Module Name: src Committed By: wiz Date: Sat Sep 12 19:38:42 UTC 2015
Modified Files: src/usr.bin/ftp: fetch.c ssl.c ssl.h Log Message: Add Server Name Indication (SNI) support for https. Needed for e.g. some github URLs. To generate a diff of this commit: cvs rdiff -u -r1.206 -r1.207 src/usr.bin/ftp/fetch.c cvs rdiff -u -r1.2 -r1.3 src/usr.bin/ftp/ssl.c src/usr.bin/ftp/ssl.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/usr.bin/ftp/fetch.c diff -u src/usr.bin/ftp/fetch.c:1.206 src/usr.bin/ftp/fetch.c:1.207 --- src/usr.bin/ftp/fetch.c:1.206 Sun Oct 26 16:21:59 2014 +++ src/usr.bin/ftp/fetch.c Sat Sep 12 19:38:42 2015 @@ -1,7 +1,7 @@ -/* $NetBSD: fetch.c,v 1.206 2014/10/26 16:21:59 christos Exp $ */ +/* $NetBSD: fetch.c,v 1.207 2015/09/12 19:38:42 wiz Exp $ */ /*- - * Copyright (c) 1997-2009 The NetBSD Foundation, Inc. + * Copyright (c) 1997-2015 The NetBSD Foundation, Inc. * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation @@ -10,6 +10,9 @@ * This code is derived from software contributed to The NetBSD Foundation * by Scott Aaron Bamford. * + * This code is derived from software contributed to The NetBSD Foundation + * by Thomas Klausner. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,7 +37,7 @@ #include <sys/cdefs.h> #ifndef lint -__RCSID("$NetBSD: fetch.c,v 1.206 2014/10/26 16:21:59 christos Exp $"); +__RCSID("$NetBSD: fetch.c,v 1.207 2015/09/12 19:38:42 wiz Exp $"); #endif /* not lint */ /* @@ -782,7 +785,7 @@ fetch_url(const char *url, const char *p #ifdef WITH_SSL if (urltype == HTTPS_URL_T) { - if ((ssl = fetch_start_ssl(s)) == NULL) { + if ((ssl = fetch_start_ssl(s, host)) == NULL) { close(s); s = -1; continue; Index: src/usr.bin/ftp/ssl.c diff -u src/usr.bin/ftp/ssl.c:1.2 src/usr.bin/ftp/ssl.c:1.3 --- src/usr.bin/ftp/ssl.c:1.2 Mon Dec 24 22:12:28 2012 +++ src/usr.bin/ftp/ssl.c Sat Sep 12 19:38:42 2015 @@ -1,8 +1,9 @@ -/* $NetBSD: ssl.c,v 1.2 2012/12/24 22:12:28 christos Exp $ */ +/* $NetBSD: ssl.c,v 1.3 2015/09/12 19:38:42 wiz Exp $ */ /*- * Copyright (c) 1998-2004 Dag-Erling Coïdan Smørgrav * Copyright (c) 2008, 2010 Joerg Sonnenberger <jo...@netbsd.org> + * Copyright (c) 2015 Thomas Klausner <w...@netbsd.org> * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -33,7 +34,7 @@ #include <sys/cdefs.h> #ifndef lint -__RCSID("$NetBSD: ssl.c,v 1.2 2012/12/24 22:12:28 christos Exp $"); +__RCSID("$NetBSD: ssl.c,v 1.3 2015/09/12 19:38:42 wiz Exp $"); #endif #include <time.h> @@ -545,7 +546,7 @@ fetch_getline(struct fetch_connect *conn } void * -fetch_start_ssl(int sock) +fetch_start_ssl(int sock, const char *servername) { SSL *ssl; SSL_CTX *ctx; @@ -569,6 +570,13 @@ fetch_start_ssl(int sock) return NULL; } SSL_set_fd(ssl, sock); + if (servername != NULL) { + if (!SSL_set_tlsext_host_name(ssl, servername)) { + fprintf(ttyout, "SSL hostname setting failed\n"); + SSL_CTX_free(ctx); + return NULL; + } + } while ((ret = SSL_connect(ssl)) == -1) { ssl_err = SSL_get_error(ssl, ret); if (ssl_err != SSL_ERROR_WANT_READ && Index: src/usr.bin/ftp/ssl.h diff -u src/usr.bin/ftp/ssl.h:1.2 src/usr.bin/ftp/ssl.h:1.3 --- src/usr.bin/ftp/ssl.h:1.2 Tue Jan 7 02:07:08 2014 +++ src/usr.bin/ftp/ssl.h Sat Sep 12 19:38:42 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: ssl.h,v 1.2 2014/01/07 02:07:08 joerg Exp $ */ +/* $NetBSD: ssl.h,v 1.3 2015/09/12 19:38:42 wiz Exp $ */ /*- * Copyright (c) 2012 The NetBSD Foundation, Inc. @@ -42,7 +42,7 @@ ssize_t fetch_read(void *, size_t, size_ char *fetch_getln(char *, int, struct fetch_connect *); int fetch_getline(struct fetch_connect *, char *, size_t, const char **); void fetch_set_ssl(struct fetch_connect *, void *); -void *fetch_start_ssl(int); +void *fetch_start_ssl(int, const char *); #else /* !WITH_SSL */