ref: 59fe51f5cbb81a135734c693ab51a5b243534c92
dir: /sys/src/cmd/upas/fs/tls.c/
#include "common.h" #include <libsec.h> #include <auth.h> #include "dat.h" int wraptls(int ofd, char *host) { Thumbprint *thumb; TLSconn conn; int fd; memset(&conn, 0, sizeof conn); conn.serverName = host; fd = tlsClient(ofd, &conn); if(fd < 0){ close(ofd); return -1; } if(nocertcheck){ syslog(Sflag, logf, "ignoring cert for %s", host); goto skip; } thumb = initThumbprints("/sys/lib/tls/mail", "/sys/lib/tls/mail.exclude", "x509"); if(thumb != nil){ if(!okCertificate(conn.cert, conn.certlen, thumb)){ werrstr("cert for %s not recognized: %r", host); close(fd); fd = -1; } freeThumbprints(thumb); } skip: free(conn.cert); free(conn.sessionID); return fd; }