RFC4507 (including RFC4507bis) TLS stateless session resumption support

[openssl.git] / apps / s_server.c

diff --git a/apps/s_server.c b/apps/s_server.c
index ac43e5aac1de0b3d46cc48cc39fe0f6140fee4b5..fc6256afe8bf334bec3474fdf4fe94434ddcc84b 100644 (file)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -281,6 +281,9 @@ static int www=0;
 
 static BIO *bio_s_out=NULL;
 static int s_debug=0;
+#ifndef OPENSSL_NO_TLSEXT
+static int s_tlsextdebug=0;
+#endif
 static int s_msg=0;
 static int s_quiet=0;
 
@@ -869,6 +872,10 @@ int MAIN(int argc, char *argv[])
                        }
                else if (strcmp(*argv,"-debug") == 0)
                        { s_debug=1; }
+#ifndef OPENSSL_NO_TLSEXT
+               else if (strcmp(*argv,"-tlsextdebug") == 0)
+                       s_tlsextdebug=1;
+#endif
                else if (strcmp(*argv,"-msg") == 0)
                        { s_msg=1; }
                else if (strcmp(*argv,"-hack") == 0)
@@ -922,6 +929,10 @@ int MAIN(int argc, char *argv[])
                        { off|=SSL_OP_NO_TLSv1; }
                else if (strcmp(*argv,"-no_comp") == 0)
                        { off|=SSL_OP_NO_COMPRESSION; }
+#ifndef OPENSSL_NO_TLSEXT
+               else if (strcmp(*argv,"-no_ticket") == 0)
+                       { off|=SSL_OP_NO_TICKET; }
+#endif
 #ifndef OPENSSL_NO_SSL2
                else if (strcmp(*argv,"-ssl2") == 0)
                        { meth=SSLv2_server_method(); }
@@ -1447,6 +1458,7 @@ bad:
                }
 
        BIO_printf(bio_s_out,"ACCEPT\n");
+       BIO_flush(bio_s_out);
        if (www)
                do_server(port,socket_type,&accept_socket,www_body, context);
        else
@@ -1540,6 +1552,13 @@ static int sv_body(char *hostname, int s, unsigned char *context)
 
        if (con == NULL) {
                con=SSL_new(ctx);
+#ifndef OPENSSL_NO_TLSEXT
+       if (s_tlsextdebug)
+               {
+               SSL_set_tlsext_debug_callback(con, tlsext_cb);
+               SSL_set_tlsext_debug_arg(con, bio_s_out);
+               }
+#endif
 #ifndef OPENSSL_NO_KRB5
                if ((con->kssl_ctx = kssl_ctx_new()) != NULL)
                         {
@@ -1602,13 +1621,20 @@ static int sv_body(char *hostname, int s, unsigned char *context)
                {
                con->debug=1;
                BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
-               BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
+               BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);
                }
        if (s_msg)
                {
                SSL_set_msg_callback(con, msg_cb);
                SSL_set_msg_callback_arg(con, bio_s_out);
                }
+#ifndef OPENSSL_NO_TLSEXT
+       if (s_tlsextdebug)
+               {
+               SSL_set_tlsext_debug_callback(con, tlsext_cb);
+               SSL_set_tlsext_debug_arg(con, bio_s_out);
+               }
+#endif
 
        width=s+1;
        for (;;)
@@ -1988,6 +2014,13 @@ static int www_body(char *hostname, int s, unsigned char *context)
        if (!BIO_set_write_buffer_size(io,bufsize)) goto err;
 
        if ((con=SSL_new(ctx)) == NULL) goto err;
+#ifndef OPENSSL_NO_TLSEXT
+               if (s_tlsextdebug)
+                       {
+                       SSL_set_tlsext_debug_callback(con, tlsext_cb);
+                       SSL_set_tlsext_debug_arg(con, bio_s_out);
+                       }
+#endif
 #ifndef OPENSSL_NO_KRB5
        if ((con->kssl_ctx = kssl_ctx_new()) != NULL)
                {
@@ -2020,7 +2053,7 @@ static int www_body(char *hostname, int s, unsigned char *context)
                {
                con->debug=1;
                BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
-               BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
+               BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);
                }
        if (s_msg)
                {