X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=apps%2Fs_server.c;h=328fcaff73baaac9b7e1a0d475d3386f373503bc;hp=f9ee28e527b8457acc2001a67bdae27bee632146;hb=d82a612a9058eeb26a79161eac3fb978aa522ce9;hpb=9c54e18bf037aad58dd19346fe23866a444df05c diff --git a/apps/s_server.c b/apps/s_server.c index f9ee28e527..328fcaff73 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -281,6 +281,9 @@ static int www=0; static BIO *bio_s_out=NULL; static int s_debug=0; +#ifndef OPENSSL_NO_TLSEXT +static int s_tlsextdebug=0; +#endif static int s_msg=0; static int s_quiet=0; @@ -314,7 +317,7 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity, } if (s_debug) BIO_printf(bio_s_out,"identity_len=%d identity=%s\n", - identity ? strlen(identity) : 0, identity); + identity ? (int)strlen(identity) : 0, identity); /* here we could lookup the given identity e.g. from a database */ if (strcmp(identity, psk_identity) != 0) @@ -471,6 +474,8 @@ static void sv_usage(void) BIO_printf(bio_err," (default is %s)\n",TEST_CERT2); BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n"); BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2); + BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); + BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); #endif } @@ -869,6 +874,10 @@ int MAIN(int argc, char *argv[]) } else if (strcmp(*argv,"-debug") == 0) { s_debug=1; } +#ifndef OPENSSL_NO_TLSEXT + else if (strcmp(*argv,"-tlsextdebug") == 0) + s_tlsextdebug=1; +#endif else if (strcmp(*argv,"-msg") == 0) { s_msg=1; } else if (strcmp(*argv,"-hack") == 0) @@ -922,6 +931,10 @@ int MAIN(int argc, char *argv[]) { off|=SSL_OP_NO_TLSv1; } else if (strcmp(*argv,"-no_comp") == 0) { off|=SSL_OP_NO_COMPRESSION; } +#ifndef OPENSSL_NO_TLSEXT + else if (strcmp(*argv,"-no_ticket") == 0) + { off|=SSL_OP_NO_TICKET; } +#endif #ifndef OPENSSL_NO_SSL2 else if (strcmp(*argv,"-ssl2") == 0) { meth=SSLv2_server_method(); } @@ -1447,7 +1460,7 @@ bad: } BIO_printf(bio_s_out,"ACCEPT\n"); - BIO_flush(bio_s_out); + (void)BIO_flush(bio_s_out); if (www) do_server(port,socket_type,&accept_socket,www_body, context); else @@ -1541,6 +1554,13 @@ static int sv_body(char *hostname, int s, unsigned char *context) if (con == NULL) { con=SSL_new(ctx); +#ifndef OPENSSL_NO_TLSEXT + if (s_tlsextdebug) + { + SSL_set_tlsext_debug_callback(con, tlsext_cb); + SSL_set_tlsext_debug_arg(con, bio_s_out); + } +#endif #ifndef OPENSSL_NO_KRB5 if ((con->kssl_ctx = kssl_ctx_new()) != NULL) { @@ -1610,6 +1630,13 @@ static int sv_body(char *hostname, int s, unsigned char *context) SSL_set_msg_callback(con, msg_cb); SSL_set_msg_callback_arg(con, bio_s_out); } +#ifndef OPENSSL_NO_TLSEXT + if (s_tlsextdebug) + { + SSL_set_tlsext_debug_callback(con, tlsext_cb); + SSL_set_tlsext_debug_arg(con, bio_s_out); + } +#endif width=s+1; for (;;) @@ -1989,6 +2016,13 @@ static int www_body(char *hostname, int s, unsigned char *context) if (!BIO_set_write_buffer_size(io,bufsize)) goto err; if ((con=SSL_new(ctx)) == NULL) goto err; +#ifndef OPENSSL_NO_TLSEXT + if (s_tlsextdebug) + { + SSL_set_tlsext_debug_callback(con, tlsext_cb); + SSL_set_tlsext_debug_arg(con, bio_s_out); + } +#endif #ifndef OPENSSL_NO_KRB5 if ((con->kssl_ctx = kssl_ctx_new()) != NULL) {