version 1.119, 2017/01/24 23:47:34 |
version 1.120, 2018/02/10 06:25:16 |
|
|
|
|
#include <ctype.h> |
#include <ctype.h> |
#include <err.h> |
#include <err.h> |
|
#include <fcntl.h> |
#include <netdb.h> |
#include <netdb.h> |
#include <pwd.h> |
#include <pwd.h> |
#include <stdio.h> |
#include <stdio.h> |
|
|
|
|
#ifndef NOSSL |
#ifndef NOSSL |
char * const ssl_verify_opts[] = { |
char * const ssl_verify_opts[] = { |
#define SSL_CAFILE 0 |
#define SSL_CAFILE 0 |
"cafile", |
"cafile", |
#define SSL_CAPATH 1 |
#define SSL_CAPATH 1 |
"capath", |
"capath", |
#define SSL_CIPHERS 2 |
#define SSL_CIPHERS 2 |
"ciphers", |
"ciphers", |
#define SSL_DONTVERIFY 3 |
#define SSL_DONTVERIFY 3 |
"dont", |
"dont", |
#define SSL_DOVERIFY 4 |
#define SSL_DOVERIFY 4 |
"do", |
"do", |
#define SSL_VERIFYDEPTH 5 |
#define SSL_VERIFYDEPTH 5 |
"depth", |
"depth", |
#define SSL_MUSTSTAPLE 6 |
#define SSL_MUSTSTAPLE 6 |
"muststaple", |
"muststaple", |
#define SSL_NOVERIFYTIME 7 |
#define SSL_NOVERIFYTIME 7 |
"noverifytime", |
"noverifytime", |
|
#define SSL_SESSION 8 |
|
"session", |
NULL |
NULL |
}; |
}; |
|
|
struct tls_config *tls_config; |
struct tls_config *tls_config; |
|
int tls_session_fd = -1; |
|
|
static void |
static void |
process_ssl_options(char *cp) |
process_ssl_options(char *cp) |
|
|
case SSL_NOVERIFYTIME: |
case SSL_NOVERIFYTIME: |
tls_config_insecure_noverifytime(tls_config); |
tls_config_insecure_noverifytime(tls_config); |
break; |
break; |
|
case SSL_SESSION: |
|
if (str == NULL) |
|
errx(1, "missing session file"); |
|
if ((tls_session_fd = open(str, O_RDWR|O_CREAT, |
|
0600)) == -1) |
|
err(1, "failed to open or create session file " |
|
"'%s'", str); |
|
if (tls_config_set_session_fd(tls_config, |
|
tls_session_fd) == -1) |
|
errx(1, "failed to set session: %s", |
|
tls_config_error(tls_config)); |
|
break; |
default: |
default: |
errx(1, "unknown -S suboption `%s'", |
errx(1, "unknown -S suboption `%s'", |
suboptarg ? suboptarg : ""); |
suboptarg ? suboptarg : ""); |
|
|
errx(1, "tls set ciphers failed: %s", |
errx(1, "tls set ciphers failed: %s", |
tls_config_error(tls_config)); |
tls_config_error(tls_config)); |
} |
} |
#endif /* !SMALL */ |
#endif /* !NOSSL */ |
|
|
httpuseragent = NULL; |
httpuseragent = NULL; |
|
|