diff options
author | des <des@FreeBSD.org> | 2016-01-16 20:24:02 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2016-01-16 20:24:02 +0000 |
commit | 70d47d449ed08c488be8a7dd86f94d75ec611fe8 (patch) | |
tree | 4052db9a8b3f9e0162e36e533cdce967716480b9 /lib/libfetch/common.c | |
parent | 94a89cd8e87abdc1e551e8ad44c963fd5247eebd (diff) | |
download | FreeBSD-src-70d47d449ed08c488be8a7dd86f94d75ec611fe8.zip FreeBSD-src-70d47d449ed08c488be8a7dd86f94d75ec611fe8.tar.gz |
MFH (r280630): remove all traces of SSLv2 support
MFH (r285141): remove unused variable
MFH (r288217): correctly check return value from getaddrinfo(3)
MFH (r289419): fix bugs in HTTPS tunnelling
MFH (r289420): use fopen()'s "e" mode instead of fcntl for close-on-exec
MFH (r291453, r291461): use .netrc for http servers and proxies
MFH (r292330, r292332): reset bufpos to 0 after refilling in chunked mode
PR: 194483 199801 193740 204771
Diffstat (limited to 'lib/libfetch/common.c')
-rw-r--r-- | lib/libfetch/common.c | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/lib/libfetch/common.c b/lib/libfetch/common.c index eabea2b..ae8b79d 100644 --- a/lib/libfetch/common.c +++ b/lib/libfetch/common.c @@ -495,7 +495,8 @@ fetch_ssl_get_numeric_addrinfo(const char *hostname, size_t len) hints.ai_protocol = 0; hints.ai_flags = AI_NUMERICHOST; /* port is not relevant for this purpose */ - getaddrinfo(host, "443", &hints, &res); + if (getaddrinfo(host, "443", &hints, &res) != 0) + res = NULL; free(host); return res; } @@ -672,9 +673,7 @@ fetch_ssl_setup_transport_layer(SSL_CTX *ctx, int verbose) { long ssl_ctx_options; - ssl_ctx_options = SSL_OP_ALL | SSL_OP_NO_TICKET; - if (getenv("SSL_ALLOW_SSL2") == NULL) - ssl_ctx_options |= SSL_OP_NO_SSLv2; + ssl_ctx_options = SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_TICKET; if (getenv("SSL_ALLOW_SSL3") == NULL) ssl_ctx_options |= SSL_OP_NO_SSLv3; if (getenv("SSL_NO_TLS1") != NULL) |