mirror of
https://github.com/rkd77/elinks.git
synced 2024-12-04 14:46:47 -05:00
Use blacklist to skip verification of certificates
This commit is contained in:
parent
f43f5714e8
commit
442f4936dc
@ -1019,7 +1019,6 @@ load_uri(struct uri *uri, struct uri *referrer, struct download *download,
|
|||||||
if (download) {
|
if (download) {
|
||||||
download->progress = conn->progress;
|
download->progress = conn->progress;
|
||||||
download->conn = conn;
|
download->conn = conn;
|
||||||
conn->socket->verify = ((struct session *)download->data)->verify;
|
|
||||||
download->cached = NULL;
|
download->cached = NULL;
|
||||||
download->state = connection_state(S_OK);
|
download->state = connection_state(S_OK);
|
||||||
add_to_list(conn->downloads, download);
|
add_to_list(conn->downloads, download);
|
||||||
|
@ -146,7 +146,6 @@ init_socket(void *conn, struct socket_operations *ops)
|
|||||||
socket->fd = -1;
|
socket->fd = -1;
|
||||||
socket->conn = conn;
|
socket->conn = conn;
|
||||||
socket->ops = ops;
|
socket->ops = ops;
|
||||||
socket->verify = 1;
|
|
||||||
|
|
||||||
return socket;
|
return socket;
|
||||||
}
|
}
|
||||||
@ -261,6 +260,7 @@ make_connection(struct socket *socket, struct uri *uri,
|
|||||||
unsigned char *host = get_uri_string(uri, URI_DNS_HOST);
|
unsigned char *host = get_uri_string(uri, URI_DNS_HOST);
|
||||||
struct connect_info *connect_info;
|
struct connect_info *connect_info;
|
||||||
enum dns_result result;
|
enum dns_result result;
|
||||||
|
enum blacklist_flags verify;
|
||||||
|
|
||||||
socket->ops->set_timeout(socket, connection_state(0));
|
socket->ops->set_timeout(socket, connection_state(0));
|
||||||
|
|
||||||
@ -286,6 +286,9 @@ make_connection(struct socket *socket, struct uri *uri,
|
|||||||
socket->set_no_tls = 1;
|
socket->set_no_tls = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
verify = get_blacklist_flags(uri);
|
||||||
|
socket->verify = ((verify & SERVER_BLACKLIST_NO_CERT_VERIFY) == 0);
|
||||||
|
|
||||||
debug_transfer_log("\nCONNECTION: ", -1);
|
debug_transfer_log("\nCONNECTION: ", -1);
|
||||||
debug_transfer_log(host, -1);
|
debug_transfer_log(host, -1);
|
||||||
debug_transfer_log("\n", -1);
|
debug_transfer_log("\n", -1);
|
||||||
|
@ -405,6 +405,7 @@ ssl_connect(struct socket *socket)
|
|||||||
|
|
||||||
/* TODO: Recode server_name to UTF-8. */
|
/* TODO: Recode server_name to UTF-8. */
|
||||||
server_name = get_uri_string(conn->proxied_uri, URI_HOST);
|
server_name = get_uri_string(conn->proxied_uri, URI_HOST);
|
||||||
|
|
||||||
if (!server_name) {
|
if (!server_name) {
|
||||||
socket->ops->done(socket, connection_state(S_OUT_OF_MEM));
|
socket->ops->done(socket, connection_state(S_OUT_OF_MEM));
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -9,6 +9,7 @@ enum blacklist_flags {
|
|||||||
SERVER_BLACKLIST_HTTP10 = 1,
|
SERVER_BLACKLIST_HTTP10 = 1,
|
||||||
SERVER_BLACKLIST_NO_CHARSET = 2,
|
SERVER_BLACKLIST_NO_CHARSET = 2,
|
||||||
SERVER_BLACKLIST_NO_TLS = 4,
|
SERVER_BLACKLIST_NO_TLS = 4,
|
||||||
|
SERVER_BLACKLIST_NO_CERT_VERIFY = 8,
|
||||||
};
|
};
|
||||||
|
|
||||||
void add_blacklist_entry(struct uri *, enum blacklist_flags);
|
void add_blacklist_entry(struct uri *, enum blacklist_flags);
|
||||||
|
@ -31,6 +31,7 @@
|
|||||||
#include "network/connection.h"
|
#include "network/connection.h"
|
||||||
#include "network/state.h"
|
#include "network/state.h"
|
||||||
#include "osdep/newwin.h"
|
#include "osdep/newwin.h"
|
||||||
|
#include "protocol/http/blacklist.h"
|
||||||
#include "protocol/protocol.h"
|
#include "protocol/protocol.h"
|
||||||
#include "protocol/uri.h"
|
#include "protocol/uri.h"
|
||||||
#ifdef CONFIG_SCRIPTING_SPIDERMONKEY
|
#ifdef CONFIG_SCRIPTING_SPIDERMONKEY
|
||||||
@ -263,7 +264,7 @@ retry_connection_without_verification(void *data)
|
|||||||
struct delayed_open *deo = (struct delayed_open *)data;
|
struct delayed_open *deo = (struct delayed_open *)data;
|
||||||
|
|
||||||
if (deo) {
|
if (deo) {
|
||||||
deo->ses->verify = 0;
|
add_blacklist_entry(deo->uri, SERVER_BLACKLIST_NO_CERT_VERIFY);
|
||||||
goto_uri(deo->ses, deo->uri);
|
goto_uri(deo->ses, deo->uri);
|
||||||
done_uri(deo->uri);
|
done_uri(deo->uri);
|
||||||
mem_free(deo);
|
mem_free(deo);
|
||||||
@ -299,7 +300,7 @@ print_error_dialog(struct session *ses, struct connection_state state,
|
|||||||
|
|
||||||
add_to_string(&msg, get_state_message(state, ses->tab->term));
|
add_to_string(&msg, get_state_message(state, ses->tab->term));
|
||||||
|
|
||||||
if (!ses->verify || !uri) {
|
if (!uri) {
|
||||||
info_box(ses->tab->term, MSGBOX_FREE_TEXT,
|
info_box(ses->tab->term, MSGBOX_FREE_TEXT,
|
||||||
N_("Error"), ALIGN_CENTER,
|
N_("Error"), ALIGN_CENTER,
|
||||||
msg.source);
|
msg.source);
|
||||||
@ -919,8 +920,6 @@ init_session(struct session *base_session, struct terminal *term,
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
ses->verify = 1;
|
|
||||||
|
|
||||||
ses->option = copy_option(config_options,
|
ses->option = copy_option(config_options,
|
||||||
CO_SHALLOW | CO_NO_LISTBOX_ITEM);
|
CO_SHALLOW | CO_NO_LISTBOX_ITEM);
|
||||||
create_history(&ses->history);
|
create_history(&ses->history);
|
||||||
|
@ -229,8 +229,6 @@ struct session {
|
|||||||
/** The info for status displaying */
|
/** The info for status displaying */
|
||||||
struct session_status status;
|
struct session_status status;
|
||||||
|
|
||||||
/** Verify SSL */
|
|
||||||
unsigned int verify:1;
|
|
||||||
/** @} */
|
/** @} */
|
||||||
};
|
};
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user