#ifndef OPENSSL_NO_PSK
/* Default PSK identity and key */
static char *psk_identity="Client_identity";
-static char *psk_key=NULL; /* by default PSK is not used */
+/*char *psk_key=NULL; by default PSK is not used */
static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity,
unsigned int max_identity_len, unsigned char *psk,
BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n");
BIO_printf(bio_err," -quiet - no s_client output\n");
BIO_printf(bio_err," -ign_eof - ignore input eof (default when -quiet)\n");
+ BIO_printf(bio_err," -no_ign_eof - don't ignore input eof\n");
#ifndef OPENSSL_NO_PSK
BIO_printf(bio_err," -psk_identity arg - PSK identity\n");
BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n");
+# ifdef OPENSSL_EXPERIMENTAL_JPAKE
+ BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n");
+# endif
#endif
BIO_printf(bio_err," -ssl2 - just use SSLv2\n");
BIO_printf(bio_err," -ssl3 - just use SSLv3\n");
int stdin_set = 0;
#endif
#endif
-
#ifndef OPENSSL_NO_TLSEXT
char *servername = NULL;
tlsextctx tlsextcbp =
int peerlen = sizeof(peer);
int enable_timeouts = 0 ;
long socket_mtu = 0;
+#ifdef OPENSSL_EXPERIMENTAL_JPAKE
+ char *jpake_secret = NULL;
+#endif
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
meth=SSLv23_client_method();
}
else if (strcmp(*argv,"-ign_eof") == 0)
c_ign_eof=1;
+ else if (strcmp(*argv,"-no_ign_eof") == 0)
+ c_ign_eof=0;
else if (strcmp(*argv,"-pause") == 0)
c_Pause=1;
else if (strcmp(*argv,"-debug") == 0)
servername= *(++argv);
/* meth=TLSv1_client_method(); */
}
+#endif
+#ifdef OPENSSL_EXPERIMENTAL_JPAKE
+ else if (strcmp(*argv,"-jpake") == 0)
+ {
+ if (--argc < 1) goto bad;
+ jpake_secret = *++argv;
+ }
#endif
else
{
goto end;
}
+#if defined(OPENSSL_EXPERIMENTAL_JPAKE) && !defined(OPENSSL_NO_PSK)
+ if (jpake_secret)
+ {
+ if (psk_key)
+ {
+ BIO_printf(bio_err,
+ "Can't use JPAKE and PSK together\n");
+ goto end;
+ }
+ psk_identity = "JPAKE";
+ }
+
+ if (cipher)
+ {
+ BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
+ goto end;
+ }
+ cipher = "PSK";
+#endif
+
OpenSSL_add_ssl_algorithms();
SSL_load_error_strings();
#endif
#ifndef OPENSSL_NO_PSK
- if (psk_key != NULL)
+ if (psk_key != NULL || jpake_secret)
{
if (c_debug)
- BIO_printf(bio_c_out, "PSK key given, setting client callback\n");
+ BIO_printf(bio_c_out, "PSK key given or JPAKE in use, setting client callback\n");
SSL_CTX_set_psk_client_callback(ctx, psk_client_cb);
}
#endif
else
sbio=BIO_new_socket(s,BIO_NOCLOSE);
-
-
if (nbio_test)
{
BIO *test;
#endif
}
#endif
+#ifdef OPENSSL_EXPERIMENTAL_JPAKE
+ if (jpake_secret)
+ jpake_client_auth(bio_c_out, sbio, jpake_secret);
+#endif
SSL_set_bio(con,sbio,sbio);
SSL_set_connect_state(con);