diff options
-rw-r--r-- | lib/libfetch/Makefile | 3 | ||||
-rw-r--r-- | lib/libfetch/common.c | 11 | ||||
-rw-r--r-- | lib/libfetch/common.h | 4 | ||||
-rw-r--r-- | lib/libfetch/http.c | 3 |
4 files changed, 21 insertions, 0 deletions
diff --git a/lib/libfetch/Makefile b/lib/libfetch/Makefile index 5c6587a..4308e75 100644 --- a/lib/libfetch/Makefile +++ b/lib/libfetch/Makefile @@ -5,6 +5,9 @@ LIB= fetch WARNS?= 4 CFLAGS+= -I. CFLAGS+= -DINET6 +.if !defined(NOCRYPT) +CFLAGS+= -DWITH_SSL +.endif SRCS= fetch.c common.c ftp.c http.c file.c \ ftperr.h httperr.h INCS= fetch.h diff --git a/lib/libfetch/common.c b/lib/libfetch/common.c index 775b4c7..c234fab 100644 --- a/lib/libfetch/common.c +++ b/lib/libfetch/common.c @@ -270,6 +270,7 @@ int _fetch_ssl(conn_t *conn, int verbose) { +#ifdef WITH_SSL /* Init the SSL library and context */ if (!SSL_library_init()){ fprintf(stderr, "SSL library init failed\n"); @@ -310,6 +311,12 @@ _fetch_ssl(conn_t *conn, int verbose) } return (0); +#else + (void)conn; + (void)verbose; + fprintf(stderr, "SSL support disabled\n"); + return (-1); +#endif } /* @@ -350,9 +357,11 @@ _fetch_read(conn_t *conn, char *buf, size_t len) return (-1); } } +#ifdef WITH_SSL if (conn->ssl != NULL) rlen = SSL_read(conn->ssl, buf, len); else +#endif rlen = read(conn->sd, buf, len); if (rlen == 0) break; @@ -453,9 +462,11 @@ _fetch_write(conn_t *conn, const char *buf, size_t len) } } errno = 0; +#ifdef WITH_SSL if (conn->ssl != NULL) wlen = SSL_write(conn->ssl, buf, len); else +#endif wlen = write(conn->sd, buf, len); if (wlen == 0) /* we consider a short write a failure */ diff --git a/lib/libfetch/common.h b/lib/libfetch/common.h index 06a805f..d279e4d 100644 --- a/lib/libfetch/common.h +++ b/lib/libfetch/common.h @@ -36,11 +36,13 @@ #define FTP_DEFAULT_PROXY_PORT 21 #define HTTP_DEFAULT_PROXY_PORT 3128 +#ifdef WITH_SSL #include <openssl/crypto.h> #include <openssl/x509.h> #include <openssl/pem.h> #include <openssl/ssl.h> #include <openssl/err.h> +#endif /* Connection */ typedef struct fetchconn conn_t; @@ -50,10 +52,12 @@ struct fetchconn { size_t bufsize; /* buffer size */ size_t buflen; /* length of buffer contents */ int err; /* last protocol reply code */ +#ifdef WITH_SSL SSL *ssl; /* SSL handle */ SSL_CTX *ssl_ctx; /* SSL context */ X509 *ssl_cert; /* server certificate */ SSL_METHOD *ssl_meth; /* SSL method */ +#endif }; /* Structure used for error message lists */ diff --git a/lib/libfetch/http.c b/lib/libfetch/http.c index 7b897a8..68497e9 100644 --- a/lib/libfetch/http.c +++ b/lib/libfetch/http.c @@ -683,6 +683,9 @@ _http_connect(struct url *URL, struct url *purl, const char *flags) if (strcasecmp(URL->scheme, SCHEME_HTTPS) == 0 && _fetch_ssl(conn, verbose) == -1) { _fetch_close(conn); + /* grrr */ + errno = EAUTH; + _fetch_syserr(); return (NULL); } return (conn); |