9 fprint(2, "usage: tlsclient [-c lib/tls/clientcert] [-t /sys/lib/tls/xxx] [-x /sys/lib/tls/xxx.exclude] dialstring\n");
14 xfer(int from, int to)
19 while((n = read(from, buf, sizeof buf)) > 0)
20 if(write(to, buf, n) < 0)
25 reporter(char *fmt, ...)
30 fprint(2, "%s: tls reports ", argv0);
39 main(int argc, char **argv)
44 char *addr, *file, *filex, *ccert;
54 file = EARGF(usage());
57 filex = EARGF(usage());
63 ccert = EARGF(usage());
73 sysfatal("specifying -x without -t is useless");
75 thumb = initThumbprints(file, filex);
77 sysfatal("initThumbprints: %r");
81 if((fd = dial(addr, 0, 0, 0)) < 0)
82 sysfatal("dial %s: %r", addr);
84 conn = (TLSconn*)mallocz(sizeof *conn, 1);
86 conn->cert = readcert(ccert, &conn->certlen);
88 conn->trace = reporter;
89 fd = tlsClient(fd, conn);
91 sysfatal("tlsclient: %r");
93 if(conn->cert==nil || conn->certlen<=0)
94 sysfatal("server did not provide TLS certificate");
95 sha1(conn->cert, conn->certlen, digest, nil);
96 if(!okThumbprint(digest, thumb)){
97 fmtinstall('H', encodefmt);
98 sysfatal("server certificate %.*H not recognized", SHA1dlen, digest);
105 fprint(2, "%s: fork: %r\n", argv0);
114 postnote(PNGROUP, getpid(), "die yankee pig dog");