Hello,
the use of certificates for TLS didn't work with nc(1). Fix is attached.
Best regards
Andreas
Index: netcat.c
===================================================================
RCS file: /cvs/src/usr.bin/nc/netcat.c,v
retrieving revision 1.149
diff -u -p -u -r1.149 netcat.c
--- netcat.c 28 Dec 2015 14:17:47 -0000 1.149
+++ netcat.c 4 Jan 2016 00:52:22 -0000
@@ -429,9 +429,9 @@ main(int argc, char *argv[])
if (usetls) {
if (Rflag && (cacert=tls_load_file(Rflag, &cacertlen, NULL)) == NULL)
errx(1, "unable to load root CA file %s", Rflag);
- if (Cflag && (pubcert=tls_load_file(Rflag, &pubcertlen, NULL)) == NULL)
+ if (Cflag && (pubcert=tls_load_file(Cflag, &pubcertlen, NULL)) == NULL)
errx(1, "unable to load TLS certificate file %s", Cflag);
- if (Kflag && (privkey=tls_load_file(Rflag, &privkeylen, NULL)) == NULL)
+ if (Kflag && (privkey=tls_load_file(Kflag, &privkeylen, NULL)) == NULL)
errx(1, "unable to load TLS key file %s", Kflag);
if (pledge("stdio inet dns", NULL) == -1)
@@ -443,7 +443,7 @@ main(int argc, char *argv[])
errx(1, "unable to allocate TLS config");
if (Rflag && tls_config_set_ca_mem(tls_cfg, cacert, cacertlen) == -1)
errx(1, "unable to set root CA file %s", Rflag);
- if (Cflag && tls_config_set_cert_mem(tls_cfg, cacert, cacertlen) == -1)
+ if (Cflag && tls_config_set_cert_mem(tls_cfg, pubcert, pubcertlen) == -1)
errx(1, "unable to set TLS certificate file %s", Cflag);
if (Kflag && tls_config_set_key_mem(tls_cfg, privkey, privkeylen) == -1)
errx(1, "unable to set TLS key file %s", Kflag);
