walkero
/
nghttp2
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

nghttp: Add -y, --no-verify-peer option to suppress peer verify warn

This commit is contained in:
Tatsuhiro Tsujikawa 2017-04-28 09:53:37 +09:00
parent 58043a6b04
commit 6f3ec54b9f
2 changed files with 17 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/nghttp.cc
View File

@ -116,7 +116,8 @@ Config::Config()
no_dep(false), no_dep(false),
hexdump(false), hexdump(false),
no_push(false), no_push(false),
expect_continue(false) { expect_continue(false),
verify_peer(true) {
nghttp2_option_new(&http2_option); nghttp2_option_new(&http2_option);
nghttp2_option_set_peer_max_concurrent_streams(http2_option, nghttp2_option_set_peer_max_concurrent_streams(http2_option,
peer_max_concurrent_streams); peer_max_concurrent_streams);
@ -1311,10 +1312,12 @@ int HttpClient::tls_handshake() {
readfn = &HttpClient::read_tls; readfn = &HttpClient::read_tls;
writefn = &HttpClient::write_tls; writefn = &HttpClient::write_tls;
auto verify_res = SSL_get_verify_result(ssl); if (config.verify_peer) {
if (verify_res != X509_V_OK) { auto verify_res = SSL_get_verify_result(ssl);
std::cerr << "[WARNING] Certificate verification failed: " if (verify_res != X509_V_OK) {
<< X509_verify_cert_error_string(verify_res) << std::endl; std::cerr << "[WARNING] Certificate verification failed: "
<< X509_verify_cert_error_string(verify_res) << std::endl;
}
} }
if (connection_made() != 0) { if (connection_made() != 0) {
@ -2728,6 +2731,9 @@ Options:
(up to a short timeout) until the server sends a 100 (up to a short timeout) until the server sends a 100
Continue interim response. This option is ignored unless Continue interim response. This option is ignored unless
combined with the -d option. combined with the -d option.
-y, --no-verify-peer
Suppress warning on server certificate verification
failure.
--version Display version information and exit. --version Display version information and exit.
-h, --help Display this help and exit. -h, --help Display this help and exit.
@ -2769,6 +2775,7 @@ int main(int argc, char **argv) {
{"header-table-size", required_argument, nullptr, 'c'}, {"header-table-size", required_argument, nullptr, 'c'},
{"padding", required_argument, nullptr, 'b'}, {"padding", required_argument, nullptr, 'b'},
{"har", required_argument, nullptr, 'r'}, {"har", required_argument, nullptr, 'r'},
{"no-verify-peer", no_argument, nullptr, 'y'},
{"cert", required_argument, &flag, 1}, {"cert", required_argument, &flag, 1},
{"key", required_argument, &flag, 2}, {"key", required_argument, &flag, 2},
{"color", no_argument, &flag, 3}, {"color", no_argument, &flag, 3},
@ -2784,7 +2791,7 @@ int main(int argc, char **argv) {
{"encoder-header-table-size", required_argument, &flag, 14}, {"encoder-header-table-size", required_argument, &flag, 14},
{nullptr, 0, nullptr, 0}}; {nullptr, 0, nullptr, 0}};
int option_index = 0; int option_index = 0;
int c = getopt_long(argc, argv, "M:Oab:c:d:gm:np:r:hH:vst:uw:W:", int c = getopt_long(argc, argv, "M:Oab:c:d:gm:np:r:hH:vst:uw:yW:",
long_options, &option_index); long_options, &option_index);
if (c == -1) { if (c == -1) {
break; break;
@ -2915,6 +2922,9 @@ int main(int argc, char **argv) {
config.min_header_table_size = std::min(config.min_header_table_size, n); config.min_header_table_size = std::min(config.min_header_table_size, n);
break; break;
} }
case 'y':
config.verify_peer = false;
break;
case '?': case '?':
util::show_candidates(argv[optind - 1], long_options); util::show_candidates(argv[optind - 1], long_options);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);

1
src/nghttp.h
View File

@ -96,6 +96,7 @@ struct Config {
bool hexdump; bool hexdump;
bool no_push; bool no_push;
bool expect_continue; bool expect_continue;
bool verify_peer;
}; };
enum class RequestState { INITIAL, ON_REQUEST, ON_RESPONSE, ON_COMPLETE }; enum class RequestState { INITIAL, ON_REQUEST, ON_RESPONSE, ON_COMPLETE };