| version 1.90, 2014/07/14 05:54:12 |
version 1.91, 2014/07/14 09:26:27 |
|
|
| #include <string.h> |
#include <string.h> |
| #include <unistd.h> |
#include <unistd.h> |
| |
|
| #include "ftp_var.h" |
#include <ressl.h> |
| |
|
| #include "cmds.h" |
#include "cmds.h" |
| |
#include "ftp_var.h" |
| |
|
| #ifndef SMALL |
#ifndef SMALL |
| char * const ssl_verify_opts[] = { |
char * const ssl_verify_opts[] = { |
|
|
| "depth", |
"depth", |
| NULL |
NULL |
| }; |
}; |
| char *ssl_ciphers; |
|
| int ssl_verify = 1; |
struct ressl_config *ressl_config; |
| int ssl_verify_depth = -1; |
|
| char *ssl_ca_file; |
|
| char *ssl_ca_path; |
|
| #endif /* !SMALL */ |
#endif /* !SMALL */ |
| |
|
| int family = PF_UNSPEC; |
int family = PF_UNSPEC; |
|
|
| char *outfile = NULL; |
char *outfile = NULL; |
| const char *errstr; |
const char *errstr; |
| int dumb_terminal = 0; |
int dumb_terminal = 0; |
| |
#ifndef SMALL |
| |
long long depth; |
| |
#endif |
| |
|
| ftpport = "ftp"; |
ftpport = "ftp"; |
| httpport = "http"; |
httpport = "http"; |
|
|
| |
|
| case 'S': |
case 'S': |
| #ifndef SMALL |
#ifndef SMALL |
| |
if (ressl_config == NULL) { |
| |
ressl_config = ressl_config_new(); |
| |
if (ressl_config == NULL) |
| |
errx(1, "ressl config failed"); |
| |
} |
| |
|
| cp = optarg; |
cp = optarg; |
| while (*cp) { |
while (*cp) { |
| char *str; |
char *str; |
|
|
| case SSL_CAFILE: |
case SSL_CAFILE: |
| if (str == NULL) |
if (str == NULL) |
| errx(1, "missing CA file"); |
errx(1, "missing CA file"); |
| ssl_ca_file = str; |
ressl_config_set_ca_file(ressl_config, |
| |
str); |
| break; |
break; |
| case SSL_CAPATH: |
case SSL_CAPATH: |
| if (str == NULL) |
if (str == NULL) |
| errx(1, "missing CA directory" |
errx(1, "missing CA directory" |
| " path"); |
" path"); |
| ssl_ca_path = str; |
ressl_config_set_ca_path(ressl_config, |
| |
str); |
| break; |
break; |
| case SSL_CIPHERS: |
case SSL_CIPHERS: |
| if (str == NULL) |
if (str == NULL) |
| errx(1, "missing cipher list"); |
errx(1, "missing cipher list"); |
| ssl_ciphers = str; |
ressl_config_set_ciphers(ressl_config, |
| |
str); |
| break; |
break; |
| case SSL_DONTVERIFY: |
case SSL_DONTVERIFY: |
| ssl_verify = 0; |
ressl_config_insecure_no_verify( |
| |
ressl_config); |
| break; |
break; |
| case SSL_DOVERIFY: |
case SSL_DOVERIFY: |
| ssl_verify = 1; |
ressl_config_verify(ressl_config); |
| break; |
break; |
| case SSL_VERIFYDEPTH: |
case SSL_VERIFYDEPTH: |
| if (str == NULL) |
if (str == NULL) |
| errx(1, "missing depth"); |
errx(1, "missing depth"); |
| ssl_verify_depth = strtonum(str, 0, |
depth = strtonum(str, 0, INT_MAX, |
| INT_MAX, &errstr); |
&errstr); |
| if (errstr) |
if (errstr) |
| errx(1, "certificate " |
errx(1, "certificate " |
| "validation depth is %s", |
"validation depth is %s", |
| errstr); |
errstr); |
| |
ressl_config_set_verify_depth( |
| |
ressl_config, (int)depth); |
| break; |
break; |
| default: |
default: |
| errx(1, "unknown -S suboption `%s'", |
errx(1, "unknown -S suboption `%s'", |
![[BACK]](/icons/back.gif){kind=icon}
Return to main.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ftp