/* SSL support via OpenSSL library.
Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008,
- 2009 Free Software Foundation, Inc.
+ 2009, 2010, 2011 Free Software Foundation, Inc.
Originally contributed by Christian Fraenkel.
This file is part of GNU Wget.
#include <assert.h>
#include <errno.h>
-#ifdef HAVE_UNISTD_H
-# include <unistd.h>
-#endif
+#include <unistd.h>
#include <string.h>
#include <openssl/ssl.h>
xfree_null (ctx->last_error);
xfree (ctx);
-#if defined(WINDOWS) || defined(USE_WATT32)
- closesocket (fd);
-#else
close (fd);
-#endif
DEBUGP (("Closed %d/SSL 0x%0*lx\n", fd, PTR_FORMAT (conn)));
}
conn = SSL_new (ssl_ctx);
if (!conn)
goto error;
- if (!SSL_set_fd (conn, fd))
+#ifndef FD_TO_SOCKET
+# define FD_TO_SOCKET(X) (X)
+#endif
+ if (!SSL_set_fd (conn, FD_TO_SOCKET (fd)))
goto error;
SSL_set_connect_state (conn);
if (SSL_connect (conn) <= 0 || conn->state != SSL_ST_OK)
/* Do we want to check for dNSNAmes or ipAddresses (see RFC 2818)?
* Signal it by host_in_octet_string. */
- ASN1_OCTET_STRING *host_in_octet_string = NULL;
- host_in_octet_string = a2i_IPADDRESS (host);
+ ASN1_OCTET_STRING *host_in_octet_string = a2i_IPADDRESS (host);
int numaltnames = sk_GENERAL_NAME_num (subjectAltNames);
int i;
}
else if (name->type == GEN_DNS)
{
- /* Check for dNSName */
- alt_name_checked = true;
/* dNSName should be IA5String (i.e. ASCII), however who
* does trust CA? Convert it into UTF-8 for sure. */
unsigned char *name_in_utf8 = NULL;
+
+ /* Check for dNSName */
+ alt_name_checked = true;
+
if (0 <= ASN1_STRING_to_UTF8 (&name_in_utf8, name->d.dNSName))
{
/* Compare and check for NULL attack in ASN1_STRING */
projects / wget / blobdiff