Make SSL support conditional on NOCRYPT.
This commit is contained in:
Dag-Erling Smørgrav
parent
eb5cb11b70
commit
3070f6cb06
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=97891
@ -5,6 +5,9 @@ LIB= fetch
|
||||
WARNS?= 4
|
||||
CFLAGS+= -I.
|
||||
CFLAGS+= -DINET6
|
||||
.if !defined(NOCRYPT)
|
||||
CFLAGS+= -DWITH_SSL
|
||||
.endif
|
||||
SRCS= fetch.c common.c ftp.c http.c file.c \
|
||||
ftperr.h httperr.h
|
||||
INCS= fetch.h
|
||||
|
||||
@ -270,6 +270,7 @@ int
|
||||
_fetch_ssl(conn_t *conn, int verbose)
|
||||
{
|
||||
|
||||
#ifdef WITH_SSL
|
||||
/* Init the SSL library and context */
|
||||
if (!SSL_library_init()){
|
||||
fprintf(stderr, "SSL library init failed\n");
|
||||
@ -310,6 +311,12 @@ _fetch_ssl(conn_t *conn, int verbose)
|
||||
}
|
||||
|
||||
return (0);
|
||||
#else
|
||||
(void)conn;
|
||||
(void)verbose;
|
||||
fprintf(stderr, "SSL support disabled\n");
|
||||
return (-1);
|
||||
#endif
|
||||
}
|
||||
|
||||
/*
|
||||
@ -350,9 +357,11 @@ _fetch_read(conn_t *conn, char *buf, size_t len)
|
||||
return (-1);
|
||||
}
|
||||
}
|
||||
#ifdef WITH_SSL
|
||||
if (conn->ssl != NULL)
|
||||
rlen = SSL_read(conn->ssl, buf, len);
|
||||
else
|
||||
#endif
|
||||
rlen = read(conn->sd, buf, len);
|
||||
if (rlen == 0)
|
||||
break;
|
||||
@ -453,9 +462,11 @@ _fetch_write(conn_t *conn, const char *buf, size_t len)
|
||||
}
|
||||
}
|
||||
errno = 0;
|
||||
#ifdef WITH_SSL
|
||||
if (conn->ssl != NULL)
|
||||
wlen = SSL_write(conn->ssl, buf, len);
|
||||
else
|
||||
#endif
|
||||
wlen = write(conn->sd, buf, len);
|
||||
if (wlen == 0)
|
||||
/* we consider a short write a failure */
|
||||
|
||||
@ -36,11 +36,13 @@
|
||||
#define FTP_DEFAULT_PROXY_PORT 21
|
||||
#define HTTP_DEFAULT_PROXY_PORT 3128
|
||||
|
||||
#ifdef WITH_SSL
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/err.h>
|
||||
#endif
|
||||
|
||||
/* Connection */
|
||||
typedef struct fetchconn conn_t;
|
||||
@ -50,10 +52,12 @@ struct fetchconn {
|
||||
size_t bufsize; /* buffer size */
|
||||
size_t buflen; /* length of buffer contents */
|
||||
int err; /* last protocol reply code */
|
||||
#ifdef WITH_SSL
|
||||
SSL *ssl; /* SSL handle */
|
||||
SSL_CTX *ssl_ctx; /* SSL context */
|
||||
X509 *ssl_cert; /* server certificate */
|
||||
SSL_METHOD *ssl_meth; /* SSL method */
|
||||
#endif
|
||||
};
|
||||
|
||||
/* Structure used for error message lists */
|
||||
|
||||
@ -683,6 +683,9 @@ _http_connect(struct url *URL, struct url *purl, const char *flags)
|
||||
if (strcasecmp(URL->scheme, SCHEME_HTTPS) == 0 &&
|
||||
_fetch_ssl(conn, verbose) == -1) {
|
||||
_fetch_close(conn);
|
||||
/* grrr */
|
||||
errno = EAUTH;
|
||||
_fetch_syserr();
|
||||
return (NULL);
|
||||
}
|
||||
return (conn);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user