From 59cf93ccdbaa5e866f9de6b2d9b1ae5cee84863f Mon Sep 17 00:00:00 2001 From: Quinn Slack Date: Wed, 19 Jan 2011 20:35:02 +0100 Subject: TLS-SRP: support added when using GnuTLS --- src/main.c | 50 +++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 49 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/main.c b/src/main.c index 7e2e34ece..d8a105ea7 100644 --- a/src/main.c +++ b/src/main.c @@ -503,6 +503,9 @@ struct Configurable { long low_speed_time; bool showerror; char *userpwd; + char *tls_username; + char *tls_password; + char *tls_authtype; char *proxyuserpwd; char *proxy; int proxyver; /* set to CURLPROXY_HTTP* define */ @@ -903,6 +906,11 @@ static void help(void) " --url Set URL to work with", " -B/--use-ascii Use ASCII/text transfer", " -u/--user Set server user and password", +#ifdef USE_TLS_SRP + " --tlsuser Set TLS username", + " --tlspassword Set TLS password", + " --tlsauthtype Set TLS authentication type (default SRP)", +#endif " -A/--user-agent User-Agent to send to server (H)", " -v/--verbose Make the operation more talkative", " -V/--version Show version number and quit", @@ -1916,6 +1924,11 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */ {"Eh","pubkey", TRUE}, {"Ei", "hostpubmd5", TRUE}, {"Ej","crlfile", TRUE}, +#ifdef USE_TLS_SRP + {"Ek","tlsuser", TRUE}, + {"El","tlspassword", TRUE}, + {"Em","tlsauthtype", TRUE}, +#endif {"f", "fail", FALSE}, {"F", "form", TRUE}, {"Fs","form-string", TRUE}, @@ -2744,6 +2757,28 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */ /* CRL file */ GetStr(&config->crlfile, nextarg); break; +#ifdef USE_TLS_SRP + case 'k': /* TLS username */ + if(curlinfo->features & CURL_VERSION_TLSAUTH_SRP) { + GetStr(&config->tls_username, nextarg); + } else + return PARAM_LIBCURL_DOESNT_SUPPORT; + break; + case 'l': /* TLS password */ + if(curlinfo->features & CURL_VERSION_TLSAUTH_SRP) { + GetStr(&config->tls_password, nextarg); + } else + return PARAM_LIBCURL_DOESNT_SUPPORT; + break; + case 'm': /* TLS authentication type */ + if(curlinfo->features & CURL_VERSION_TLSAUTH_SRP) { + GetStr(&config->tls_authtype, nextarg); + if (strncmp(config->tls_authtype, "SRP", strlen("SRP")) != 0) + return PARAM_LIBCURL_DOESNT_SUPPORT; /* only support TLS-SRP */ + } else + return PARAM_LIBCURL_DOESNT_SUPPORT; + break; +#endif default: /* certificate file */ { char *ptr = strchr(nextarg, ':'); @@ -3122,7 +3157,8 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */ {"SSPI", CURL_VERSION_SSPI}, {"krb4", CURL_VERSION_KERBEROS4}, {"libz", CURL_VERSION_LIBZ}, - {"CharConv", CURL_VERSION_CONV} + {"CharConv", CURL_VERSION_CONV}, + {"TLS-SRP", CURL_VERSION_TLSAUTH_SRP} }; printf("Features: "); for(i=0; ihostpubmd5); if(config->mail_from) free(config->mail_from); +#ifdef USE_TLS_SRP + if(config->tls_authtype) + free(config->tls_authtype); + if(config->tls_username) + free(config->tls_username); + if(config->tls_password) + free(config->tls_password); +#endif #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) if(config->socks5_gssapi_service) free(config->socks5_gssapi_service); @@ -5462,6 +5506,10 @@ operate(struct Configurable *config, int argc, argv_item_t argv[]) /* new in 7.21.3 */ my_setopt(curl, CURLOPT_RESOLVE, config->resolve); + /* TODO: new in ### */ + curl_easy_setopt(curl, CURLOPT_TLSAUTH_USERNAME, config->tls_username); + curl_easy_setopt(curl, CURLOPT_TLSAUTH_PASSWORD, config->tls_password); + retry_numretries = config->req_retry; retrystart = cutil_tvnow(); -- cgit v1.2.3