aboutsummaryrefslogtreecommitdiff
path: root/src/IO
diff options
context:
space:
mode:
Diffstat (limited to 'src/IO')
-rw-r--r--src/IO/tls.c25
-rw-r--r--src/IO/tls.h2
2 files changed, 20 insertions, 7 deletions
diff --git a/src/IO/tls.c b/src/IO/tls.c
index 89ad7989..dfe76744 100644
--- a/src/IO/tls.c
+++ b/src/IO/tls.c
@@ -64,7 +64,7 @@ void a_Tls_init()
#define CERT_STATUS_NONE 0
#define CERT_STATUS_RECEIVING 1
-#define CERT_STATUS_GOOD 2
+#define CERT_STATUS_CLEAN 2
#define CERT_STATUS_BAD 3
#define CERT_STATUS_USER_ACCEPTED 4
@@ -402,18 +402,29 @@ int a_Tls_connect_ready(const DilloUrl *url)
return ret;
}
+static int Tls_cert_status(const DilloUrl *url)
+{
+ Server_t *s = dList_find_sorted(servers, url, Tls_servers_by_url_cmp);
+
+ return s ? s->cert_status : CERT_STATUS_NONE;
+}
+
/*
* Did we find problems with the certificate, and did the user proceed to
* reject the connection?
*/
static int Tls_user_said_no(const DilloUrl *url)
{
- Server_t *s = dList_find_sorted(servers, url, Tls_servers_by_url_cmp);
-
- if (!s)
- return FALSE;
+ return Tls_cert_status(url) == CERT_STATUS_BAD;
+}
- return s->cert_status == CERT_STATUS_BAD;
+/*
+ * Did everything seem proper with the certificate -- no warnings to
+ * click through?
+ */
+int a_Tls_certificate_is_clean(const DilloUrl *url)
+{
+ return Tls_cert_status(url) == CERT_STATUS_CLEAN;
}
/******************** BEGINNING OF STUFF DERIVED FROM wget-1.16.3 */
@@ -894,7 +905,7 @@ static int Tls_examine_certificate(SSL *ssl, Server_t *srv,const char *host)
if (choice == 2)
srv->cert_status = CERT_STATUS_BAD;
else if (choice == -1)
- srv->cert_status = CERT_STATUS_GOOD;
+ srv->cert_status = CERT_STATUS_CLEAN;
else
srv->cert_status = CERT_STATUS_USER_ACCEPTED;
diff --git a/src/IO/tls.h b/src/IO/tls.h
index e3892cb2..9bc89de5 100644
--- a/src/IO/tls.h
+++ b/src/IO/tls.h
@@ -15,6 +15,7 @@ void a_Tls_init();
#ifdef ENABLE_SSL
+int a_Tls_certificate_is_clean(const DilloUrl *url);
int a_Tls_connect_ready(const DilloUrl *url);
void a_Tls_reset_server_state(const DilloUrl *url);
@@ -30,6 +31,7 @@ int a_Tls_read(void *conn, void *buf, size_t len);
int a_Tls_write(void *conn, void *buf, size_t len);
#else
+#define a_Tls_certificate_is_clean(host) 0
#define a_Tls_connect_ready(url) TLS_CONNECT_NEVER
#define a_Tls_reset_server_state(url) ;
#define a_Tls_handshake(fd, url) ;