version 1.183, 2017/05/26 16:05:35 |
version 1.184, 2017/06/10 18:14:10 |
|
|
err(1, "pledge"); |
err(1, "pledge"); |
} else if (pledge("stdio inet dns sendfd", NULL) == -1) |
} else if (pledge("stdio inet dns sendfd", NULL) == -1) |
err(1, "pledge"); |
err(1, "pledge"); |
|
} else if (Pflag && usetls) { |
|
if (pledge("stdio rpath inet dns tty", NULL) == -1) |
|
err(1, "pledge"); |
} else if (Pflag) { |
} else if (Pflag) { |
if (pledge("stdio inet dns tty", NULL) == -1) |
if (pledge("stdio inet dns tty", NULL) == -1) |
err(1, "pledge"); |
err(1, "pledge"); |
|
|
} |
} |
|
|
if (usetls) { |
if (usetls) { |
if (Pflag) { |
|
if (pledge("stdio inet dns tty rpath", NULL) == -1) |
|
err(1, "pledge"); |
|
} else if (pledge("stdio inet dns rpath", NULL) == -1) |
|
err(1, "pledge"); |
|
|
|
if (tls_init() == -1) |
if (tls_init() == -1) |
errx(1, "unable to initialize TLS"); |
errx(1, "unable to initialize TLS"); |
if ((tls_cfg = tls_config_new()) == NULL) |
if ((tls_cfg = tls_config_new()) == NULL) |
|
|
if (TLSopt & TLS_NOVERIFY) { |
if (TLSopt & TLS_NOVERIFY) { |
if (tls_expecthash != NULL) |
if (tls_expecthash != NULL) |
errx(1, "-H and -T noverify may not be used" |
errx(1, "-H and -T noverify may not be used" |
"together"); |
" together"); |
tls_config_insecure_noverifycert(tls_cfg); |
tls_config_insecure_noverifycert(tls_cfg); |
} |
} |
if (TLSopt & TLS_MUSTSTAPLE) |
if (TLSopt & TLS_MUSTSTAPLE) |