summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2018-01-28 14:15:56 +0100
committerDaniel Stenberg <daniel@haxx.se>2018-01-30 08:00:31 +0100
commitfecec1d8aefb3cc89925cffb83d4de6bc95540bb (patch)
treeb493edaeace16e6bddfd97d63614917f767dc223 /src
parentb7db2842666286bb66111b1da46e707bf5d417b4 (diff)
downloadcurl-fecec1d8aefb3cc89925cffb83d4de6bc95540bb.tar.gz
curl: add --proxy-pinnedpubkey
To verify a proxy's public key. For when using HTTPS proxies. Fixes #2192 Closes #2268
Diffstat (limited to 'src')
-rw-r--r--src/tool_cfgable.c3
-rw-r--r--src/tool_cfgable.h3
-rw-r--r--src/tool_getparam.c5
-rw-r--r--src/tool_help.c4
4 files changed, 12 insertions, 3 deletions
diff --git a/src/tool_cfgable.c b/src/tool_cfgable.c
index 755195ced..d77488166 100644
--- a/src/tool_cfgable.c
+++ b/src/tool_cfgable.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -113,6 +113,7 @@ static void free_config_fields(struct OperationConfig *config)
Curl_safefree(config->proxy_capath);
Curl_safefree(config->crlfile);
Curl_safefree(config->pinnedpubkey);
+ Curl_safefree(config->proxy_pinnedpubkey);
Curl_safefree(config->proxy_crlfile);
Curl_safefree(config->key);
Curl_safefree(config->proxy_key);
diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h
index ddfc9bfce..713739e7a 100644
--- a/src/tool_cfgable.h
+++ b/src/tool_cfgable.h
@@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -128,6 +128,7 @@ struct OperationConfig {
char *crlfile;
char *proxy_crlfile;
char *pinnedpubkey;
+ char *proxy_pinnedpubkey;
char *key;
char *proxy_key;
char *key_type;
diff --git a/src/tool_getparam.c b/src/tool_getparam.c
index 3f4046417..015d63551 100644
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@@ -232,6 +232,7 @@ static const struct LongShort aliases[]= {
{"En", "ssl-allow-beast", ARG_BOOL},
{"Eo", "login-options", ARG_STRING},
{"Ep", "pinnedpubkey", ARG_STRING},
+ {"EP", "proxy-pinnedpubkey", ARG_STRING},
{"Eq", "cert-status", ARG_BOOL},
{"Er", "false-start", ARG_BOOL},
{"Es", "ssl-no-revoke", ARG_BOOL},
@@ -1500,6 +1501,10 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
GetStr(&config->pinnedpubkey, nextarg);
break;
+ case 'P': /* proxy pinned public key */
+ GetStr(&config->proxy_pinnedpubkey, nextarg);
+ break;
+
case 'q': /* --cert-status */
config->verifystatus = TRUE;
break;
diff --git a/src/tool_help.c b/src/tool_help.c
index 9dc59cb3e..70b2e8a1b 100644
--- a/src/tool_help.c
+++ b/src/tool_help.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -314,6 +314,8 @@ static const struct helptxt helptext[] = {
"Use NTLM authentication on the proxy"},
{" --proxy-pass <phrase>",
"Pass phrase for the private key for HTTPS proxy"},
+ {" --proxy-pinnedpubkey <hashes>",
+ "FILE/HASHES public key to verify proxy with"},
{" --proxy-service-name <name>",
"SPNEGO proxy service name"},
{" --proxy-ssl-allow-beast",