kopia lustrzana https://gitlab.com/sane-project/backends
escl : fix tls/ssl connection
ThierryFR
rodzic
c6a99e409e
commit
f711faf0a6
|
|
@ -61,25 +61,6 @@ static const SANE_Device **devlist = NULL;
|
|||
static ESCL_Device *list_devices_primary = NULL;
|
||||
static int num_devices = 0;
|
||||
|
||||
#ifdef CURL_SSLVERSION_MAX_DEFAULT
|
||||
static int proto_tls[] = {
|
||||
CURL_SSLVERSION_MAX_DEFAULT,
|
||||
#ifdef CURL_SSLVERSION_MAX_TLSv1_3
|
||||
CURL_SSLVERSION_MAX_TLSv1_3,
|
||||
#endif
|
||||
#ifdef CURL_SSLVERSION_MAX_TLSv1_2
|
||||
CURL_SSLVERSION_MAX_TLSv1_2,
|
||||
#endif
|
||||
#ifdef CURL_SSLVERSION_MAX_TLSv1_1
|
||||
CURL_SSLVERSION_MAX_TLSv1_1,
|
||||
#endif
|
||||
#ifdef CURL_SSLVERSION_MAX_TLSv1_0
|
||||
CURL_SSLVERSION_MAX_TLSv1_0,
|
||||
#endif
|
||||
-1
|
||||
};
|
||||
#endif
|
||||
|
||||
|
||||
typedef struct Handled {
|
||||
struct Handled *next;
|
||||
|
|
@ -120,17 +101,15 @@ escl_free_device(ESCL_Device *current)
|
|||
}
|
||||
|
||||
|
||||
#ifdef CURL_SSLVERSION_MAX_DEFAULT
|
||||
static int
|
||||
escl_tls_protocol_supported(char *url, int proto)
|
||||
escl_tls_protocol_supported(char *url)
|
||||
{
|
||||
CURLcode res = CURLE_UNSUPPORTED_PROTOCOL;
|
||||
CURL *curl = curl_easy_init();
|
||||
if(curl) {
|
||||
curl_easy_setopt(curl, CURLOPT_URL, url);
|
||||
|
||||
/* ask libcurl to use TLS version 1.0 or later */
|
||||
curl_easy_setopt(curl, CURLOPT_SSLVERSION, proto);
|
||||
curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_TRY);
|
||||
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
|
||||
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
|
||||
curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
|
||||
|
|
@ -145,33 +124,17 @@ escl_tls_protocol_supported(char *url, int proto)
|
|||
static int
|
||||
escl_is_tls(char * url, char *type)
|
||||
{
|
||||
int tls_version = 0;
|
||||
if(!strcmp(type, "_uscans._tcp") ||
|
||||
!strcmp(type, "https"))
|
||||
{
|
||||
while(proto_tls[tls_version] != -1)
|
||||
{
|
||||
if (escl_tls_protocol_supported(url, proto_tls[tls_version]) == CURLE_OK)
|
||||
if (escl_tls_protocol_supported(url) == CURLE_OK)
|
||||
{
|
||||
DBG(10, "curl tls compatible (%d)\n", proto_tls[tls_version]);
|
||||
break;
|
||||
DBG(10, "curl tls compatible\n");
|
||||
return 1;
|
||||
}
|
||||
tls_version++;
|
||||
}
|
||||
if (proto_tls[tls_version] < 1)
|
||||
return 0;
|
||||
}
|
||||
return proto_tls[tls_version];
|
||||
}
|
||||
#else
|
||||
static int
|
||||
escl_is_tls(char * url, char *type)
|
||||
{
|
||||
(void)url;
|
||||
(void)type;
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
void
|
||||
escl_free_handler(escl_sane_t *handler)
|
||||
|
|
@ -1899,10 +1862,9 @@ escl_curl_url(CURL *handle, const ESCL_Device *device, SANE_String_Const path)
|
|||
DBG( 10, "After use hack\n");
|
||||
if (device->https) {
|
||||
DBG( 10, "Ignoring safety certificates, use https\n");
|
||||
curl_easy_setopt(handle, CURLOPT_USE_SSL, (long)CURLUSESSL_TRY);
|
||||
curl_easy_setopt(handle, CURLOPT_SSL_VERIFYPEER, 0L);
|
||||
curl_easy_setopt(handle, CURLOPT_SSL_VERIFYHOST, 0L);
|
||||
if (device->tls > 0)
|
||||
curl_easy_setopt(handle, CURLOPT_SSLVERSION, device->tls);
|
||||
}
|
||||
if (device->unix_socket != NULL) {
|
||||
DBG( 10, "Using local socket %s\n", device->unix_socket );
|
||||
|
|
|
|||
Ładowanie…
Reference in New Issue