From 8cfcd00045db0489ce23dbafacb7f6742fe094c6 Mon Sep 17 00:00:00 2001 From: David <31015441+deFractal@users.noreply.github.com> Date: Wed, 4 Aug 2021 19:03:12 -0700 Subject: [PATCH] Document CA file & dir compiler options and fix a trivia typo --- Makefile | 6 ++++++ docs/proxytunnel.1.adoc | 3 ++- ptstream.c | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index d2fc076..1da0ce7 100644 --- a/Makefile +++ b/Makefile @@ -26,6 +26,12 @@ OPTFLAGS += -DSETPROCTITLE -DSPT_TYPE=2 # DARWIN #OPTFLAGS += -DDARWIN +# DARWIN, continued, if compiling for macOS with Homebrew +#CFLAGS += -I/usr/local/opt/openssl/include +#LDFLAGS += -L/usr/local/opt/openssl/lib +#OPTFLAGS += -DDEFAULT_CA_FILE='"/usr/local/etc/openssl@1.1/cacert.pem"' +#OPTFLAGS += -DDEFAULT_CA_DIR=NULL + # CYGWIN #OPTFLAGS += -DCYGWIN diff --git a/docs/proxytunnel.1.adoc b/docs/proxytunnel.1.adoc index 7d136ee..0be08f8 100644 --- a/docs/proxytunnel.1.adoc +++ b/docs/proxytunnel.1.adoc @@ -69,7 +69,8 @@ also be used for other proxy-traversing purposes like proxy bouncing. *-C*, *--cacert*=_filename/directory_:: Specify a CA certificate file (or directory containing CA certificate(s)) to trust when verifying a server SSL certificate. If a directory is provided, - it must be prepared with OpenSSL's c_rehash tool. (default: /etc/ssl/certs) + it must be prepared with OpenSSL's c_rehash tool. (default, unless changed at + compile time using DEFAULT_CA_FILE or DEFAULT_CA_DIR options: /etc/ssl/certs) *-F*, *--passfile*=_filename_:: Use _filename_ for reading username and password for HTTPS proxy diff --git a/ptstream.c b/ptstream.c index e11a958..8d46c69 100644 --- a/ptstream.c +++ b/ptstream.c @@ -266,7 +266,7 @@ int stream_enable_ssl(PTSTREAM *pts, const char *proxy_arg) { #ifndef DEFAULT_CA_FILE const char *ca_file = NULL; #else - const char *ca_file = DEFAULT_CA_FILE; /* Default cert file from in Makefile */ + const char *ca_file = DEFAULT_CA_FILE; /* Default cert file from Makefile */ #endif /* !DEFAULT_CA_FILE */ #ifndef DEFAULT_CA_DIR const char *ca_dir = "/etc/ssl/certs/"; /* Default cert directory if none given */