Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.bin/ftp Add Server Name Indication (SNI) support for https.
details: https://anonhg.NetBSD.org/src/rev/71142610ea3a
branches: trunk
changeset: 340560:71142610ea3a
user: wiz <wiz%NetBSD.org@localhost>
date: Sat Sep 12 19:38:42 2015 +0000
description:
Add Server Name Indication (SNI) support for https.
Needed for e.g. some github URLs.
diffstat:
usr.bin/ftp/fetch.c | 11 +++++++----
usr.bin/ftp/ssl.c | 14 +++++++++++---
usr.bin/ftp/ssl.h | 4 ++--
3 files changed, 20 insertions(+), 9 deletions(-)
diffs (105 lines):
diff -r c7a95264b3c9 -r 71142610ea3a usr.bin/ftp/fetch.c
--- a/usr.bin/ftp/fetch.c Sat Sep 12 19:33:03 2015 +0000
+++ b/usr.bin/ftp/fetch.c Sat Sep 12 19:38:42 2015 +0000
@@ -1,7 +1,7 @@
-/* $NetBSD: fetch.c,v 1.206 2014/10/26 16:21:59 christos Exp $ */
+/* $NetBSD: fetch.c,v 1.207 2015/09/12 19:38:42 wiz Exp $ */
/*-
- * Copyright (c) 1997-2009 The NetBSD Foundation, Inc.
+ * Copyright (c) 1997-2015 The NetBSD Foundation, Inc.
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
@@ -10,6 +10,9 @@
* This code is derived from software contributed to The NetBSD Foundation
* by Scott Aaron Bamford.
*
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Thomas Klausner.
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,7 +37,7 @@
#include <sys/cdefs.h>
#ifndef lint
-__RCSID("$NetBSD: fetch.c,v 1.206 2014/10/26 16:21:59 christos Exp $");
+__RCSID("$NetBSD: fetch.c,v 1.207 2015/09/12 19:38:42 wiz Exp $");
#endif /* not lint */
/*
@@ -782,7 +785,7 @@
#ifdef WITH_SSL
if (urltype == HTTPS_URL_T) {
- if ((ssl = fetch_start_ssl(s)) == NULL) {
+ if ((ssl = fetch_start_ssl(s, host)) == NULL) {
close(s);
s = -1;
continue;
diff -r c7a95264b3c9 -r 71142610ea3a usr.bin/ftp/ssl.c
--- a/usr.bin/ftp/ssl.c Sat Sep 12 19:33:03 2015 +0000
+++ b/usr.bin/ftp/ssl.c Sat Sep 12 19:38:42 2015 +0000
@@ -1,8 +1,9 @@
-/* $NetBSD: ssl.c,v 1.2 2012/12/24 22:12:28 christos Exp $ */
+/* $NetBSD: ssl.c,v 1.3 2015/09/12 19:38:42 wiz Exp $ */
/*-
* Copyright (c) 1998-2004 Dag-Erling Coïdan Smørgrav
* Copyright (c) 2008, 2010 Joerg Sonnenberger <joerg%NetBSD.org@localhost>
+ * Copyright (c) 2015 Thomas Klausner <wiz%NetBSD.org@localhost>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -33,7 +34,7 @@
#include <sys/cdefs.h>
#ifndef lint
-__RCSID("$NetBSD: ssl.c,v 1.2 2012/12/24 22:12:28 christos Exp $");
+__RCSID("$NetBSD: ssl.c,v 1.3 2015/09/12 19:38:42 wiz Exp $");
#endif
#include <time.h>
@@ -545,7 +546,7 @@
}
void *
-fetch_start_ssl(int sock)
+fetch_start_ssl(int sock, const char *servername)
{
SSL *ssl;
SSL_CTX *ctx;
@@ -569,6 +570,13 @@
return NULL;
}
SSL_set_fd(ssl, sock);
+ if (servername != NULL) {
+ if (!SSL_set_tlsext_host_name(ssl, servername)) {
+ fprintf(ttyout, "SSL hostname setting failed\n");
+ SSL_CTX_free(ctx);
+ return NULL;
+ }
+ }
while ((ret = SSL_connect(ssl)) == -1) {
ssl_err = SSL_get_error(ssl, ret);
if (ssl_err != SSL_ERROR_WANT_READ &&
diff -r c7a95264b3c9 -r 71142610ea3a usr.bin/ftp/ssl.h
--- a/usr.bin/ftp/ssl.h Sat Sep 12 19:33:03 2015 +0000
+++ b/usr.bin/ftp/ssl.h Sat Sep 12 19:38:42 2015 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ssl.h,v 1.2 2014/01/07 02:07:08 joerg Exp $ */
+/* $NetBSD: ssl.h,v 1.3 2015/09/12 19:38:42 wiz Exp $ */
/*-
* Copyright (c) 2012 The NetBSD Foundation, Inc.
@@ -42,7 +42,7 @@
char *fetch_getln(char *, int, struct fetch_connect *);
int fetch_getline(struct fetch_connect *, char *, size_t, const char **);
void fetch_set_ssl(struct fetch_connect *, void *);
-void *fetch_start_ssl(int);
+void *fetch_start_ssl(int, const char *);
#else /* !WITH_SSL */
Home |
Main Index |
Thread Index |
Old Index