diff options
| author | jsing <> | 2018-11-06 20:41:11 +0000 |
|---|---|---|
| committer | jsing <> | 2018-11-06 20:41:11 +0000 |
| commit | fd25347db80b1fd9a198283b5d3e3a953fd2e011 (patch) | |
| tree | a4f6975b1b7df45a59fa1b136ebb340980316959 | |
| parent | db941a1cfe2e8232c86adf98026bc75fdcce8760 (diff) | |
| download | openbsd-fd25347db80b1fd9a198283b5d3e3a953fd2e011.tar.gz openbsd-fd25347db80b1fd9a198283b5d3e3a953fd2e011.tar.bz2 openbsd-fd25347db80b1fd9a198283b5d3e3a953fd2e011.zip | |
Use TLS_CA_CERT_FILE instead of a separate define.
ok beck@ bluhm@ tb@
| -rw-r--r-- | src/usr.bin/nc/netcat.c | 5 | ||||
| -rw-r--r-- | src/usr.sbin/ocspcheck/http.c | 6 |
2 files changed, 4 insertions, 7 deletions
diff --git a/src/usr.bin/nc/netcat.c b/src/usr.bin/nc/netcat.c index 9ce2b6bb7a..9c19049d59 100644 --- a/src/usr.bin/nc/netcat.c +++ b/src/usr.bin/nc/netcat.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: netcat.c,v 1.196 2018/10/26 07:19:26 dlg Exp $ */ | 1 | /* $OpenBSD: netcat.c,v 1.197 2018/11/06 20:39:19 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> | 3 | * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> |
| 4 | * Copyright (c) 2015 Bob Beck. All rights reserved. | 4 | * Copyright (c) 2015 Bob Beck. All rights reserved. |
| @@ -66,7 +66,6 @@ | |||
| 66 | #define POLL_NETIN 2 | 66 | #define POLL_NETIN 2 |
| 67 | #define POLL_STDOUT 3 | 67 | #define POLL_STDOUT 3 |
| 68 | #define BUFSIZE 16384 | 68 | #define BUFSIZE 16384 |
| 69 | #define DEFAULT_CA_FILE "/etc/ssl/cert.pem" | ||
| 70 | 69 | ||
| 71 | #define TLS_NOVERIFY (1 << 1) | 70 | #define TLS_NOVERIFY (1 << 1) |
| 72 | #define TLS_NONAME (1 << 2) | 71 | #define TLS_NONAME (1 << 2) |
| @@ -101,7 +100,7 @@ int usetls; /* use TLS */ | |||
| 101 | char *Cflag; /* Public cert file */ | 100 | char *Cflag; /* Public cert file */ |
| 102 | char *Kflag; /* Private key file */ | 101 | char *Kflag; /* Private key file */ |
| 103 | char *oflag; /* OCSP stapling file */ | 102 | char *oflag; /* OCSP stapling file */ |
| 104 | char *Rflag = DEFAULT_CA_FILE; /* Root CA file */ | 103 | char *Rflag = TLS_CA_CERT_FILE; /* Root CA file */ |
| 105 | int tls_cachanged; /* Using non-default CA file */ | 104 | int tls_cachanged; /* Using non-default CA file */ |
| 106 | int TLSopt; /* TLS options */ | 105 | int TLSopt; /* TLS options */ |
| 107 | char *tls_expectname; /* required name in peer cert */ | 106 | char *tls_expectname; /* required name in peer cert */ |
diff --git a/src/usr.sbin/ocspcheck/http.c b/src/usr.sbin/ocspcheck/http.c index 6830bacaec..ce479f27ef 100644 --- a/src/usr.sbin/ocspcheck/http.c +++ b/src/usr.sbin/ocspcheck/http.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $Id: http.c,v 1.9 2017/03/26 18:41:02 deraadt Exp $ */ | 1 | /* $Id: http.c,v 1.10 2018/11/06 20:41:11 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> | 3 | * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> |
| 4 | * | 4 | * |
| @@ -35,8 +35,6 @@ | |||
| 35 | #include "http.h" | 35 | #include "http.h" |
| 36 | #include <tls.h> | 36 | #include <tls.h> |
| 37 | 37 | ||
| 38 | #define DEFAULT_CA_FILE "/etc/ssl/cert.pem" | ||
| 39 | |||
| 40 | /* | 38 | /* |
| 41 | * A buffer for transferring HTTP/S data. | 39 | * A buffer for transferring HTTP/S data. |
| 42 | */ | 40 | */ |
| @@ -137,7 +135,7 @@ http_init() | |||
| 137 | goto err; | 135 | goto err; |
| 138 | } | 136 | } |
| 139 | 137 | ||
| 140 | if (tls_config_set_ca_file(tlscfg, DEFAULT_CA_FILE) == -1) { | 138 | if (tls_config_set_ca_file(tlscfg, TLS_CA_CERT_FILE) == -1) { |
| 141 | warn("tls_config_set_ca_file: %s", tls_config_error(tlscfg)); | 139 | warn("tls_config_set_ca_file: %s", tls_config_error(tlscfg)); |
| 142 | goto err; | 140 | goto err; |
| 143 | } | 141 | } |