Update from 1.0.0-stable
[openssl.git] / apps / s_cb.c
index 92d9ae8..3fc73a2 100644 (file)
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
 
 int verify_depth=0;
 int verify_error=X509_V_OK;
+int verify_return_error=0;
 
 int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
        {
@@ -142,7 +143,8 @@ int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
                        X509_verify_cert_error_string(err));
                if (verify_depth >= depth)
                        {
-                       ok=1;
+                       if (!verify_return_error)
+                               ok=1;
                        verify_error=X509_V_OK;
                        }
                else
@@ -258,7 +260,7 @@ int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key)
        }
 
 long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
-       int argi, long argl, long ret)
+                                  int argi, long argl, long ret)
        {
        BIO *out;
 
@@ -267,15 +269,15 @@ long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
 
        if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
                {
-               BIO_printf(out,"read from %p [%p] (%d bytes => %ld (0x%lX))\n",
-                       (void *)bio,argp,argi,ret,ret);
+               BIO_printf(out,"read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
+                       (void *)bio,argp,(unsigned long)argi,ret,ret);
                BIO_dump(out,argp,(int)ret);
                return(ret);
                }
        else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
                {
-               BIO_printf(out,"write to %p [%p] (%d bytes => %ld (0x%lX))\n",
-                       (void *)bio,argp,argi,ret,ret);
+               BIO_printf(out,"write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
+                       (void *)bio,argp,(unsigned long)argi,ret,ret);
                BIO_dump(out,argp,(int)ret);
                }
        return(ret);
@@ -283,7 +285,7 @@ long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
 
 void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret)
        {
-       char *str;
+       const char *str;
        int w;
 
        w=where& ~SSL_ST_MASK;
@@ -336,6 +338,12 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
        case TLS1_VERSION:
                str_version = "TLS 1.0 ";
                break;
+       case DTLS1_VERSION:
+               str_version = "DTLS 1.0 ";
+               break;
+       case DTLS1_BAD_VER:
+               str_version = "DTLS 1.0 (bad) ";
+               break;
        default:
                str_version = "???";
                }
@@ -346,14 +354,14 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 
                if (len > 0)
                        {
-                       switch (((unsigned char*)buf)[0])
+                       switch (((const unsigned char*)buf)[0])
                                {
                                case 0:
                                        str_details1 = ", ERROR:";
                                        str_details2 = " ???";
                                        if (len >= 3)
                                                {
-                                               unsigned err = (((unsigned char*)buf)[1]<<8) + ((unsigned char*)buf)[2];
+                                               unsigned err = (((const unsigned char*)buf)[1]<<8) + ((const unsigned char*)buf)[2];
                                                
                                                switch (err)
                                                        {
@@ -401,7 +409,10 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
                        }
                }
 
-       if (version == SSL3_VERSION || version == TLS1_VERSION)
+       if (version == SSL3_VERSION ||
+           version == TLS1_VERSION ||
+           version == DTLS1_VERSION ||
+           version == DTLS1_BAD_VER)
                {
                switch (content_type)
                        {
@@ -422,7 +433,7 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
                        
                        if (len == 2)
                                {
-                               switch (((unsigned char*)buf)[0])
+                               switch (((const unsigned char*)buf)[0])
                                        {
                                case 1:
                                        str_details1 = ", warning";
@@ -433,7 +444,7 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
                                        }
 
                                str_details2 = " ???";
-                               switch (((unsigned char*)buf)[1])
+                               switch (((const unsigned char*)buf)[1])
                                        {
                                case 0:
                                        str_details2 = " close_notify";
@@ -504,6 +515,21 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
                                case 100:
                                        str_details2 = " no_renegotiation";
                                        break;
+                               case 110:
+                                       str_details2 = " unsupported_extension";
+                                       break;
+                               case 111:
+                                       str_details2 = " certificate_unobtainable";
+                                       break;
+                               case 112:
+                                       str_details2 = " unrecognized_name";
+                                       break;
+                               case 113:
+                                       str_details2 = " bad_certificate_status_response";
+                                       break;
+                               case 114:
+                                       str_details2 = " bad_certificate_hash_value";
+                                       break;
                                        }
                                }
                        }
@@ -514,7 +540,7 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 
                        if (len > 0)
                                {
-                               switch (((unsigned char*)buf)[0])
+                               switch (((const unsigned char*)buf)[0])
                                        {
                                case 0:
                                        str_details1 = ", HelloRequest";
@@ -525,6 +551,9 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
                                case 2:
                                        str_details1 = ", ServerHello";
                                        break;
+                               case 3:
+                                       str_details1 = ", HelloVerifyRequest";
+                                       break;
                                case 11:
                                        str_details1 = ", Certificate";
                                        break;
@@ -567,11 +596,75 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
                        {
                        if (i % 16 == 0 && i > 0)
                                BIO_printf(bio, "\n   ");
-                       BIO_printf(bio, " %02x", ((unsigned char*)buf)[i]);
+                       BIO_printf(bio, " %02x", ((const unsigned char*)buf)[i]);
                        }
                if (i < len)
                        BIO_printf(bio, " ...");
                BIO_printf(bio, "\n");
                }
-       BIO_flush(bio);
+       (void)BIO_flush(bio);
+       }
+
+void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
+                                       unsigned char *data, int len,
+                                       void *arg)
+       {
+       BIO *bio = arg;
+       char *extname;
+
+       switch(type)
+               {
+               case TLSEXT_TYPE_server_name:
+               extname = "server name";
+               break;
+
+               case TLSEXT_TYPE_max_fragment_length:
+               extname = "max fragment length";
+               break;
+
+               case TLSEXT_TYPE_client_certificate_url:
+               extname = "client certificate URL";
+               break;
+
+               case TLSEXT_TYPE_trusted_ca_keys:
+               extname = "trusted CA keys";
+               break;
+
+               case TLSEXT_TYPE_truncated_hmac:
+               extname = "truncated HMAC";
+               break;
+
+               case TLSEXT_TYPE_status_request:
+               extname = "status request";
+               break;
+
+               case TLSEXT_TYPE_elliptic_curves:
+               extname = "elliptic curves";
+               break;
+
+               case TLSEXT_TYPE_ec_point_formats:
+               extname = "EC point formats";
+               break;
+
+               case TLSEXT_TYPE_session_ticket:
+               extname = "server ticket";
+               break;
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+               case TLSEXT_TYPE_opaque_prf_input:
+               extname = "opaque PRF input";
+               break;
+#endif
+
+               default:
+               extname = "unknown";
+               break;
+
+               }
+       
+       BIO_printf(bio, "TLS %s extension \"%s\" (id=%d), len=%d\n",
+                       client_server ? "server": "client",
+                       extname, type, len);
+       BIO_dump(bio, (char *)data, len);
+       (void)BIO_flush(bio);
        }