Update from 1.0.0-stable
[openssl.git] / apps / s_cb.c
index 573f98c..3fc73a2 100644 (file)
 
 int verify_depth=0;
 int verify_error=X509_V_OK;
+int verify_return_error=0;
 
 int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
        {
@@ -142,7 +143,8 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
                        X509_verify_cert_error_string(err));
                if (verify_depth >= depth)
                        {
-                       ok=1;
+                       if (!verify_return_error)
+                               ok=1;
                        verify_error=X509_V_OK;
                        }
                else
@@ -258,7 +260,7 @@ int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key)
        }
 
 long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
-       int argi, long argl, long ret)
+                                  int argi, long argl, long ret)
        {
        BIO *out;
 
@@ -267,15 +269,15 @@ long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
 
        if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
                {
-               BIO_printf(out,"read from %p [%p] (%d bytes => %ld (0x%lX))\n",
-                       (void *)bio,argp,argi,ret,ret);
+               BIO_printf(out,"read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
+                       (void *)bio,argp,(unsigned long)argi,ret,ret);
                BIO_dump(out,argp,(int)ret);
                return(ret);
                }
        else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
                {
-               BIO_printf(out,"write to %p [%p] (%d bytes => %ld (0x%lX))\n",
-                       (void *)bio,argp,argi,ret,ret);
+               BIO_printf(out,"write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
+                       (void *)bio,argp,(unsigned long)argi,ret,ret);
                BIO_dump(out,argp,(int)ret);
                }
        return(ret);
@@ -336,6 +338,12 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
        case TLS1_VERSION:
                str_version = "TLS 1.0 ";
                break;
+       case DTLS1_VERSION:
+               str_version = "DTLS 1.0 ";
+               break;
+       case DTLS1_BAD_VER:
+               str_version = "DTLS 1.0 (bad) ";
+               break;
        default:
                str_version = "???";
                }
@@ -401,7 +409,10 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
                        }
                }
 
-       if (version == SSL3_VERSION || version == TLS1_VERSION)
+       if (version == SSL3_VERSION ||
+           version == TLS1_VERSION ||
+           version == DTLS1_VERSION ||
+           version == DTLS1_BAD_VER)
                {
                switch (content_type)
                        {
@@ -540,6 +551,9 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
                                case 2:
                                        str_details1 = ", ServerHello";
                                        break;
+                               case 3:
+                                       str_details1 = ", HelloVerifyRequest";
+                                       break;
                                case 11:
                                        str_details1 = ", Certificate";
                                        break;
@@ -588,5 +602,69 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
                        BIO_printf(bio, " ...");
                BIO_printf(bio, "\n");
                }
-       BIO_flush(bio);
+       (void)BIO_flush(bio);
+       }
+
+void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
+                                       unsigned char *data, int len,
+                                       void *arg)
+       {
+       BIO *bio = arg;
+       char *extname;
+
+       switch(type)
+               {
+               case TLSEXT_TYPE_server_name:
+               extname = "server name";
+               break;
+
+               case TLSEXT_TYPE_max_fragment_length:
+               extname = "max fragment length";
+               break;
+
+               case TLSEXT_TYPE_client_certificate_url:
+               extname = "client certificate URL";
+               break;
+
+               case TLSEXT_TYPE_trusted_ca_keys:
+               extname = "trusted CA keys";
+               break;
+
+               case TLSEXT_TYPE_truncated_hmac:
+               extname = "truncated HMAC";
+               break;
+
+               case TLSEXT_TYPE_status_request:
+               extname = "status request";
+               break;
+
+               case TLSEXT_TYPE_elliptic_curves:
+               extname = "elliptic curves";
+               break;
+
+               case TLSEXT_TYPE_ec_point_formats:
+               extname = "EC point formats";
+               break;
+
+               case TLSEXT_TYPE_session_ticket:
+               extname = "server ticket";
+               break;
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+               case TLSEXT_TYPE_opaque_prf_input:
+               extname = "opaque PRF input";
+               break;
+#endif
+
+               default:
+               extname = "unknown";
+               break;
+
+               }
+       
+       BIO_printf(bio, "TLS %s extension \"%s\" (id=%d), len=%d\n",
+                       client_server ? "server": "client",
+                       extname, type, len);
+       BIO_dump(bio, (char *)data, len);
+       (void)BIO_flush(bio);
        }