Added support for ALPN protocols list for TLS connections

author: Evgeny Grin (Karlson2k) <k2k@narod.ru> 2021-04-19 18:39:56 +0300
committer: Evgeny Grin (Karlson2k) <k2k@narod.ru> 2021-04-19 18:39:56 +0300
commit: 4e8f86a655a7d786bdce3f1330fd8fa083df8dfe (patch)
tree: 7bfaa59973bf02e5dc52b3e764a7f1c6141062cd /src/microhttpd/daemon.c
parent: 523fa712fdc408997f8387c9fef62968c13758f2 (diff)
download: libmicrohttpd-4e8f86a655a7d786bdce3f1330fd8fa083df8dfe.tar.gz
libmicrohttpd-4e8f86a655a7d786bdce3f1330fd8fa083df8dfe.zip
1 files changed, 38 insertions, 0 deletions
diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c
index 8d721203..0ce0a242 100644
--- a/src/microhttpd/daemon.c
+++ b/src/microhttpd/daemon.c
@@ -2550,6 +2550,32 @@ new_connection_prepare_ (struct MHD_Daemon *daemon,
 #endif
      return NULL;
    }
+#if (GNUTLS_VERSION_NUMBER + 0 >= 0x030200)
+    if (!daemon->disable_alpn)
+    {
+      gnutls_datum_t prts[2];
+      const char prt1[] = "http/1.1";
+      const char prt2[] = "http/1.0";
+      prts[0].data = (void*) prt1;
+      prts[0].size = MHD_STATICSTR_LEN_ (prt1);
+      prts[1].data = (void*) prt2;
+      prts[1].size = MHD_STATICSTR_LEN_ (prt2);
+      if (GNUTLS_E_SUCCESS !=
+          gnutls_alpn_set_protocols(connection->tls_session,
+                                    prts,
+                                    sizeof(prts) / sizeof(prts[0]),
+                                    0 /* || GNUTLS_ALPN_SERVER_PRECEDENCE */))
+      {
+#ifdef HAVE_MESSAGES
+        MHD_DLOG (daemon,
+                  _ ("Failed to set ALPN protocols.\n"));
+#else  /* ! HAVE_MESSAGES */
+        (void) 0; /* Mute compiler warning */
+#endif /* ! HAVE_MESSAGES */
+      }
+    }
+#endif /* GNUTLS_VERSION_NUMBER >= 0x030200 */
    gnutls_session_set_ptr (connection->tls_session,
                            connection);
    switch (daemon->cred_type)
@@ -5963,6 +5989,7 @@ parse_options_va (struct MHD_Daemon *daemon,
        /* all options taking 'int' */
        case MHD_OPTION_STRICT_FOR_CLIENT:
        case MHD_OPTION_SIGPIPE_HANDLED_BY_APP:
+        case MHD_OPTION_TLS_NO_ALPN:
          if (MHD_NO == parse_options (daemon,
                                       servaddr,
                                       opt,
@@ -6051,6 +6078,17 @@ parse_options_va (struct MHD_Daemon *daemon,
                       int);
      }
      break;
+    case MHD_OPTION_TLS_NO_ALPN:
+      daemon->disable_alpn = (va_arg (ap,
+                                      int) != 0);
+#ifdef HAVE_MESSAGES
+      if (0 == (daemon->options & MHD_USE_TLS))
+        MHD_DLOG (daemon,
+                  _ ("MHD HTTPS option %d passed to MHD " \
+                     "but MHD_USE_TLS not set.\n"),
+                  (int) opt);
+#endif /* HAVE_MESSAGES */
+      break;
    default:
 #ifdef HAVE_MESSAGES
      if ( ( (opt >= MHD_OPTION_HTTPS_MEM_KEY) &&
author	Evgeny Grin (Karlson2k) <k2k@narod.ru>	2021-04-19 18:39:56 +0300
