version 1.94, 2014/10/03 14:15:41 |
version 1.95, 2014/10/31 13:48:21 |
|
|
#include <string.h> |
#include <string.h> |
#include <unistd.h> |
#include <unistd.h> |
|
|
#include <ressl.h> |
#include <tls.h> |
|
|
#include "cmds.h" |
#include "cmds.h" |
#include "ftp_var.h" |
#include "ftp_var.h" |
|
|
NULL |
NULL |
}; |
}; |
|
|
struct ressl_config *ressl_config; |
struct tls_config *tls_config; |
#endif /* !SMALL */ |
#endif /* !SMALL */ |
|
|
int family = PF_UNSPEC; |
int family = PF_UNSPEC; |
|
|
|
|
case 'S': |
case 'S': |
#ifndef SMALL |
#ifndef SMALL |
if (ressl_config == NULL) { |
if (tls_config == NULL) { |
ressl_config = ressl_config_new(); |
tls_config = tls_config_new(); |
if (ressl_config == NULL) |
if (tls_config == NULL) |
errx(1, "ressl config failed"); |
errx(1, "tls config failed"); |
} |
} |
|
|
cp = optarg; |
cp = optarg; |
|
|
case SSL_CAFILE: |
case SSL_CAFILE: |
if (str == NULL) |
if (str == NULL) |
errx(1, "missing CA file"); |
errx(1, "missing CA file"); |
if (ressl_config_set_ca_file( |
if (tls_config_set_ca_file( |
ressl_config, str) != 0) |
tls_config, str) != 0) |
errx(1, "ressl ca file failed"); |
errx(1, "tls ca file failed"); |
break; |
break; |
case SSL_CAPATH: |
case SSL_CAPATH: |
if (str == NULL) |
if (str == NULL) |
errx(1, "missing CA directory" |
errx(1, "missing CA directory" |
" path"); |
" path"); |
if (ressl_config_set_ca_path( |
if (tls_config_set_ca_path( |
ressl_config, str) != 0) |
tls_config, str) != 0) |
errx(1, "ressl ca path failed"); |
errx(1, "tls ca path failed"); |
break; |
break; |
case SSL_CIPHERS: |
case SSL_CIPHERS: |
if (str == NULL) |
if (str == NULL) |
errx(1, "missing cipher list"); |
errx(1, "missing cipher list"); |
if (ressl_config_set_ciphers( |
if (tls_config_set_ciphers( |
ressl_config, str) != 0) |
tls_config, str) != 0) |
errx(1, "ressl ciphers failed"); |
errx(1, "tls ciphers failed"); |
break; |
break; |
case SSL_DONTVERIFY: |
case SSL_DONTVERIFY: |
ressl_config_insecure_noverifyhost( |
tls_config_insecure_noverifyhost( |
ressl_config); |
tls_config); |
ressl_config_insecure_noverifycert( |
tls_config_insecure_noverifycert( |
ressl_config); |
tls_config); |
break; |
break; |
case SSL_DOVERIFY: |
case SSL_DOVERIFY: |
ressl_config_verify(ressl_config); |
tls_config_verify(tls_config); |
break; |
break; |
case SSL_VERIFYDEPTH: |
case SSL_VERIFYDEPTH: |
if (str == NULL) |
if (str == NULL) |
|
|
errx(1, "certificate " |
errx(1, "certificate " |
"validation depth is %s", |
"validation depth is %s", |
errstr); |
errstr); |
ressl_config_set_verify_depth( |
tls_config_set_verify_depth( |
ressl_config, (int)depth); |
tls_config, (int)depth); |
break; |
break; |
default: |
default: |
errx(1, "unknown -S suboption `%s'", |
errx(1, "unknown -S suboption `%s'", |