setopt: create set_ssl_options()

author Daniel Stenberg <daniel@haxx.se>

Fri, 23 May 2025 13:57:08 +0000 (15:57 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Fri, 23 May 2025 15:15:00 +0000 (17:15 +0200)
author Daniel Stenberg <daniel@haxx.se>
Fri, 23 May 2025 13:57:08 +0000 (15:57 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Fri, 23 May 2025 15:15:00 +0000 (17:15 +0200)
diff --git a/lib/doh.c b/lib/doh.c

index fc20e9599ed4552980d261f83c66ad14db133924..e2d3d6ee2ce9d45fca67f0798731673667370c5c 100644 (file)
--- a/lib/doh.c
+++ b/lib/doh.c
@@ -410,23 +410,8 @@ static CURLcode doh_probe_run(struct Curl_easy *data,
                         data->set.str[STRING_SSL_EC_CURVES]);
    }
  
-  {
-    long mask =
-      (data->set.ssl.enable_beast ?
-       CURLSSLOPT_ALLOW_BEAST : 0) |
-      (data->set.ssl.no_revoke ?
-       CURLSSLOPT_NO_REVOKE : 0) |
-      (data->set.ssl.no_partialchain ?
-       CURLSSLOPT_NO_PARTIALCHAIN : 0) |
-      (data->set.ssl.revoke_best_effort ?
-       CURLSSLOPT_REVOKE_BEST_EFFORT : 0) |
-      (data->set.ssl.native_ca_store ?
-       CURLSSLOPT_NATIVE_CA : 0) |
-      (data->set.ssl.auto_client_cert ?
-       CURLSSLOPT_AUTO_CLIENT_CERT : 0);
-
-    (void)curl_easy_setopt(doh, CURLOPT_SSL_OPTIONS, mask);
-  }
+  (void)curl_easy_setopt(doh, CURLOPT_SSL_OPTIONS,
+                         (long)data->set.ssl.primary.ssl_options);
  
    doh->state.internal = TRUE;
    doh->master_mid = data->mid; /* master transfer of this one */
diff --git a/lib/setopt.c b/lib/setopt.c

index 61153f3f92f113a18695968afcde823831a99c47..98def48d04a7c802c251ba0f65c7168f700246a4 100644 (file)
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -391,6 +391,22 @@ static CURLcode setopt_RTSP_REQUEST(struct Curl_easy *data, long arg)
  }
  #endif /* ! CURL_DISABLE_RTSP */
  
+#ifdef USE_SSL
+static void set_ssl_options(struct ssl_config_data *ssl,
+                            struct ssl_primary_config *config,
+                            long arg)
+{
+  config->ssl_options = (unsigned char)(arg & 0xff);
+  ssl->enable_beast = !!(arg & CURLSSLOPT_ALLOW_BEAST);
+  ssl->no_revoke = !!(arg & CURLSSLOPT_NO_REVOKE);
+  ssl->no_partialchain = !!(arg & CURLSSLOPT_NO_PARTIALCHAIN);
+  ssl->revoke_best_effort = !!(arg & CURLSSLOPT_REVOKE_BEST_EFFORT);
+  ssl->native_ca_store = !!(arg & CURLSSLOPT_NATIVE_CA);
+  ssl->auto_client_cert = !!(arg & CURLSSLOPT_AUTO_CLIENT_CERT);
+  ssl->earlydata = !!(arg & CURLSSLOPT_EARLYDATA);
+}
+#endif
+
  static CURLcode setopt_long(struct Curl_easy *data, CURLoption option,
                              long arg)
  {
@@ -1131,29 +1147,12 @@ static CURLcode setopt_long(struct Curl_easy *data, CURLoption option,
      data->set.use_ssl = (unsigned char)arg;
      break;
    case CURLOPT_SSL_OPTIONS:
-    data->set.ssl.primary.ssl_options = (unsigned char)(arg & 0xff);
-    data->set.ssl.enable_beast = !!(arg & CURLSSLOPT_ALLOW_BEAST);
-    data->set.ssl.no_revoke = !!(arg & CURLSSLOPT_NO_REVOKE);
-    data->set.ssl.no_partialchain = !!(arg & CURLSSLOPT_NO_PARTIALCHAIN);
-    data->set.ssl.revoke_best_effort = !!(arg & CURLSSLOPT_REVOKE_BEST_EFFORT);
-    data->set.ssl.native_ca_store = !!(arg & CURLSSLOPT_NATIVE_CA);
-    data->set.ssl.auto_client_cert = !!(arg & CURLSSLOPT_AUTO_CLIENT_CERT);
-    data->set.ssl.earlydata = !!(arg & CURLSSLOPT_EARLYDATA);
-    /* If a setting is added here it should also be added in dohprobe()
-       which sets its own CURLOPT_SSL_OPTIONS based on these settings. */
+    set_ssl_options(&data->set.ssl, &data->set.ssl.primary, arg);
      break;
  
  #ifndef CURL_DISABLE_PROXY
    case CURLOPT_PROXY_SSL_OPTIONS:
-    data->set.proxy_ssl.primary.ssl_options = (unsigned char)(arg & 0xff);
-    data->set.proxy_ssl.enable_beast = !!(arg & CURLSSLOPT_ALLOW_BEAST);
-    data->set.proxy_ssl.no_revoke = !!(arg & CURLSSLOPT_NO_REVOKE);
-    data->set.proxy_ssl.no_partialchain = !!(arg & CURLSSLOPT_NO_PARTIALCHAIN);
-    data->set.proxy_ssl.revoke_best_effort =
-      !!(arg & CURLSSLOPT_REVOKE_BEST_EFFORT);
-    data->set.proxy_ssl.native_ca_store = !!(arg & CURLSSLOPT_NATIVE_CA);
-    data->set.proxy_ssl.auto_client_cert =
-      !!(arg & CURLSSLOPT_AUTO_CLIENT_CERT);
+    set_ssl_options(&data->set.proxy_ssl, &data->set.proxy_ssl.primary, arg);
      break;
  #endif
author	Daniel Stenberg <daniel@haxx.se>
	Fri, 23 May 2025 13:57:08 +0000 (15:57 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Fri, 23 May 2025 15:15:00 +0000 (17:15 +0200)
lib/doh.c		patch \| blob \| blame \| history
lib/setopt.c		patch \| blob \| blame \| history