# include "internal/nelem.h"
# include <assert.h>
+# include <sys/types.h>
+# ifndef OPENSSL_NO_POSIX_IO
+# include <sys/stat.h>
+# include <fcntl.h>
+# endif
+
# include <openssl/e_os2.h>
# include <openssl/ossl_typ.h>
# include <openssl/bio.h>
OPT_S_ONRESUMP, OPT_S_NOLEGACYCONN, OPT_S_ALLOW_NO_DHE_KEX, \
OPT_S_PRIORITIZE_CHACHA, \
OPT_S_STRICT, OPT_S_SIGALGS, OPT_S_CLIENTSIGALGS, OPT_S_GROUPS, \
- OPT_S_CURVES, OPT_S_NAMEDCURVE, OPT_S_CIPHER, \
+ OPT_S_CURVES, OPT_S_NAMEDCURVE, OPT_S_CIPHER, OPT_S_CIPHERSUITES, \
OPT_S_RECORD_PADDING, OPT_S_DEBUGBROKE, OPT_S_COMP, \
+ OPT_S_MINPROTO, OPT_S_MAXPROTO, \
OPT_S_NO_RENEGOTIATION, OPT_S_NO_MIDDLEBOX, OPT_S__LAST
# define OPT_S_OPTIONS \
"Groups to advertise (colon-separated list)" }, \
{"named_curve", OPT_S_NAMEDCURVE, 's', \
"Elliptic curve used for ECDHE (server-side only)" }, \
- {"cipher", OPT_S_CIPHER, 's', "Specify cipher list to be used"}, \
+ {"cipher", OPT_S_CIPHER, 's', "Specify TLSv1.2 and below cipher list to be used"}, \
+ {"ciphersuites", OPT_S_CIPHERSUITES, 's', "Specify TLSv1.3 ciphersuites to be used"}, \
+ {"min_protocol", OPT_S_MINPROTO, 's', "Specify the minimum protocol version to be used"}, \
+ {"max_protocol", OPT_S_MAXPROTO, 's', "Specify the maximum protocol version to be used"}, \
{"record_padding", OPT_S_RECORD_PADDING, 's', \
"Block size to pad TLS 1.3 records to."}, \
{"debug_broken_protocol", OPT_S_DEBUGBROKE, '-', \
"Perform all sorts of protocol violations for testing purposes"}, \
- {"no_middlebox", OPT_S_NO_MIDDLEBOX, '-', "Disable TLSv1.3 middlebox compat mode" }
-
+ {"no_middlebox", OPT_S_NO_MIDDLEBOX, '-', \
+ "Disable TLSv1.3 middlebox compat mode" }
# define OPT_S_CASES \
OPT_S__FIRST: case OPT_S__LAST: break; \
case OPT_S_CURVES: \
case OPT_S_NAMEDCURVE: \
case OPT_S_CIPHER: \
+ case OPT_S_CIPHERSUITES: \
case OPT_S_RECORD_PADDING: \
case OPT_S_NO_RENEGOTIATION: \
+ case OPT_S_MINPROTO: \
+ case OPT_S_MAXPROTO: \
case OPT_S_DEBUGBROKE: \
case OPT_S_NO_MIDDLEBOX
# define OPT_FMT_SMIME (1L << 3)
# define OPT_FMT_ENGINE (1L << 4)
# define OPT_FMT_MSBLOB (1L << 5)
-# define OPT_FMT_NETSCAPE (1L << 6)
+/* (1L << 6) was OPT_FMT_NETSCAPE, but wasn't used */
# define OPT_FMT_NSS (1L << 7)
# define OPT_FMT_TEXT (1L << 8)
# define OPT_FMT_HTTP (1L << 9)
# define OPT_FMT_PDS (OPT_FMT_PEMDER | OPT_FMT_SMIME)
# define OPT_FMT_ANY ( \
OPT_FMT_PEMDER | OPT_FMT_PKCS12 | OPT_FMT_SMIME | \
- OPT_FMT_ENGINE | OPT_FMT_MSBLOB | OPT_FMT_NETSCAPE | \
- OPT_FMT_NSS | OPT_FMT_TEXT | OPT_FMT_HTTP | OPT_FMT_PVK)
+ OPT_FMT_ENGINE | OPT_FMT_MSBLOB | OPT_FMT_NSS | \
+ OPT_FMT_TEXT | OPT_FMT_HTTP | OPT_FMT_PVK)
char *opt_progname(const char *argv0);
char *opt_getprog(void);
typedef struct ca_db_st {
DB_ATTR attributes;
TXT_DB *db;
+ char *dbfname;
+# ifndef OPENSSL_NO_POSIX_IO
+ struct stat dbst;
+# endif
} CA_DB;
void* app_malloc(int sz, const char *what);
projects / openssl.git / blobdiff