diff options
Diffstat (limited to 'src/usr.bin/nc/netcat.c')
| -rw-r--r-- | src/usr.bin/nc/netcat.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/src/usr.bin/nc/netcat.c b/src/usr.bin/nc/netcat.c index b71c0426dc..4a841fb96d 100644 --- a/src/usr.bin/nc/netcat.c +++ b/src/usr.bin/nc/netcat.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: netcat.c,v 1.167 2016/11/04 05:13:13 beck Exp $ */ | 1 | /* $OpenBSD: netcat.c,v 1.168 2016/11/05 15:13:26 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> | 3 | * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> |
| 4 | * Copyright (c) 2015 Bob Beck. All rights reserved. | 4 | * Copyright (c) 2015 Bob Beck. All rights reserved. |
| @@ -100,6 +100,7 @@ int rtableid = -1; | |||
| 100 | int usetls; /* use TLS */ | 100 | int usetls; /* use TLS */ |
| 101 | char *Cflag; /* Public cert file */ | 101 | char *Cflag; /* Public cert file */ |
| 102 | char *Kflag; /* Private key file */ | 102 | char *Kflag; /* Private key file */ |
| 103 | char *oflag; /* OCSP stapling file */ | ||
| 103 | char *Rflag = DEFAULT_CA_FILE; /* Root CA file */ | 104 | char *Rflag = DEFAULT_CA_FILE; /* Root CA file */ |
| 104 | int tls_cachanged; /* Using non-default CA file */ | 105 | int tls_cachanged; /* Using non-default CA file */ |
| 105 | int TLSopt; /* TLS options */ | 106 | int TLSopt; /* TLS options */ |
| @@ -163,7 +164,7 @@ main(int argc, char *argv[]) | |||
| 163 | signal(SIGPIPE, SIG_IGN); | 164 | signal(SIGPIPE, SIG_IGN); |
| 164 | 165 | ||
| 165 | while ((ch = getopt(argc, argv, | 166 | while ((ch = getopt(argc, argv, |
| 166 | "46C:cDde:FH:hI:i:K:klM:m:NnO:P:p:R:rSs:T:tUuV:vw:X:x:z")) != -1) { | 167 | "46C:cDde:FH:hI:i:K:klM:m:NnO:o:P:p:R:rSs:T:tUuV:vw:X:x:z")) != -1) { |
| 167 | switch (ch) { | 168 | switch (ch) { |
| 168 | case '4': | 169 | case '4': |
| 169 | family = AF_INET; | 170 | family = AF_INET; |
| @@ -295,6 +296,9 @@ main(int argc, char *argv[]) | |||
| 295 | errx(1, "TCP send window %s: %s", | 296 | errx(1, "TCP send window %s: %s", |
| 296 | errstr, optarg); | 297 | errstr, optarg); |
| 297 | break; | 298 | break; |
| 299 | case 'o': | ||
| 300 | oflag = optarg; | ||
| 301 | break; | ||
| 298 | case 'S': | 302 | case 'S': |
| 299 | Sflag = 1; | 303 | Sflag = 1; |
| 300 | break; | 304 | break; |
| @@ -380,6 +384,8 @@ main(int argc, char *argv[]) | |||
| 380 | errx(1, "you must specify -c to use -C"); | 384 | errx(1, "you must specify -c to use -C"); |
| 381 | if (Kflag && !usetls) | 385 | if (Kflag && !usetls) |
| 382 | errx(1, "you must specify -c to use -K"); | 386 | errx(1, "you must specify -c to use -K"); |
| 387 | if (oflag && !Cflag) | ||
| 388 | errx(1, "you must specify -C to use -o"); | ||
| 383 | if (tls_cachanged && !usetls) | 389 | if (tls_cachanged && !usetls) |
| 384 | errx(1, "you must specify -c to use -R"); | 390 | errx(1, "you must specify -c to use -R"); |
| 385 | if (tls_expecthash && !usetls) | 391 | if (tls_expecthash && !usetls) |
| @@ -455,6 +461,8 @@ main(int argc, char *argv[]) | |||
| 455 | errx(1, "%s", tls_config_error(tls_cfg)); | 461 | errx(1, "%s", tls_config_error(tls_cfg)); |
| 456 | if (Kflag && tls_config_set_key_file(tls_cfg, Kflag) == -1) | 462 | if (Kflag && tls_config_set_key_file(tls_cfg, Kflag) == -1) |
| 457 | errx(1, "%s", tls_config_error(tls_cfg)); | 463 | errx(1, "%s", tls_config_error(tls_cfg)); |
| 464 | if (oflag && tls_config_set_ocsp_staple_file(tls_cfg, oflag) == -1) | ||
| 465 | errx(1, "%s", tls_config_error(tls_cfg)); | ||
| 458 | if (TLSopt & TLS_LEGACY) { | 466 | if (TLSopt & TLS_LEGACY) { |
| 459 | tls_config_set_protocols(tls_cfg, TLS_PROTOCOLS_ALL); | 467 | tls_config_set_protocols(tls_cfg, TLS_PROTOCOLS_ALL); |
| 460 | tls_config_set_ciphers(tls_cfg, "all"); | 468 | tls_config_set_ciphers(tls_cfg, "all"); |