projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
PR: 910
[openssl.git] / apps / s_cb.c
diff --git a/apps/s_cb.c b/apps/s_cb.c
index a17e3a293d1190c042fa0fa9119826e89a5e1aae..21aab25d7e05667f7ad8ee2fa55a30a2be9bf82a 100644 (file)
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -134,7 +134,7 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
        err=    X509_STORE_CTX_get_error(ctx);
        depth=  X509_STORE_CTX_get_error_depth(ctx);
 
-       X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256);
+       X509_NAME_oneline(X509_get_subject_name(err_cert),buf,sizeof buf);
        BIO_printf(bio_err,"depth=%d %s\n",depth,buf);
        if (!ok)
                {
@@ -154,7 +154,7 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
        switch (ctx->error)
                {
        case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-               X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256);
+               X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,sizeof buf);
                BIO_printf(bio_err,"issuer= %s\n",buf);
                break;
        case X509_V_ERR_CERT_NOT_YET_VALID:
@@ -229,8 +229,34 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
        return(1);
        }
 
-long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp, int argi,
-            long argl, long ret)
+int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key)
+       {
+       if (SSL_CTX_use_certificate(ctx,cert) <= 0)
+               {
+               BIO_printf(bio_err,"error setting certificate\n");
+               ERR_print_errors(bio_err);
+               return 0;
+               }
+       if (SSL_CTX_use_PrivateKey(ctx,key) <= 0)
+               {
+               BIO_printf(bio_err,"error setting private key\n");
+               ERR_print_errors(bio_err);
+               return 0;
+               }
+
+               
+               /* Now we know that a key and cert have been set against
+                * the SSL context */
+       if (!SSL_CTX_check_private_key(ctx))
+               {
+               BIO_printf(bio_err,"Private key does not match the certificate public key\n");
+               return 0;
+               }
+       return 1;
+       }
+
+long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
+       int argi, long argl, long ret)
        {
        BIO *out;
 
@@ -239,21 +265,21 @@ long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp, int argi,
 
        if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
                {
-               BIO_printf(out,"read from %08X [%08lX] (%d bytes => %ld (0x%X))\n",
-                       bio,argp,argi,ret,ret);
+               BIO_printf(out,"read from %p [%p] (%d bytes => %ld (0x%lX))\n",
+                       (void *)bio,argp,argi,ret,ret);
                BIO_dump(out,argp,(int)ret);
                return(ret);
                }
        else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
                {
-               BIO_printf(out,"write to %08X [%08lX] (%d bytes => %ld (0x%X))\n",
-                       bio,argp,argi,ret,ret);
+               BIO_printf(out,"write to %p [%p] (%d bytes => %ld (0x%lX))\n",
+                       (void *)bio,argp,argi,ret,ret);
                BIO_dump(out,argp,(int)ret);
                }
        return(ret);
        }
 
-void MS_CALLBACK apps_ssl_info_callback(SSL *s, int where, int ret)
+void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret)
        {
        char *str;
        int w;
@@ -312,6 +338,67 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
                str_version = "???";
                }
 
+       if (version == SSL2_VERSION)
+               {
+               str_details1 = "???";
+
+               if (len > 0)
+                       {
+                       switch (((unsigned char*)buf)[0])
+                               {
+                               case 0:
+                                       str_details1 = ", ERROR:";
+                                       str_details2 = " ???";
+                                       if (len >= 3)
+                                               {
+                                               unsigned err = (((unsigned char*)buf)[1]<<8) + ((unsigned char*)buf)[2];
+                                               
+                                               switch (err)
+                                                       {
+                                               case 0x0001:
+                                                       str_details2 = " NO-CIPHER-ERROR";
+                                                       break;
+                                               case 0x0002:
+                                                       str_details2 = " NO-CERTIFICATE-ERROR";
+                                                       break;
+                                               case 0x0004:
+                                                       str_details2 = " BAD-CERTIFICATE-ERROR";
+                                                       break;
+                                               case 0x0006:
+                                                       str_details2 = " UNSUPPORTED-CERTIFICATE-TYPE-ERROR";
+                                                       break;
+                                                       }
+                                               }
+
+                                       break;
+                               case 1:
+                                       str_details1 = ", CLIENT-HELLO";
+                                       break;
+                               case 2:
+                                       str_details1 = ", CLIENT-MASTER-KEY";
+                                       break;
+                               case 3:
+                                       str_details1 = ", CLIENT-FINISHED";
+                                       break;
+                               case 4:
+                                       str_details1 = ", SERVER-HELLO";
+                                       break;
+                               case 5:
+                                       str_details1 = ", SERVER-VERIFY";
+                                       break;
+                               case 6:
+                                       str_details1 = ", SERVER-FINISHED";
+                                       break;
+                               case 7:
+                                       str_details1 = ", REQUEST-CERTIFICATE";
+                                       break;
+                               case 8:
+                                       str_details1 = ", CLIENT-CERTIFICATE";
+                                       break;
+                               }
+                       }
+               }
+
        if (version == SSL3_VERSION || version == TLS1_VERSION)
                {
                switch (content_type)
Unnamed repository; edit this file 'description' to name the repository.