#ifndef OPENSSL_NO_DH
static DH *load_dh_param(const char *dhfile);
#endif
-
-/* static int load_CA(SSL_CTX *ctx, char *file);*/
+static void print_connection_info(SSL *con);
static const int bufsize = 16 * 1024;
static int accept_socket = -1;
#ifndef OPENSSL_NO_DTLS
static int enable_timeouts = 0;
static long socket_mtu;
-
#endif
+
+/*
+ * We define this but make it always be 0 in no-dtls builds to simplify the
+ * code.
+ */
static int dtlslisten = 0;
+static int early_data = 0;
+
#ifndef OPENSSL_NO_PSK
-static char *psk_identity = "Client_identity";
+static const char psk_identity[] = "Client_identity";
char *psk_key = NULL; /* by default PSK is not used */
-int early_data = 0;
-
static unsigned int psk_server_cb(SSL *ssl, const char *identity,
unsigned char *psk,
unsigned int max_psk_len)
}
/* Structure passed to cert status callback */
-
typedef struct tlsextstatusctx_st {
int timeout;
/* File to load OCSP Response from (or NULL if no file) */
/* This is the context that we pass to next_proto_cb */
typedef struct tlsextnextprotoctx_st {
unsigned char *data;
- unsigned int len;
+ size_t len;
} tlsextnextprotoctx;
static int next_proto_cb(SSL *s, const unsigned char **data,
tlsextalpnctx alpn_ctx = { NULL, 0 };
#ifndef OPENSSL_NO_PSK
/* by default do not send a PSK identity hint */
- static char *psk_identity_hint = NULL;
+ char *psk_identity_hint = NULL;
char *p;
#endif
#ifndef OPENSSL_NO_SRP
}
#if !defined(OPENSSL_NO_NEXTPROTONEG)
if (next_proto_neg_in) {
- size_t len;
- next_proto.data = next_protos_parse(&len, next_proto_neg_in);
+ next_proto.data = next_protos_parse(&next_proto.len, next_proto_neg_in);
if (next_proto.data == NULL)
goto end;
- next_proto.len = len;
- } else {
- next_proto.data = NULL;
}
#endif
alpn_ctx.data = NULL;
if (alpn_in) {
- size_t len;
- alpn_ctx.data = next_protos_parse(&len, alpn_in);
+ alpn_ctx.data = next_protos_parse(&alpn_ctx.len, alpn_in);
if (alpn_ctx.data == NULL)
goto end;
- alpn_ctx.len = len;
}
if (crl_file) {
}
if (early_data) {
- int write_header = 1, edret = SSL_READ_EARLY_ERROR;
+ int write_header = 1, edret = SSL_READ_EARLY_DATA_ERROR;
size_t readbytes;
- while (edret != SSL_READ_EARLY_FINISH) {
+ while (edret != SSL_READ_EARLY_DATA_FINISH) {
for (;;) {
- edret = SSL_read_early(con, buf, bufsize, &readbytes);
- if (edret != SSL_READ_EARLY_ERROR)
+ edret = SSL_read_early_data(con, buf, bufsize, &readbytes);
+ if (edret != SSL_READ_EARLY_DATA_ERROR)
break;
switch (SSL_get_error(con, 0)) {
BIO_printf(bio_s_out, "No early data received\n");
else
BIO_printf(bio_s_out, "\nEnd of early data\n");
+ if (SSL_is_init_finished(con))
+ print_connection_info(con);
}
if (fileno_stdin() > s)
static int init_ssl_connection(SSL *con)
{
int i;
- const char *str;
- X509 *peer;
long verify_err;
- char buf[BUFSIZ];
-#if !defined(OPENSSL_NO_NEXTPROTONEG)
- const unsigned char *next_proto_neg;
- unsigned next_proto_neg_len;
-#endif
- unsigned char *exportedkeymat;
int retry = 0;
#ifndef OPENSSL_NO_DTLS
return (0);
}
+ print_connection_info(con);
+ return 1;
+}
+
+static void print_connection_info(SSL *con)
+{
+ const char *str;
+ X509 *peer;
+ char buf[BUFSIZ];
+#if !defined(OPENSSL_NO_NEXTPROTONEG)
+ const unsigned char *next_proto_neg;
+ unsigned next_proto_neg_len;
+#endif
+ unsigned char *exportedkeymat;
+ int i;
+
if (s_brief)
print_ssl_summary(con);
}
(void)BIO_flush(bio_s_out);
- return (1);
}
#ifndef OPENSSL_NO_DH
projects / openssl.git / blobdiff