9 fprint(2, "usage: tlsclient [-t /sys/lib/tls/xxx] [-x /sys/lib/tls/xxx.exclude] dialstring\n");
14 xfer(int from, int to)
19 while((n = read(from, buf, sizeof buf)) > 0)
20 if(write(to, buf, n) < 0)
25 main(int argc, char **argv)
30 char *addr, *file, *filex;
38 file = EARGF(usage());
41 filex = EARGF(usage());
51 sysfatal("specifying -x without -t is useless");
53 thumb = initThumbprints(file, filex);
55 sysfatal("initThumbprints: %r");
59 if((netfd = dial(addr, 0, 0, 0)) < 0)
60 sysfatal("dial %s: %r", addr);
62 memset(&conn, 0, sizeof conn);
63 fd = tlsClient(netfd, &conn);
65 sysfatal("tlsclient: %r");
67 if(conn.cert==nil || conn.certlen<=0)
68 sysfatal("server did not provide TLS certificate");
69 sha1(conn.cert, conn.certlen, digest, nil);
70 if(!okThumbprint(digest, thumb)){
71 fmtinstall('H', encodefmt);
72 sysfatal("server certificate %.*H not recognized", SHA1dlen, digest);
81 fprint(2, "%s: fork: %r\n", argv0);
90 postnote(PNGROUP, getpid(), "die yankee pig dog");