Module Name: src
Committed By: wiz
Date: Sat Sep 12 19:38:42 UTC 2015
Modified Files:
src/usr.bin/ftp: fetch.c ssl.c ssl.h
Log Message:
Add Server Name Indication (SNI) support for https.
Needed for e.g. some github URLs.
To generate a diff of this commit:
cvs rdiff -u -r1.206 -r1.207 src/usr.bin/ftp/fetch.c
cvs rdiff -u -r1.2 -r1.3 src/usr.bin/ftp/ssl.c src/usr.bin/ftp/ssl.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.bin/ftp/fetch.c
diff -u src/usr.bin/ftp/fetch.c:1.206 src/usr.bin/ftp/fetch.c:1.207
--- src/usr.bin/ftp/fetch.c:1.206 Sun Oct 26 16:21:59 2014
+++ src/usr.bin/ftp/fetch.c Sat Sep 12 19:38:42 2015
@@ -1,7 +1,7 @@
-/* $NetBSD: fetch.c,v 1.206 2014/10/26 16:21:59 christos Exp $ */
+/* $NetBSD: fetch.c,v 1.207 2015/09/12 19:38:42 wiz Exp $ */
/*-
- * Copyright (c) 1997-2009 The NetBSD Foundation, Inc.
+ * Copyright (c) 1997-2015 The NetBSD Foundation, Inc.
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
@@ -10,6 +10,9 @@
* This code is derived from software contributed to The NetBSD Foundation
* by Scott Aaron Bamford.
*
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Thomas Klausner.
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,7 +37,7 @@
#include <sys/cdefs.h>
#ifndef lint
-__RCSID("$NetBSD: fetch.c,v 1.206 2014/10/26 16:21:59 christos Exp $");
+__RCSID("$NetBSD: fetch.c,v 1.207 2015/09/12 19:38:42 wiz Exp $");
#endif /* not lint */
/*
@@ -782,7 +785,7 @@ fetch_url(const char *url, const char *p
#ifdef WITH_SSL
if (urltype == HTTPS_URL_T) {
- if ((ssl = fetch_start_ssl(s)) == NULL) {
+ if ((ssl = fetch_start_ssl(s, host)) == NULL) {
close(s);
s = -1;
continue;
Index: src/usr.bin/ftp/ssl.c
diff -u src/usr.bin/ftp/ssl.c:1.2 src/usr.bin/ftp/ssl.c:1.3
--- src/usr.bin/ftp/ssl.c:1.2 Mon Dec 24 22:12:28 2012
+++ src/usr.bin/ftp/ssl.c Sat Sep 12 19:38:42 2015
@@ -1,8 +1,9 @@
-/* $NetBSD: ssl.c,v 1.2 2012/12/24 22:12:28 christos Exp $ */
+/* $NetBSD: ssl.c,v 1.3 2015/09/12 19:38:42 wiz Exp $ */
/*-
* Copyright (c) 1998-2004 Dag-Erling Coïdan Smørgrav
* Copyright (c) 2008, 2010 Joerg Sonnenberger <jo...@netbsd.org>
+ * Copyright (c) 2015 Thomas Klausner <w...@netbsd.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -33,7 +34,7 @@
#include <sys/cdefs.h>
#ifndef lint
-__RCSID("$NetBSD: ssl.c,v 1.2 2012/12/24 22:12:28 christos Exp $");
+__RCSID("$NetBSD: ssl.c,v 1.3 2015/09/12 19:38:42 wiz Exp $");
#endif
#include <time.h>
@@ -545,7 +546,7 @@ fetch_getline(struct fetch_connect *conn
}
void *
-fetch_start_ssl(int sock)
+fetch_start_ssl(int sock, const char *servername)
{
SSL *ssl;
SSL_CTX *ctx;
@@ -569,6 +570,13 @@ fetch_start_ssl(int sock)
return NULL;
}
SSL_set_fd(ssl, sock);
+ if (servername != NULL) {
+ if (!SSL_set_tlsext_host_name(ssl, servername)) {
+ fprintf(ttyout, "SSL hostname setting failed\n");
+ SSL_CTX_free(ctx);
+ return NULL;
+ }
+ }
while ((ret = SSL_connect(ssl)) == -1) {
ssl_err = SSL_get_error(ssl, ret);
if (ssl_err != SSL_ERROR_WANT_READ &&
Index: src/usr.bin/ftp/ssl.h
diff -u src/usr.bin/ftp/ssl.h:1.2 src/usr.bin/ftp/ssl.h:1.3
--- src/usr.bin/ftp/ssl.h:1.2 Tue Jan 7 02:07:08 2014
+++ src/usr.bin/ftp/ssl.h Sat Sep 12 19:38:42 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: ssl.h,v 1.2 2014/01/07 02:07:08 joerg Exp $ */
+/* $NetBSD: ssl.h,v 1.3 2015/09/12 19:38:42 wiz Exp $ */
/*-
* Copyright (c) 2012 The NetBSD Foundation, Inc.
@@ -42,7 +42,7 @@ ssize_t fetch_read(void *, size_t, size_
char *fetch_getln(char *, int, struct fetch_connect *);
int fetch_getline(struct fetch_connect *, char *, size_t, const char **);
void fetch_set_ssl(struct fetch_connect *, void *);
-void *fetch_start_ssl(int);
+void *fetch_start_ssl(int, const char *);
#else /* !WITH_SSL */
