summaryrefslogtreecommitdiff
path: root/content
diff options
context:
space:
mode:
authorJohn Mark Bell <jmb@netsurf-browser.org>2009-02-21 02:46:47 +0000
committerJohn Mark Bell <jmb@netsurf-browser.org>2009-02-21 02:46:47 +0000
commit756c393abb5abb1cd13e646cfc3d78b5d90b10a5 (patch)
treead14e00ad686f146238efcc7a4ab5b541a138e3c /content
parentde7a20499a6cfee6a2a1e0e795dbf523f6a7f24d (diff)
downloadnetsurf-756c393abb5abb1cd13e646cfc3d78b5d90b10a5.tar.gz
netsurf-756c393abb5abb1cd13e646cfc3d78b5d90b10a5.tar.bz2
Given that the build-time SSL detection can be somewhat inaccurate, attempt to determine whether we can use the SSL_CTX stuff at runtime.
svn path=/trunk/netsurf/; revision=6586
Diffstat (limited to 'content')
-rw-r--r--content/fetchers/fetch_curl.c25
1 files changed, 21 insertions, 4 deletions
diff --git a/content/fetchers/fetch_curl.c b/content/fetchers/fetch_curl.c
index 30ba73403..d5182187d 100644
--- a/content/fetchers/fetch_curl.c
+++ b/content/fetchers/fetch_curl.c
@@ -102,6 +102,9 @@ CURLM *fetch_curl_multi; /**< Global cURL multi handle. */
static CURL *fetch_blank_curl;
static struct cache_handle *curl_handle_ring = 0; /**< Ring of cached handles */
static int curl_fetchers_registered = 0;
+#ifdef WITH_SSL
+static bool curl_with_openssl;
+#endif
static char fetch_error_buffer[CURL_ERROR_SIZE]; /**< Error buffer for cURL. */
static char fetch_progress_buffer[256]; /**< Progress buffer for cURL */
@@ -211,6 +214,16 @@ void fetch_curl_register(void)
if (option_ca_path && strcmp(option_ca_path, ""))
SETOPT(CURLOPT_CAPATH, option_ca_path);
+#ifdef WITH_SSL
+ /* Detect whether the SSL CTX function API works */
+ curl_with_openssl = true;
+ code = curl_easy_setopt(fetch_blank_curl,
+ CURLOPT_SSL_CTX_FUNCTION, NULL);
+ if (code != CURLE_OK) {
+ curl_with_openssl = false;
+ }
+#endif
+
/* cURL initialised okay, register the fetchers */
data = curl_version_info(CURLVERSION_NOW);
@@ -595,14 +608,18 @@ fetch_curl_set_options(struct curl_fetch_info *f)
/* Disable certificate verification */
SETOPT(CURLOPT_SSL_VERIFYPEER, 0L);
SETOPT(CURLOPT_SSL_VERIFYHOST, 0L);
- SETOPT(CURLOPT_SSL_CTX_FUNCTION, NULL);
- SETOPT(CURLOPT_SSL_CTX_DATA, NULL);
+ if (curl_with_openssl) {
+ SETOPT(CURLOPT_SSL_CTX_FUNCTION, NULL);
+ SETOPT(CURLOPT_SSL_CTX_DATA, NULL);
+ }
} else {
/* do verification */
SETOPT(CURLOPT_SSL_VERIFYPEER, 1L);
SETOPT(CURLOPT_SSL_VERIFYHOST, 2L);
- SETOPT(CURLOPT_SSL_CTX_FUNCTION, fetch_curl_sslctxfun);
- SETOPT(CURLOPT_SSL_CTX_DATA, f);
+ if (curl_with_openssl) {
+ SETOPT(CURLOPT_SSL_CTX_FUNCTION, fetch_curl_sslctxfun);
+ SETOPT(CURLOPT_SSL_CTX_DATA, f);
+ }
}
#endif