diff options
| author | tedu <> | 2018-11-29 14:25:07 +0000 |
|---|---|---|
| committer | tedu <> | 2018-11-29 14:25:07 +0000 |
| commit | 1bda933838005af4f10d217cdb7a36a4302b1204 (patch) | |
| tree | 676bc83a43d85366fc7cbb544c96a4ba95d736cf | |
| parent | 8e376166426749fe5f95ab4ad9e6adfc863634d1 (diff) | |
| download | openbsd-1bda933838005af4f10d217cdb7a36a4302b1204.tar.gz openbsd-1bda933838005af4f10d217cdb7a36a4302b1204.tar.bz2 openbsd-1bda933838005af4f10d217cdb7a36a4302b1204.zip | |
update for libtls default cert changes.
bonus: this exposed a few missing const qualifiers.
| -rw-r--r-- | src/usr.bin/nc/netcat.c | 11 | ||||
| -rw-r--r-- | src/usr.sbin/ocspcheck/http.c | 4 |
2 files changed, 8 insertions, 7 deletions
diff --git a/src/usr.bin/nc/netcat.c b/src/usr.bin/nc/netcat.c index f5045013aa..e0966f1952 100644 --- a/src/usr.bin/nc/netcat.c +++ b/src/usr.bin/nc/netcat.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: netcat.c,v 1.198 2018/11/09 04:05:14 bluhm Exp $ */ | 1 | /* $OpenBSD: netcat.c,v 1.199 2018/11/29 14:25:06 tedu Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> | 3 | * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> |
| 4 | * Copyright (c) 2015 Bob Beck. All rights reserved. | 4 | * Copyright (c) 2015 Bob Beck. All rights reserved. |
| @@ -97,10 +97,10 @@ int Tflag = -1; /* IP Type of Service */ | |||
| 97 | int rtableid = -1; | 97 | int rtableid = -1; |
| 98 | 98 | ||
| 99 | int usetls; /* use TLS */ | 99 | int usetls; /* use TLS */ |
| 100 | char *Cflag; /* Public cert file */ | 100 | const char *Cflag; /* Public cert file */ |
| 101 | char *Kflag; /* Private key file */ | 101 | const char *Kflag; /* Private key file */ |
| 102 | char *oflag; /* OCSP stapling file */ | 102 | const char *oflag; /* OCSP stapling file */ |
| 103 | char *Rflag = TLS_CA_CERT_FILE; /* Root CA file */ | 103 | const char *Rflag; /* Root CA file */ |
| 104 | int tls_cachanged; /* Using non-default CA file */ | 104 | int tls_cachanged; /* Using non-default CA file */ |
| 105 | int TLSopt; /* TLS options */ | 105 | int TLSopt; /* TLS options */ |
| 106 | char *tls_expectname; /* required name in peer cert */ | 106 | char *tls_expectname; /* required name in peer cert */ |
| @@ -167,6 +167,7 @@ main(int argc, char *argv[]) | |||
| 167 | host = NULL; | 167 | host = NULL; |
| 168 | uport = NULL; | 168 | uport = NULL; |
| 169 | sv = NULL; | 169 | sv = NULL; |
| 170 | Rflag = tls_default_ca_cert_file(); | ||
| 170 | 171 | ||
| 171 | signal(SIGPIPE, SIG_IGN); | 172 | signal(SIGPIPE, SIG_IGN); |
| 172 | 173 | ||
diff --git a/src/usr.sbin/ocspcheck/http.c b/src/usr.sbin/ocspcheck/http.c index ce479f27ef..5c914a4857 100644 --- a/src/usr.sbin/ocspcheck/http.c +++ b/src/usr.sbin/ocspcheck/http.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $Id: http.c,v 1.10 2018/11/06 20:41:11 jsing Exp $ */ | 1 | /* $Id: http.c,v 1.11 2018/11/29 14:25:07 tedu Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> | 3 | * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> |
| 4 | * | 4 | * |
| @@ -135,7 +135,7 @@ http_init() | |||
| 135 | goto err; | 135 | goto err; |
| 136 | } | 136 | } |
| 137 | 137 | ||
| 138 | if (tls_config_set_ca_file(tlscfg, TLS_CA_CERT_FILE) == -1) { | 138 | if (tls_config_set_ca_file(tlscfg, tls_default_ca_cert_file()) == -1) { |
| 139 | warn("tls_config_set_ca_file: %s", tls_config_error(tlscfg)); | 139 | warn("tls_config_set_ca_file: %s", tls_config_error(tlscfg)); |
| 140 | goto err; | 140 | goto err; |
| 141 | } | 141 | } |