Security callback debug print out.

[openssl.git] / apps / s_server.c

diff --git a/apps/s_server.c b/apps/s_server.c
index 9db57dff3c36733e1173f9b78d62f79826625785..10bfdd6b911e0a6ee669fe942de65edd8e6e80b1 100644 (file)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1030,6 +1030,7 @@ int MAIN(int argc, char *argv[])
        EVP_PKEY *s_key = NULL, *s_dkey = NULL;
        int no_cache = 0, ext_cache = 0;
        int rev = 0, naccept = -1;
+       int sdebug = 0;
 #ifndef OPENSSL_NO_TLSEXT
        EVP_PKEY *s_key2 = NULL;
        X509 *s_cert2 = NULL;
@@ -1344,6 +1345,10 @@ int MAIN(int argc, char *argv[])
                else if (strcmp(*argv,"-trace") == 0)
                        { s_msg=2; }
 #endif
+               else if (strcmp(*argv,"-security_debug") == 0)
+                       { sdebug=1; }
+               else if (strcmp(*argv,"-security_debug_verbose") == 0)
+                       { sdebug=2; }
                else if (strcmp(*argv,"-hack") == 0)
                        { hack=1; }
                else if (strcmp(*argv,"-state") == 0)
@@ -1743,6 +1748,8 @@ bad:
                }
 
        ctx=SSL_CTX_new(meth);
+       if (sdebug)
+               ssl_ctx_security_debug(ctx, bio_err, sdebug);
        if (ctx == NULL)
                {
                ERR_print_errors(bio_err);
@@ -1832,6 +1839,9 @@ bad:
                {
                BIO_printf(bio_s_out,"Setting secondary ctx parameters\n");
 
+               if (sdebug)
+                       ssl_ctx_security_debug(ctx, bio_err, sdebug);
+
                if (session_id_prefix)
                        {
                        if(strlen(session_id_prefix) >= 32)