return(1);
}
-long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp, int argi,
- long argl, long ret)
+int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key)
+ {
+ if (cert == NULL)
+ return 1;
+ if (SSL_CTX_use_certificate(ctx,cert) <= 0)
+ {
+ BIO_printf(bio_err,"error setting certificate\n");
+ ERR_print_errors(bio_err);
+ return 0;
+ }
+ if (SSL_CTX_use_PrivateKey(ctx,key) <= 0)
+ {
+ BIO_printf(bio_err,"error setting private key\n");
+ ERR_print_errors(bio_err);
+ return 0;
+ }
+
+
+ /* Now we know that a key and cert have been set against
+ * the SSL context */
+ if (!SSL_CTX_check_private_key(ctx))
+ {
+ BIO_printf(bio_err,"Private key does not match the certificate public key\n");
+ return 0;
+ }
+ return 1;
+ }
+
+long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
+ int argi, long argl, long ret)
{
BIO *out;
void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret)
{
- char *str;
+ const char *str;
int w;
w=where& ~SSL_ST_MASK;
if (len > 0)
{
- switch (((unsigned char*)buf)[0])
+ switch (((const unsigned char*)buf)[0])
{
case 0:
str_details1 = ", ERROR:";
str_details2 = " ???";
if (len >= 3)
{
- unsigned err = (((unsigned char*)buf)[1]<<8) + ((unsigned char*)buf)[2];
+ unsigned err = (((const unsigned char*)buf)[1]<<8) + ((const unsigned char*)buf)[2];
switch (err)
{
if (len == 2)
{
- switch (((unsigned char*)buf)[0])
+ switch (((const unsigned char*)buf)[0])
{
case 1:
str_details1 = ", warning";
}
str_details2 = " ???";
- switch (((unsigned char*)buf)[1])
+ switch (((const unsigned char*)buf)[1])
{
case 0:
str_details2 = " close_notify";
if (len > 0)
{
- switch (((unsigned char*)buf)[0])
+ switch (((const unsigned char*)buf)[0])
{
case 0:
str_details1 = ", HelloRequest";
{
if (i % 16 == 0 && i > 0)
BIO_printf(bio, "\n ");
- BIO_printf(bio, " %02x", ((unsigned char*)buf)[i]);
+ BIO_printf(bio, " %02x", ((const unsigned char*)buf)[i]);
}
if (i < len)
BIO_printf(bio, " ...");
BIO_printf(bio, "\n");
}
- BIO_flush(bio);
+ (void)BIO_flush(bio);
+ }
+
+void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
+ unsigned char *data, int len,
+ void *arg)
+ {
+ BIO *bio = arg;
+ char *extname;
+
+ switch(type)
+ {
+ case TLSEXT_TYPE_server_name:
+ extname = "server name";
+ break;
+
+ case TLSEXT_TYPE_max_fragment_length:
+ extname = "max fragment length";
+ break;
+
+ case TLSEXT_TYPE_client_certificate_url:
+ extname = "client certificate URL";
+ break;
+
+ case TLSEXT_TYPE_trusted_ca_keys:
+ extname = "trusted CA keys";
+ break;
+
+ case TLSEXT_TYPE_truncated_hmac:
+ extname = "truncated HMAC";
+ break;
+
+ case TLSEXT_TYPE_status_request:
+ extname = "status request";
+ break;
+
+ case TLSEXT_TYPE_elliptic_curves:
+ extname = "elliptic curves";
+ break;
+
+ case TLSEXT_TYPE_ec_point_formats:
+ extname = "EC point formats";
+ break;
+
+ case TLSEXT_TYPE_session_ticket:
+ extname = "server ticket";
+ break;
+
+
+ default:
+ extname = "unknown";
+ break;
+
+ }
+
+ BIO_printf(bio, "TLS %s extension \"%s\" (id=%d), len=%d\n",
+ client_server ? "server": "client",
+ extname, type, len);
+ BIO_dump(bio, (char *)data, len);
+ (void)BIO_flush(bio);
}