1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
diff --git a/networking/wget.c b/networking/wget.c
index cd92b3a28..a12c921cd 100644
--- a/networking/wget.c
+++ b/networking/wget.c
@@ -50,7 +50,6 @@
//config: bool "Support HTTPS using internal TLS code"
//config: default y
//config: depends on WGET
-//config: select TLS
//config: help
//config: wget will use internal TLS code to connect to https:// URLs.
//config: Note:
@@ -767,8 +766,8 @@ static void spawn_ssl_client(const char *host, int network_fd)
int pid;
char *servername, *p;
- if (!(option_mask32 & WGET_OPT_NO_CHECK_CERT))
- bb_error_msg("note: TLS certificate validation not implemented");
+ if (ENABLE_SSL_CLIENT && !(option_mask32 & WGET_OPT_NO_CHECK_CERT))
+ bb_error_msg_and_die("note: TLS certificate validation not implemented");
servername = xstrdup(host);
p = strrchr(servername, ':');
@@ -785,21 +784,25 @@ static void spawn_ssl_client(const char *host, int network_fd)
close(sp[0]);
xmove_fd(sp[1], 0);
xdup2(0, 1);
- if (BB_MMU) {
+ if (BB_MMU && ENABLE_TLS && (option_mask32 & WGET_OPT_NO_CHECK_CERT)) {
tls_state_t *tls = new_tls_state();
tls->ifd = tls->ofd = network_fd;
tls_handshake(tls, servername);
tls_run_copy_loop(tls);
exit(0);
} else {
- char *argv[5];
+ char *argv[6];
xmove_fd(network_fd, 3);
argv[0] = (char*)"ssl_client";
argv[1] = (char*)"-s3";
//TODO: if (!is_ip_address(servername))...
argv[2] = (char*)"-n";
argv[3] = servername;
- argv[4] = NULL;
+ if (!ENABLE_SSL_CLIENT &&(option_mask32 & WGET_OPT_NO_CHECK_CERT)) {
+ argv[4] = (char*)"-I";
+ argv[5] = NULL;
+ } else
+ argv[4] = NULL;
BB_EXECVP(argv[0], argv);
bb_perror_msg_and_die("can't execute '%s'", argv[0]);
}
|