mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-01-31 03:27:39 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
cosmopolitan/net/https/describesslverifyfailure.c
Justine Tunney c89bc56f6a Add HTTP/HTTPS Fetch() API to redbean 
You can now say the following in your redbean Lua code:

    status,headers,payload = Fetch("https://foo.example")

The following Lua APIs have been introduced:

  - Fetch(str) → str,{str:str},str
  - GetHttpReason(int) → str
  - GetHttpReason(int) → str
  - ProgramSslFetchVerify(bool)
  - ProgramSslClientVerify(bool)

The following flags have been introduced:

  - `-j` enables client SSL verification
  - `-k` disables Fetch() SSL verification
  - `-t INT` may now be passed a negative value for keepalive

Lua exceptions now invoke Cosmopolitan's garbage collector when
unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴

See #97
2021-07-07 21:44:27 -07:00

60 lines
3.4 KiB
C
Raw Blame History

/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
│vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi│
╞══════════════════════════════════════════════════════════════════════════════╡
│ Copyright 2021 Justine Alexandra Roberts Tunney │
│ │
│ Permission to use, copy, modify, and/or distribute this software for │
│ any purpose with or without fee is hereby granted, provided that the │
│ above copyright notice and this permission notice appear in all copies. │
│ │
│ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL │
│ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED │
│ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE │
│ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL │
│ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR │
│ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER │
│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR │
│ PERFORMANCE OF THIS SOFTWARE. │
╚─────────────────────────────────────────────────────────────────────────────*/
#include "libc/macros.internal.h"
#include "libc/mem/mem.h"
#include "libc/str/str.h"
#include "net/https/https.h"
static const struct thatispacked SslVerifyString {
int code;
const char *str;
} kSslVerifyStrings[] = {
{MBEDTLS_X509_BADCERT_BAD_KEY, "badcert_bad_key"},
{MBEDTLS_X509_BADCERT_BAD_MD, "badcert_bad_md"},
{MBEDTLS_X509_BADCERT_BAD_PK, "badcert_bad_pk"},
{MBEDTLS_X509_BADCERT_CN_MISMATCH, "badcert_cn_mismatch"},
{MBEDTLS_X509_BADCERT_EXPIRED, "badcert_expired"},
{MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, "badcert_ext_key_usage"},
{MBEDTLS_X509_BADCERT_FUTURE, "badcert_future"},
{MBEDTLS_X509_BADCERT_KEY_USAGE, "badcert_key_usage"},
{MBEDTLS_X509_BADCERT_MISSING, "badcert_missing"},
{MBEDTLS_X509_BADCERT_NOT_TRUSTED, "badcert_not_trusted"},
{MBEDTLS_X509_BADCERT_NS_CERT_TYPE, "badcert_ns_cert_type"},
{MBEDTLS_X509_BADCERT_OTHER, "badcert_other"},
{MBEDTLS_X509_BADCERT_REVOKED, "badcert_revoked"},
{MBEDTLS_X509_BADCERT_SKIP_VERIFY, "badcert_skip_verify"},
{MBEDTLS_X509_BADCRL_BAD_KEY, "badcrl_bad_key"},
{MBEDTLS_X509_BADCRL_BAD_MD, "badcrl_bad_md"},
{MBEDTLS_X509_BADCRL_BAD_PK, "badcrl_bad_pk"},
{MBEDTLS_X509_BADCRL_EXPIRED, "badcrl_expired"},
{MBEDTLS_X509_BADCRL_FUTURE, "badcrl_future"},
{MBEDTLS_X509_BADCRL_NOT_TRUSTED, "badcrl_not_trusted"},
};
char *DescribeSslVerifyFailure(int flags) {
int i;
char *p, *q;
p = malloc(1024);
q = stpcpy(p, "verify failed");
for (i = 0; i < ARRAYLEN(kSslVerifyStrings); ++i) {
if (!(flags & kSslVerifyStrings[i].code)) continue;
q = stpcpy(stpcpy(q, " "), kSslVerifyStrings[i].str);
}
return p;
}
Reference in a new issue View git blame Copy permalink