[svn] Applied Christian Fraenkel's patch "custom certificate patch for wget-1.7+dev;

[wget] / src / http.c

diff --git a/src/http.c b/src/http.c
index 24785b0be1972a76bfd1c1ace83aa65a631f8d32..b8151ea2f751cbbf280aa26502478e89709b7421 100644 (file)
--- a/src/http.c
+++ b/src/http.c
@@ -46,6 +46,8 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.  */
 
 #ifdef WINDOWS
 # include <winsock.h>
+#else
+# include <netdb.h>            /* for h_errno */
 #endif
 
 #include "wget.h"
@@ -71,7 +73,9 @@ extern char *version_string;
 extern int errno;
 #endif
 #ifndef h_errno
+# ifndef __CYGWIN__
 extern int h_errno;
+# endif
 #endif
 \f
 
@@ -364,7 +368,7 @@ register_persistent (const char *host, unsigned short port, int fd
 static int
 persistent_available_p (const char *host, unsigned short port
 #ifdef HAVE_SSL
-                       int ssl
+                       , int ssl
 #endif
                        )
 {
@@ -532,9 +536,41 @@ gethttp (struct urlinfo *u, struct http_stat *hs, int *dt)
   int inhibit_keep_alive;
 
 #ifdef HAVE_SSL
-/* initialize ssl_ctx on first run */
+  /* initialize ssl_ctx on first run */
   if (!ssl_ctx)
-    init_ssl (&ssl_ctx);
+    {
+      err=init_ssl (&ssl_ctx);
+      if (err != 0)
+       {
+         switch (err)
+           {
+           case SSLERRCTXCREATE:
+             /* this is fatal */
+             logprintf (LOG_NOTQUIET, _("Failed to set up an SSL context\n"));
+             ssl_printerrors ();
+             return err;
+           case SSLERRCERTFILE:
+             /* try without certfile */
+             logprintf (LOG_NOTQUIET,
+                        _("Failed to load certificates from %s\n"),
+                        opt.sslcertfile);
+             ssl_printerrors ();
+             logprintf (LOG_NOTQUIET,
+                        _("Trying without the specified certificate\n"));
+             break;
+           case SSLERRCERTKEY:
+             logprintf (LOG_NOTQUIET,
+                        _("Failed to get certificate key from %s\n"),
+                        opt.sslcertkey);
+             ssl_printerrors ();
+             logprintf (LOG_NOTQUIET,
+                        _("Trying without the specified certificate\n"));
+             break;
+           default:
+             break;
+           }
+       }
+    }
 #endif /* HAVE_SSL */
 
   if (!(*dt & HEAD_ONLY))
@@ -1413,7 +1449,8 @@ File `%s' already there, will not retrieve.\n"), u->local);
          printwhat (count, opt.ntry);
          continue;
          break;
-       case HOSTERR: case CONREFUSED: case PROXERR: case AUTHFAILED:
+       case HOSTERR: case CONREFUSED: case PROXERR: case AUTHFAILED: 
+       case SSLERRCTXCREATE:
          /* Fatal errors just return from the function.  */
          FREEHSTAT (hstat);
          xfree (filename_plus_orig_suffix); /* must precede every return! */
@@ -1526,15 +1563,25 @@ The sizes do not match (local %ld) -- retrieving.\n"), local_size);
          FREEHSTAT (hstat);
          continue;
        }
-      if (!opt.dfp
-         && (tmr != (time_t) (-1))
+      if ((tmr != (time_t) (-1))
          && !opt.spider
          && ((hstat.len == hstat.contlen) ||
              ((hstat.res == 0) &&
               ((hstat.contlen == -1) ||
                (hstat.len >= hstat.contlen && !opt.kill_longer)))))
        {
-         touch (u->local, tmr);
+         /* #### This code repeats in http.c and ftp.c.  Move it to a
+             function!  */
+         const char *fl = NULL;
+         if (opt.output_document)
+           {
+             if (opt.od_known_regular)
+               fl = opt.output_document;
+           }
+         else
+           fl = u->local;
+         if (fl)
+           touch (fl, tmr);
        }
       /* End of time-stamping section.  */
 
@@ -1700,7 +1747,7 @@ check_end (const char *p)
     ++p;
   if (!*p
       || (p[0] == 'G' && p[1] == 'M' && p[2] == 'T')
-      || ((p[0] == '+' || p[1] == '-') && ISDIGIT (p[1])))
+      || ((p[0] == '+' || p[0] == '-') && ISDIGIT (p[1])))
     return 1;
   else
     return 0;
@@ -1839,7 +1886,7 @@ basic_authentication_encode (const char *user, const char *passwd,
   sprintf (t1, "%s:%s", user, passwd);
   t2 = (char *)alloca (1 + len2);
   base64_encode (t1, t2, len1);
-  res = (char *)malloc (len2 + 11 + strlen (header));
+  res = (char *)xmalloc (len2 + 11 + strlen (header));
   sprintf (res, "%s: Basic %s\r\n", header, t2);
 
   return res;