_CTX_set_default_verify_paths(ssl_ctx);
+ }
+#endif
}
return ssl_ctx;
}