enum resolve_t rc = CURLRESOLV_ERROR; /* default to failure */
struct connectdata *conn = data->conn;
*entry = NULL;
+#ifndef CURL_DISABLE_DOH
conn->bits.doh = FALSE; /* default is not */
+#else
+ (void)allowDOH;
+#endif
if(data->share)
Curl_share_lock(data, CURL_LOCK_DATA_DNS, CURL_LOCK_ACCESS_SINGLE);
struct Curl_addrinfo *addr = NULL;
int respwait = 0;
+#if !defined(CURL_DISABLE_DOH) || !defined(USE_RESOLVE_ON_IPS)
struct in_addr in;
+#endif
+#ifndef CURL_DISABLE_DOH
#ifndef USE_RESOLVE_ON_IPS
const
#endif
bool ipnum = FALSE;
+#endif
/* notify the resolver start callback */
if(data->set.resolver_start) {
#endif /* ENABLE_IPV6 */
#else /* if USE_RESOLVE_ON_IPS */
+#ifndef CURL_DISABLE_DOH
/* First check if this is an IPv4 address string */
if(Curl_inet_pton(AF_INET, hostname, &in) > 0)
/* This is a dotted IP address 123.123.123.123-style */
ipnum = TRUE;
}
#endif /* ENABLE_IPV6 */
+#endif /* CURL_DISABLE_DOH */
#endif /* !USE_RESOLVE_ON_IPS */
if(strcasecompare(hostname, "localhost"))
addr = get_localhost(port);
+#ifndef CURL_DISABLE_DOH
else if(allowDOH && data->set.doh && !ipnum)
addr = Curl_doh(data, hostname, port, &respwait);
+#endif
else {
/* Check what IP specifics the app has requested and if we can provide
* it. If not, bail out. */
#if defined(CURL_DISABLE_DOH) && !defined(CURLRES_ASYNCH)
(void)dns;
#endif
-
+#ifndef CURL_DISABLE_DOH
if(data->conn->bits.doh)
return Curl_doh_is_resolved(data, dns);
+#endif
return Curl_resolver_is_resolved(data, dns);
}
curl_socket_t *socks)
{
#ifdef CURLRES_ASYNCH
+#ifndef CURL_DISABLE_DOH
if(data->conn->bits.doh)
/* nothing to wait for during DoH resolve, those handles have their own
sockets */
return GETSOCK_BLANK;
+#endif
return Curl_resolver_getsock(data, socks);
#else
(void)data;
data->set.ssl.primary.verifypeer;
}
break;
+#ifndef CURL_DISABLE_DOH
case CURLOPT_DOH_SSL_VERIFYPEER:
/*
* Enable peer SSL verifying for DoH.
data->set.doh_verifypeer = (0 != va_arg(param, long)) ?
TRUE : FALSE;
break;
+#endif
#ifndef CURL_DISABLE_PROXY
case CURLOPT_PROXY_SSL_VERIFYPEER:
/*
data->set.ssl.primary.verifyhost;
}
break;
+#ifndef CURL_DISABLE_DOH
case CURLOPT_DOH_SSL_VERIFYHOST:
/*
* Enable verification of the host name in the peer certificate for DoH
/* Treat both 1 and 2 as TRUE */
data->set.doh_verifyhost = (bool)((arg & 3) ? TRUE : FALSE);
break;
+#endif
#ifndef CURL_DISABLE_PROXY
case CURLOPT_PROXY_SSL_VERIFYHOST:
/*
data->set.ssl.primary.verifystatus;
}
break;
+#ifndef CURL_DISABLE_DOH
case CURLOPT_DOH_SSL_VERIFYSTATUS:
/*
* Enable certificate status verifying for DoH.
data->set.doh_verifystatus = (0 != va_arg(param, long)) ?
TRUE : FALSE;
break;
+#endif
case CURLOPT_SSL_CTX_FUNCTION:
/*
* Set a SSL_CTX callback
* libcurl 7.10 introduced SSL verification *by default*! This needs to be
* switched off unless wanted.
*/
+#ifndef CURL_DISABLE_DOH
set->doh_verifyhost = TRUE;
set->doh_verifypeer = TRUE;
+#endif
set->ssl.primary.verifypeer = TRUE;
set->ssl.primary.verifyhost = TRUE;
#ifdef USE_TLS_SRP
BIT(tls_enable_npn); /* TLS NPN extension? */
BIT(tls_enable_alpn); /* TLS ALPN extension? */
BIT(connect_only);
+#ifndef CURL_DISABLE_DOH
BIT(doh);
+#endif
#ifdef USE_UNIX_SOCKETS
BIT(abstract_unix_socket);
#endif
header */
BIT(abstract_unix_socket);
BIT(disallow_username_in_url); /* disallow username in url */
+#ifndef CURL_DISABLE_DOH
BIT(doh); /* DNS-over-HTTPS enabled */
BIT(doh_verifypeer); /* DoH certificate peer verification */
BIT(doh_verifyhost); /* DoH certificate hostname verification */
BIT(doh_verifystatus); /* DoH certificate status verification */
+#endif
BIT(http09_allowed); /* allow HTTP/0.9 responses */
BIT(mail_rcpt_allowfails); /* allow RCPT TO command to fail for some
recipients */
projects / thirdparty / curl.git / commitdiff
