for (byte = 0; *in; ++in) {
char c;
- if (isspace(*in))
+ if (isspace(_UC(*in)))
continue;
- c = tolower(*in);
+ c = tolower(_UC(*in));
if ('0' <= c && c <= '9') {
byte |= c - '0';
} else if ('a' <= c && c <= 'f') {
e = restore_errno();
if (((v == LONG_MIN || v == LONG_MAX) && e == ERANGE) ||
- endp == in || !isspace(*endp) ||
+ endp == in || !isspace(_UC(*endp)) ||
v != (*result = (uint8_t) v)) {
return -1;
}
- for (in = endp; isspace(*in); ++in)
+ for (in = endp; isspace(_UC(*in)); ++in)
continue;
*inptr = in;
OPT_CERT_CHAIN, OPT_CAPATH, OPT_NOCAPATH, OPT_CHAINCAPATH, OPT_VERIFYCAPATH,
OPT_KEY, OPT_RECONNECT, OPT_BUILD_CHAIN, OPT_CAFILE, OPT_NOCAFILE,
OPT_CHAINCAFILE, OPT_VERIFYCAFILE, OPT_NEXTPROTONEG, OPT_ALPN,
- OPT_SERVERINFO, OPT_STARTTLS, OPT_SERVERNAME, OPT_JPAKE,
+ OPT_SERVERINFO, OPT_STARTTLS, OPT_SERVERNAME,
OPT_USE_SRTP, OPT_KEYMATEXPORT, OPT_KEYMATEXPORTLEN, OPT_SMTPHOST,
OPT_ASYNC,
OPT_V_ENUM,
#ifndef OPENSSL_NO_PSK
{"psk_identity", OPT_PSK_IDENTITY, 's', "PSK identity"},
{"psk", OPT_PSK, 's', "PSK in hex (without 0x)"},
-# ifndef OPENSSL_NO_JPAKE
- {"jpake", OPT_JPAKE, 's', "JPAKE secret to use"},
-# endif
#endif
#ifndef OPENSSL_NO_SRP
{"srpuser", OPT_SRPUSER, 's', "SRP authentification for 'user'"},
char *inrand = NULL;
char *passarg = NULL, *pass = NULL, *vfyCApath = NULL, *vfyCAfile = NULL;
char *sess_in = NULL, *sess_out = NULL, *crl_file = NULL, *p;
- char *jpake_secret = NULL, *xmpphost = NULL;
+ char *xmpphost = NULL;
const char *ehlo = "mail.example.com";
struct sockaddr peer;
struct timeval timeout, *timeoutp;
break;
case OPT_PSK:
for (p = psk_key = opt_arg(); *p; p++) {
- if (isxdigit(*p))
+ if (isxdigit(_UC(*p)))
continue;
BIO_printf(bio_err, "Not a hex number '%s'\n", psk_key);
goto end;
case OPT_SERVERNAME:
servername = opt_arg();
break;
- case OPT_JPAKE:
-#ifndef OPENSSL_NO_JPAKE
- jpake_secret = opt_arg();
-#endif
- break;
case OPT_USE_SRTP:
srtp_profiles = opt_arg();
break;
"Can't use unix sockets and datagrams together\n");
goto end;
}
-#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
- if (jpake_secret) {
- if (psk_key) {
- BIO_printf(bio_err, "Can't use JPAKE and PSK together\n");
- goto end;
- }
- psk_identity = "JPAKE";
- }
-#endif
#if !defined(OPENSSL_NO_NEXTPROTONEG)
next_proto.status = -1;
if (async) {
SSL_CTX_set_mode(ctx, SSL_MODE_ASYNC);
- ASYNC_init(1, 0, 0);
}
- if (!config_ctx(cctx, ssl_args, ctx, jpake_secret == NULL))
+ if (!config_ctx(cctx, ssl_args, ctx))
goto end;
if (!ssl_load_stores(ctx, vfyCApath, vfyCAfile, chCApath, chCAfile,
#endif
#ifndef OPENSSL_NO_PSK
- if (psk_key != NULL || jpake_secret) {
+ if (psk_key != NULL) {
if (c_debug)
BIO_printf(bio_c_out,
- "PSK key given or JPAKE in use, setting client callback\n");
+ "PSK key given, setting client callback\n");
SSL_CTX_set_psk_client_callback(ctx, psk_client_cb);
}
#endif
SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb);
SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out);
}
-#ifndef OPENSSL_NO_JPAKE
- if (jpake_secret)
- jpake_client_auth(bio_c_out, sbio, jpake_secret);
-#endif
SSL_set_bio(con, sbio, sbio);
SSL_set_connect_state(con);
print_stuff(bio_c_out, con, 1);
SSL_free(con);
}
- if (async) {
- ASYNC_cleanup(1);
- }
#if !defined(OPENSSL_NO_NEXTPROTONEG)
OPENSSL_free(next_proto.data);
#endif
const SSL_CIPHER *c;
X509_NAME *xn;
int i;
- int mdpth;
- EVP_PKEY *mspki;
- const char *peername;
#ifndef OPENSSL_NO_COMP
const COMP_METHOD *comp, *expansion;
#endif
BIO_number_read(SSL_get_rbio(s)),
BIO_number_written(SSL_get_wbio(s)));
}
- if ((mdpth = SSL_get0_dane_authority(s, NULL, &mspki)) >= 0) {
- uint8_t usage, selector, mtype;
- mdpth = SSL_get0_dane_tlsa(s, &usage, &selector, &mtype, NULL, NULL);
- BIO_printf(bio, "DANE TLSA %d %d %d %s at depth %d\n",
- usage, selector, mtype,
- (mspki != NULL) ? "TA public key verified certificate" :
- mdpth ? "matched TA certificate" : "matched EE certificate",
- mdpth);
- }
- if (SSL_get_verify_result(s) == X509_V_OK &&
- (peername = SSL_get0_peername(s)) != NULL)
- BIO_printf(bio, "Verified peername: %s\n", peername);
- BIO_printf(bio, (SSL_cache_hit(s) ? "---\nReused, " : "---\nNew, "));
+ print_verify_detail(s, bio);
+ BIO_printf(bio, (SSL_session_reused(s) ? "---\nReused, " : "---\nNew, "));
c = SSL_get_current_cipher(s);
BIO_printf(bio, "%s, Cipher is %s\n",
SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));