Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

mbedTLS fix for cURL 8.8.0 #3398

Merged
merged 2 commits into from
May 24, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion vendor/curl/lib/config-linux.h
Original file line number Diff line number Diff line change
Expand Up @@ -869,7 +869,7 @@
/* #undef USE_MANUAL */

/* if mbedTLS is enabled */
/* #undef USE_MBEDTLS */
#define USE_MBEDTLS 1

/* if msh3 is in use */
/* #undef USE_MSH3 */
Expand Down
2 changes: 1 addition & 1 deletion vendor/curl/lib/config-macos.h
Original file line number Diff line number Diff line change
Expand Up @@ -869,7 +869,7 @@
/* #undef USE_MANUAL */

/* if mbedTLS is enabled */
/* #undef USE_MBEDTLS */
#define USE_MBEDTLS 1

/* if msh3 is in use */
/* #undef USE_MSH3 */
Expand Down
21 changes: 13 additions & 8 deletions vendor/curl/lib/vtls/mbedtls.c
Original file line number Diff line number Diff line change
Expand Up @@ -902,8 +902,6 @@ mbed_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
(struct mbed_ssl_backend_data *)connssl->backend;
struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf);
const mbedtls_x509_crt *peercert;
char cipher_str[64];
uint16_t cipher_id;
#ifndef CURL_DISABLE_PROXY
const char * const pinnedpubkey = Curl_ssl_cf_is_proxy(cf)?
data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY]:
Expand Down Expand Up @@ -932,11 +930,18 @@ mbed_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
return CURLE_SSL_CONNECT_ERROR;
}

cipher_id = (uint16_t)
mbedtls_ssl_get_ciphersuite_id_from_ssl(&backend->ssl);
mbed_cipher_suite_get_str(cipher_id, cipher_str, sizeof(cipher_str), true);
infof(data, "mbedTLS: Handshake complete, cipher is %s", cipher_str);

#if MBEDTLS_VERSION_NUMBER >= 0x03020000
{
char cipher_str[64];
uint16_t cipher_id;
cipher_id = (uint16_t)
mbedtls_ssl_get_ciphersuite_id_from_ssl(&backend->ssl);
mbed_cipher_suite_get_str(cipher_id, cipher_str, sizeof(cipher_str), true);
infof(data, "mbedTLS: Handshake complete, cipher is %s", cipher_str);
}
#else
infof(data, "mbedTLS: Handshake complete");
#endif
ret = mbedtls_ssl_get_verify_result(&backend->ssl);

if(!conn_config->verifyhost)
Expand Down Expand Up @@ -1506,4 +1511,4 @@ const struct Curl_ssl Curl_ssl_mbedtls = {
mbed_send, /* send data to encrypt */
};

#endif /* USE_MBEDTLS */
#endif /* USE_MBEDTLS */
3 changes: 3 additions & 0 deletions vendor/curl/premake5.lua
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,9 @@ project "curl"
defines { "USE_SCHANNEL", "USE_WINDOWS_SSPI", "USE_WIN32_IDN" }
links { "crypt32", "Normaliz" }

filter { "system:not windows" }
defines { "USE_MBEDTLS" }

filter { "system:linux or bsd or macosx" }
defines { "CURL_HIDDEN_SYMBOLS" }

Expand Down
Loading