Module Name: src
Committed By: martin
Date: Wed Feb 22 13:24:05 UTC 2023
Modified Files:
src/external/bsd/fetch/dist/libfetch [netbsd-10]: common.c
Log Message:
Pull up following revision(s) (requested by mlelstv in ticket #95):
external/bsd/fetch/dist/libfetch/common.c: revision 1.3
external/bsd/fetch/dist/libfetch/common.c: revision 1.4
Use SNI.
Shut down SSL when closing connection.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.2.54.1 src/external/bsd/fetch/dist/libfetch/common.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/fetch/dist/libfetch/common.c
diff -u src/external/bsd/fetch/dist/libfetch/common.c:1.2 src/external/bsd/fetch/dist/libfetch/common.c:1.2.54.1
--- src/external/bsd/fetch/dist/libfetch/common.c:1.2 Sat Jun 25 20:27:01 2011
+++ src/external/bsd/fetch/dist/libfetch/common.c Wed Feb 22 13:24:05 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: common.c,v 1.2 2011/06/25 20:27:01 christos Exp $ */
+/* $NetBSD: common.c,v 1.2.54.1 2023/02/22 13:24:05 martin Exp $ */
/*-
* Copyright (c) 1998-2004 Dag-Erling Coïdan Smørgrav
* Copyright (c) 2008, 2010 Joerg Sonnenberger <jo...@netbsd.org>
@@ -452,6 +452,10 @@ fetch_ssl(conn_t *conn, int verbose)
return (-1);
}
SSL_set_fd(conn->ssl, conn->sd);
+ if (!SSL_set_tlsext_host_name(conn->ssl, conn->cache_url->host)) {
+ fprintf(stderr, "SSL hostname setting failed\n");
+ return (-1);
+ }
if (SSL_connect(conn->ssl) == -1){
ERR_print_errors_fp(stderr);
return (-1);
@@ -709,6 +713,22 @@ fetch_close(conn_t *conn)
{
int ret;
+#ifdef WITH_SSL
+ if (conn->ssl) {
+ SSL_shutdown(conn->ssl);
+ SSL_set_connect_state(conn->ssl);
+ SSL_free(conn->ssl);
+ conn->ssl = NULL;
+ }
+ if (conn->ssl_ctx) {
+ SSL_CTX_free(conn->ssl_ctx);
+ conn->ssl_ctx = NULL;
+ }
+ if (conn->ssl_cert) {
+ X509_free(conn->ssl_cert);
+ conn->ssl_cert = NULL;
+ }
+#endif
ret = close(conn->sd);
if (conn->cache_url)
fetchFreeURL(conn->cache_url);
