/* SSL support via GnuTLS library.
- Copyright (C) 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+ Copyright (C) 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Free Software
Foundation, Inc.
This file is part of GNU Wget.
# include "w32sock.h"
#endif
+static int
+key_type_to_gnutls_type (enum keyfile_type type)
+{
+ switch (type)
+ {
+ case keyfile_pem:
+ return GNUTLS_X509_FMT_PEM;
+ case keyfile_asn1:
+ return GNUTLS_X509_FMT_DER;
+ default:
+ abort ();
+ }
+}
+
/* Note: some of the functions private to this file have names that
begin with "wgnutls_" (e.g. wgnutls_read) so that they wouldn't be
confused with actual gnutls functions -- such as the gnutls_read
closedir (dir);
}
+ /* Use the private key from the cert file unless otherwise specified. */
+ if (opt.cert_file && !opt.private_key)
+ {
+ opt.private_key = opt.cert_file;
+ opt.private_key_type = opt.cert_type;
+ }
+ /* Use the cert from the private key file unless otherwise specified. */
+ if (!opt.cert_file && opt.private_key)
+ {
+ opt.cert_file = opt.private_key;
+ opt.cert_type = opt.private_key_type;
+ }
+
+ if (opt.cert_file && opt.private_key)
+ {
+ int type;
+ if (opt.private_key_type != opt.cert_type)
+ {
+ /* GnuTLS can't handle this */
+ logprintf (LOG_NOTQUIET, _("ERROR: GnuTLS requires the key and the \
+cert to be of the same type.\n"));
+ }
+
+ type = key_type_to_gnutls_type (opt.private_key_type);
+
+ gnutls_certificate_set_x509_key_file (credentials, opt.cert_file,
+ opt.private_key,
+ type);
+ }
+
if (opt.ca_cert)
gnutls_certificate_set_x509_trust_file (credentials, opt.ca_cert,
GNUTLS_X509_FMT_PEM);
do
{
- double next_timeout = timeout - ptimer_measure (timer);
- if (timeout && next_timeout < 0)
- break;
+ double next_timeout;
+ if (timeout > 0.0)
+ {
+ next_timeout = timeout - ptimer_measure (timer);
+ if (next_timeout < 0.0)
+ break;
+ }
ret = GNUTLS_E_AGAIN;
if (timeout == 0 || gnutls_record_check_pending (ctx->session)
if (timeout)
{
#ifdef F_GETFL
- ret = fcntl (fd, F_SETFL, flags | O_NONBLOCK);
- if (ret < 0)
- return ret;
+ if (fcntl (fd, F_SETFL, flags | O_NONBLOCK))
+ break;
#else
/* XXX: Assume it was blocking before. */
const int one = 1;
- ret = ioctl (fd, FIONBIO, &one);
- if (ret < 0)
- return ret;
+ if (ioctl (fd, FIONBIO, &one) < 0)
+ break;
#endif
}
if (timeout)
{
- int status;
#ifdef F_GETFL
- status = fcntl (fd, F_SETFL, flags);
- if (status < 0)
- return status;
+ if (fcntl (fd, F_SETFL, flags) < 0)
+ break;
#else
const int zero = 0;
- status = ioctl (fd, FIONBIO, &zero);
- if (status < 0)
- return status;
+ if (ioctl (fd, FIONBIO, &zero) < 0)
+ break;
#endif
}
}