committer	Evgeny Grin (Karlson2k) <k2k@narod.ru>	2021-04-19 18:39:56 +0300
commit	4e8f86a655a7d786bdce3f1330fd8fa083df8dfe (patch)
tree	7bfaa59973bf02e5dc52b3e764a7f1c6141062cd /src/microhttpd/daemon.c
parent	523fa712fdc408997f8387c9fef62968c13758f2 (diff)
download	libmicrohttpd-4e8f86a655a7d786bdce3f1330fd8fa083df8dfe.tar.gz libmicrohttpd-4e8f86a655a7d786bdce3f1330fd8fa083df8dfe.zip

diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c index 8d721203..0ce0a242 100644 --- a/src/microhttpd/daemon.c +++ b/src/microhttpd/daemon.c
@@ -2550,6 +2550,32 @@ new_connection_prepare_ (struct MHD_Daemon *daemon,
2550	#endif	2550	#endif
2551	return NULL;	2551	return NULL;
2552	}	2552	}
		2553	#if (GNUTLS_VERSION_NUMBER + 0 >= 0x030200)
		2554	if (!daemon->disable_alpn)
		2555	{
		2556	gnutls_datum_t prts[2];
		2557	const char prt1[] = "http/1.1";
		2558	const char prt2[] = "http/1.0";
		2559
		2560	prts[0].data = (void*) prt1;
		2561	prts[0].size = MHD_STATICSTR_LEN_ (prt1);
		2562	prts[1].data = (void*) prt2;
		2563	prts[1].size = MHD_STATICSTR_LEN_ (prt2);
		2564	if (GNUTLS_E_SUCCESS !=
		2565	gnutls_alpn_set_protocols(connection->tls_session,
		2566	prts,
		2567	sizeof(prts) / sizeof(prts[0]),
		2568	0 /* \|\| GNUTLS_ALPN_SERVER_PRECEDENCE */))
		2569	{
		2570	#ifdef HAVE_MESSAGES
		2571	MHD_DLOG (daemon,
		2572	_ ("Failed to set ALPN protocols.\n"));
		2573	#else /* ! HAVE_MESSAGES */
		2574	(void) 0; /* Mute compiler warning */
		2575	#endif /* ! HAVE_MESSAGES */
		2576	}
		2577	}
		2578	#endif /* GNUTLS_VERSION_NUMBER >= 0x030200 */
2553	gnutls_session_set_ptr (connection->tls_session,	2579	gnutls_session_set_ptr (connection->tls_session,
2554	connection);	2580	connection);
2555	switch (daemon->cred_type)	2581	switch (daemon->cred_type)
@@ -5963,6 +5989,7 @@ parse_options_va (struct MHD_Daemon *daemon,
5963	/* all options taking 'int' */	5989	/* all options taking 'int' */
5964	case MHD_OPTION_STRICT_FOR_CLIENT:	5990	case MHD_OPTION_STRICT_FOR_CLIENT:
5965	case MHD_OPTION_SIGPIPE_HANDLED_BY_APP:	5991	case MHD_OPTION_SIGPIPE_HANDLED_BY_APP:
		5992	case MHD_OPTION_TLS_NO_ALPN:
5966	if (MHD_NO == parse_options (daemon,	5993	if (MHD_NO == parse_options (daemon,
5967	servaddr,	5994	servaddr,
5968	opt,	5995	opt,
@@ -6051,6 +6078,17 @@ parse_options_va (struct MHD_Daemon *daemon,
6051	int);	6078	int);
6052	}	6079	}
6053	break;	6080	break;
		6081	case MHD_OPTION_TLS_NO_ALPN:
		6082	daemon->disable_alpn = (va_arg (ap,
		6083	int) != 0);
		6084	#ifdef HAVE_MESSAGES
		6085	if (0 == (daemon->options & MHD_USE_TLS))
		6086	MHD_DLOG (daemon,
		6087	_ ("MHD HTTPS option %d passed to MHD " \
		6088	"but MHD_USE_TLS not set.\n"),
		6089	(int) opt);
		6090	#endif /* HAVE_MESSAGES */
		6091	break;
6054	default:	6092	default:
6055	#ifdef HAVE_MESSAGES	6093	#ifdef HAVE_MESSAGES
6056	if ( ( (opt >= MHD_OPTION_HTTPS_MEM_KEY) &&	6094	if ( ( (opt >= MHD_OPTION_HTTPS_MEM_KEY) &&