Make SSL support conditional on NOCRYPT.

2002-06-05 21:35:35 +00:00 · 2002-06-05 21:35:35 +00:00 · 3070f6cb06
commit 3070f6cb06
parent eb5cb11b70
4 changed files with 21 additions and 0 deletions
--- a/lib/libfetch/Makefile
+++ b/lib/libfetch/Makefile
@ -5,6 +5,9 @@ LIB=		fetch
 WARNS?=		4
 CFLAGS+=	-I.
 CFLAGS+=	-DINET6
+.if !defined(NOCRYPT)
+CFLAGS+=	-DWITH_SSL
+.endif
 SRCS=		fetch.c common.c ftp.c http.c file.c \
 		ftperr.h httperr.h
 INCS=		fetch.h
--- a/lib/libfetch/common.c
+++ b/lib/libfetch/common.c
@ -270,6 +270,7 @@ int
 _fetch_ssl(conn_t *conn, int verbose)
 {

+#ifdef WITH_SSL
 	/* Init the SSL library and context */
 	if (!SSL_library_init()){
 		fprintf(stderr, "SSL library init failed\n");
@ -310,6 +311,12 @@ _fetch_ssl(conn_t *conn, int verbose)
 	}

 	return (0);
+#else
+	(void)conn;
+	(void)verbose;
+	fprintf(stderr, "SSL support disabled\n");
+	return (-1);
+#endif
 }

 /*
@ -350,9 +357,11 @@ _fetch_read(conn_t *conn, char *buf, size_t len)
 				return (-1);
 			}
 		}
+#ifdef WITH_SSL
 		if (conn->ssl != NULL)
 			rlen = SSL_read(conn->ssl, buf, len);
 		else
+#endif
 			rlen = read(conn->sd, buf, len);
 		if (rlen == 0)
 			break;
@ -453,9 +462,11 @@ _fetch_write(conn_t *conn, const char *buf, size_t len)
 			}
 		}
 		errno = 0;
+#ifdef WITH_SSL
 		if (conn->ssl != NULL)
 			wlen = SSL_write(conn->ssl, buf, len);
 		else
+#endif
 			wlen = write(conn->sd, buf, len);
 		if (wlen == 0)
 			/* we consider a short write a failure */
--- a/lib/libfetch/common.h
+++ b/lib/libfetch/common.h
@ -36,11 +36,13 @@
 #define FTP_DEFAULT_PROXY_PORT	21
 #define HTTP_DEFAULT_PROXY_PORT	3128

+#ifdef WITH_SSL
 #include <openssl/crypto.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
 #include <openssl/ssl.h>
 #include <openssl/err.h>
+#endif

 /* Connection */
 typedef struct fetchconn conn_t;
@ -50,10 +52,12 @@ struct fetchconn {
 	size_t		 bufsize;	/* buffer size */
 	size_t		 buflen;	/* length of buffer contents */
 	int		 err;		/* last protocol reply code */
+#ifdef WITH_SSL
 	SSL		*ssl;		/* SSL handle */
 	SSL_CTX		*ssl_ctx;	/* SSL context */
 	X509		*ssl_cert;	/* server certificate */
 	SSL_METHOD	*ssl_meth;	/* SSL method */
+#endif
 };

 /* Structure used for error message lists */
--- a/lib/libfetch/http.c
+++ b/lib/libfetch/http.c
@ -683,6 +683,9 @@ _http_connect(struct url *URL, struct url *purl, const char *flags)
 	if (strcasecmp(URL->scheme, SCHEME_HTTPS) == 0 &&
 	    _fetch_ssl(conn, verbose) == -1) {
 		_fetch_close(conn);
+		/* grrr */
+		errno = EAUTH;
+		_fetch_syserr();
 		return (NULL);
 	}
 	return (conn);