From e86b06ba2cbf8779fa92b9b76c4229e15d173185 Mon Sep 17 00:00:00 2001 From: Andreas Baumann Date: Fri, 6 Jan 2017 19:47:36 +0100 Subject: added an --insecure switch for SSL connections with self-signed certificates --- src/cmdline.c | 38 +++++++++++++++++++++++++++++--------- 1 file changed, 29 insertions(+), 9 deletions(-) (limited to 'src/cmdline.c') diff --git a/src/cmdline.c b/src/cmdline.c index e401729..9e3e9ed 100644 --- a/src/cmdline.c +++ b/src/cmdline.c @@ -49,7 +49,8 @@ const char *gengetopt_args_info_help[] = { " -s, --string=STRING String to expect in the content", " -S, --ssl Connect via SSL. Port defaults to 443", " -A, --useragent=STRING String to be sent in http header as \"User\n Agent\"", - " --no-verify-peer Allow connections to SSL sites without certs\n (SSL)", + " --insecure Allow insecure SSL connections", + " --no-verify-peer Allow connections to SSL sites without\n verifying certificates (SSL)", " --no-verify-host Don't verify that the host and the certificate\n host match (SSL)", " --cacert=file CA certificate to verify peer against (SSL)", " -E, --cert=file Client certificate file and password (SSL)", @@ -126,6 +127,7 @@ void clear_given (struct gengetopt_args_info *args_info) args_info->string_given = 0 ; args_info->ssl_given = 0 ; args_info->useragent_given = 0 ; + args_info->insecure_given = 0 ; args_info->no_verify_peer_given = 0 ; args_info->no_verify_host_given = 0 ; args_info->cacert_given = 0 ; @@ -193,13 +195,14 @@ void init_args_info(struct gengetopt_args_info *args_info) args_info->string_help = gengetopt_args_info_help[13] ; args_info->ssl_help = gengetopt_args_info_help[14] ; args_info->useragent_help = gengetopt_args_info_help[15] ; - args_info->no_verify_peer_help = gengetopt_args_info_help[16] ; - args_info->no_verify_host_help = gengetopt_args_info_help[17] ; - args_info->cacert_help = gengetopt_args_info_help[18] ; - args_info->cert_help = gengetopt_args_info_help[19] ; - args_info->key_help = gengetopt_args_info_help[20] ; - args_info->digest_help = gengetopt_args_info_help[21] ; - args_info->protocol_help = gengetopt_args_info_help[22] ; + args_info->insecure_help = gengetopt_args_info_help[16] ; + args_info->no_verify_peer_help = gengetopt_args_info_help[17] ; + args_info->no_verify_host_help = gengetopt_args_info_help[18] ; + args_info->cacert_help = gengetopt_args_info_help[19] ; + args_info->cert_help = gengetopt_args_info_help[20] ; + args_info->key_help = gengetopt_args_info_help[21] ; + args_info->digest_help = gengetopt_args_info_help[22] ; + args_info->protocol_help = gengetopt_args_info_help[23] ; } @@ -429,6 +432,8 @@ cmdline_parser_dump(FILE *outfile, struct gengetopt_args_info *args_info) write_into_file(outfile, "ssl", 0, 0 ); if (args_info->useragent_given) write_into_file(outfile, "useragent", args_info->useragent_orig, 0); + if (args_info->insecure_given) + write_into_file(outfile, "insecure", 0, 0 ); if (args_info->no_verify_peer_given) write_into_file(outfile, "no-verify-peer", 0, 0 ); if (args_info->no_verify_host_given) @@ -1407,6 +1412,7 @@ cmdline_parser_internal ( { "string", 1, NULL, 's' }, { "ssl", 0, NULL, 'S' }, { "useragent", 1, NULL, 'A' }, + { "insecure", 0, NULL, 0 }, { "no-verify-peer", 0, NULL, 0 }, { "no-verify-host", 0, NULL, 0 }, { "cacert", 1, NULL, 0 }, @@ -1632,7 +1638,21 @@ cmdline_parser_internal ( goto failure; } - /* Allow connections to SSL sites without certs (SSL). */ + /* Allow insecure SSL connections. */ + else if (strcmp (long_options[option_index].name, "insecure") == 0) + { + + + if (update_arg( 0 , + 0 , &(args_info->insecure_given), + &(local_args_info.insecure_given), optarg, 0, 0, ARG_NO, + check_ambiguity, override, 0, 0, + "insecure", '-', + additional_error)) + goto failure; + + } + /* Allow connections to SSL sites without verifying certificates (SSL). */ else if (strcmp (long_options[option_index].name, "no-verify-peer") == 0) { -- cgit v1.2.3-54-g00ecf