commit 08598f657cfe5df6225454260b1a4cc3ace5c527
parent 9b685a8703ce2fce163724ff411049a6b896a044
Author: Kyle Milz <krwmilz@gmail.com>
Date: Sun, 19 Sep 2021 23:18:43 +0000
/* */ looks worse than #ifdef notyet
Diffstat:
M | http.c | | | 18 | ++++++++---------- |
1 file changed, 8 insertions(+), 10 deletions(-)
diff --git a/http.c b/http.c
@@ -150,7 +150,6 @@ tls_connect(int server, struct url *url)
unsigned char fprint[EVP_MAX_MD_SIZE];
EVP_PKEY *pkey = NULL;
-
/* According to LibreSSL manual pages none of these are necessary. */
OpenSSL_add_all_algorithms();
ERR_load_BIO_strings();
@@ -161,15 +160,12 @@ tls_connect(int server, struct url *url)
assert(SSL_library_init() == 1);
method = TLS_client_method();
-
if ((ctx = SSL_CTX_new(method)) == NULL)
errx(1, "Unable to create new SSL context structure.\n");
-
if ((tls = SSL_new(ctx)) == NULL)
errx(1, "Unable to create new SSL structure.\n");
SSL_set_fd(tls, server);
-
if ((ret = SSL_connect(tls)) != 1) {
warning_popup_long("%s:%s: Cannot make TLS connection",
"OK", NULL, url->hostname, url->port);
@@ -187,12 +183,12 @@ tls_connect(int server, struct url *url)
certname = X509_NAME_new();
certname = X509_get_subject_name(cert);
- /*
+#ifdef notyet
BIO outbio = BIO_new_fp(stdout, BIO_NOCLOSE);
BIO_printf(outbio, "Certificate subject data: ");
X509_NAME_print_ex(outbio, certname, 0, 0);
BIO_printf(outbio, "\n");
- */
+#endif
/* Calculate certificate fingerprint. */
fprint_type = EVP_sha256();
@@ -203,7 +199,7 @@ tls_connect(int server, struct url *url)
return NULL;
}
- /*
+#ifdef notyet
BIO_printf(outbio, "Fingerprint (method = %s, size = %d): ",
OBJ_nid2sn(EVP_MD_type(fprint_type)), fprint_size);
@@ -212,7 +208,7 @@ tls_connect(int server, struct url *url)
(j + 1 == fprint_size) ? '\n' : ':');
}
BIO_printf(outbio, "\n");
- */
+#endif
/* Get certificate public key. */
if ((pkey = X509_get_pubkey(cert)) == NULL) {
@@ -220,10 +216,12 @@ tls_connect(int server, struct url *url)
"OK", NULL, url->hostname, url->port);
return NULL;
}
- /* PEM_write_bio_PUBKEY(outbio, pkey); */
+#ifdef notyet
+ PEM_write_bio_PUBKEY(outbio, pkey);
+ BIO_free_all(outbio);
+#endif
X509_free(cert);
- /* BIO_free_all(outbio); */
return tls;
}