From 3948bb44ff30ebda9837480c42de7f0d384e4cb9 Mon Sep 17 00:00:00 2001 From: Matthias Andree Date: Fri, 7 Mar 2008 13:16:58 +0000 Subject: Merge Daniel Richard G.'s --sslcommonname option. Exception from no-features policy on 6.3.X is made to keep people away from doing more dangerous things in order to get rid of CommonName mismatch warnings. svn path=/branches/BRANCH_6-3/; revision=5165 --- options.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'options.c') diff --git a/options.c b/options.c index 87a308c7..56569bcb 100644 --- a/options.c +++ b/options.c @@ -46,6 +46,7 @@ enum { LA_SSLPROTO, LA_SSLCERTCK, LA_SSLCERTPATH, + LA_SSLCOMMONNAME, LA_SSLFINGERPRINT, LA_FETCHSIZELIMIT, LA_FASTUIDL, @@ -125,6 +126,7 @@ static const struct option longoptions[] = { {"sslproto", required_argument, (int *) 0, LA_SSLPROTO }, {"sslcertck", no_argument, (int *) 0, LA_SSLCERTCK }, {"sslcertpath", required_argument, (int *) 0, LA_SSLCERTPATH }, + {"sslcommonname", required_argument, (int *) 0, LA_SSLCOMMONNAME }, {"sslfingerprint", required_argument, (int *) 0, LA_SSLFINGERPRINT }, #endif @@ -539,6 +541,10 @@ int parsecmdline (int argc /** argument count */, ctl->sslcertpath = prependdir(optarg, currentwd); break; + case LA_SSLCOMMONNAME: + ctl->sslcommonname = xstrdup(optarg); + break; + case LA_SSLFINGERPRINT: ctl->sslfingerprint = xstrdup(optarg); break; @@ -611,6 +617,7 @@ int parsecmdline (int argc /** argument count */, P(GT_(" --sslcert ssl client certificate\n")); P(GT_(" --sslcertck do strict server certificate check (recommended)\n")); P(GT_(" --sslcertpath path to ssl certificates\n")); + P(GT_(" --sslcommonname expect this CommonName from server (discouraged)\n")); P(GT_(" --sslfingerprint fingerprint that must match that of the server's cert.\n")); P(GT_(" --sslproto force ssl protocol (SSL2/SSL3/TLS1)\n")); #endif -- cgit v1.2.3