return 0;
}
- if(EmptyString(yy_server->passwd) || EmptyString(yy_server->spasswd))
+ if((EmptyString(yy_server->passwd) || EmptyString(yy_server->spasswd)) && EmptyString(yy_server->certfp))
{
- conf_report_error("Ignoring connect block for %s -- missing password.",
+ conf_report_error("Ignoring connect block for %s -- no certfp or password credentials provided.",
yy_server->name);
return 0;
}
yy_server->passwd = rb_strdup(data);
}
+static void
+conf_set_connect_fingerprint(void *data)
+{
+ yy_server->certfp = rb_strdup((char *) data);
+
+ /* force SSL to be enabled if fingerprint is enabled. */
+ yy_server->flags |= SERVER_SSL;
+}
+
static void
conf_set_connect_port(void *data)
{
/* if it takes one thing, make sure they only passed one thing,
and handle as needed. */
- if(value->type & CF_FLIST && !(cf->cf_type & CF_FLIST))
+ if(value->type & CF_FLIST && !cf->cf_type & CF_FLIST)
{
conf_report_error
("Option %s::%s does not take a list of values.", tc->tc_name, item);
{
{ "send_password", CF_QSTRING, conf_set_connect_send_password, 0, NULL },
{ "accept_password", CF_QSTRING, conf_set_connect_accept_password, 0, NULL },
+ { "fingerprint", CF_QSTRING, conf_set_connect_fingerprint, 0, NULL },
{ "flags", CF_STRING | CF_FLIST, conf_set_connect_flags, 0, NULL },
{ "host", CF_QSTRING, conf_set_connect_host, 0, NULL },
{ "vhost", CF_QSTRING, conf_set_connect_vhost, 0, NULL },