version 1.167, 2016/11/04 05:13:13 |
version 1.168, 2016/11/05 15:13:26 |
|
|
int usetls; /* use TLS */ |
int usetls; /* use TLS */ |
char *Cflag; /* Public cert file */ |
char *Cflag; /* Public cert file */ |
char *Kflag; /* Private key file */ |
char *Kflag; /* Private key file */ |
|
char *oflag; /* OCSP stapling file */ |
char *Rflag = DEFAULT_CA_FILE; /* Root CA file */ |
char *Rflag = DEFAULT_CA_FILE; /* Root CA file */ |
int tls_cachanged; /* Using non-default CA file */ |
int tls_cachanged; /* Using non-default CA file */ |
int TLSopt; /* TLS options */ |
int TLSopt; /* TLS options */ |
|
|
signal(SIGPIPE, SIG_IGN); |
signal(SIGPIPE, SIG_IGN); |
|
|
while ((ch = getopt(argc, argv, |
while ((ch = getopt(argc, argv, |
"46C:cDde:FH:hI:i:K:klM:m:NnO:P:p:R:rSs:T:tUuV:vw:X:x:z")) != -1) { |
"46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:R:rSs:T:tUuV:vw:X:x:z")) != -1) { |
switch (ch) { |
switch (ch) { |
case '4': |
case '4': |
family = AF_INET; |
family = AF_INET; |
|
|
errx(1, "TCP send window %s: %s", |
errx(1, "TCP send window %s: %s", |
errstr, optarg); |
errstr, optarg); |
break; |
break; |
|
case 'o': |
|
oflag = optarg; |
|
break; |
case 'S': |
case 'S': |
Sflag = 1; |
Sflag = 1; |
break; |
break; |
|
|
errx(1, "you must specify -c to use -C"); |
errx(1, "you must specify -c to use -C"); |
if (Kflag && !usetls) |
if (Kflag && !usetls) |
errx(1, "you must specify -c to use -K"); |
errx(1, "you must specify -c to use -K"); |
|
if (oflag && !Cflag) |
|
errx(1, "you must specify -C to use -o"); |
if (tls_cachanged && !usetls) |
if (tls_cachanged && !usetls) |
errx(1, "you must specify -c to use -R"); |
errx(1, "you must specify -c to use -R"); |
if (tls_expecthash && !usetls) |
if (tls_expecthash && !usetls) |
|
|
if (Cflag && tls_config_set_cert_file(tls_cfg, Cflag) == -1) |
if (Cflag && tls_config_set_cert_file(tls_cfg, Cflag) == -1) |
errx(1, "%s", tls_config_error(tls_cfg)); |
errx(1, "%s", tls_config_error(tls_cfg)); |
if (Kflag && tls_config_set_key_file(tls_cfg, Kflag) == -1) |
if (Kflag && tls_config_set_key_file(tls_cfg, Kflag) == -1) |
|
errx(1, "%s", tls_config_error(tls_cfg)); |
|
if (oflag && tls_config_set_ocsp_staple_file(tls_cfg, oflag) == -1) |
errx(1, "%s", tls_config_error(tls_cfg)); |
errx(1, "%s", tls_config_error(tls_cfg)); |
if (TLSopt & TLS_LEGACY) { |
if (TLSopt & TLS_LEGACY) { |
tls_config_set_protocols(tls_cfg, TLS_PROTOCOLS_ALL); |
tls_config_set_protocols(tls_cfg, TLS_PROTOCOLS_ALL); |