BIO_printf(bio_err," -Verify arg - turn on peer certificate verification, must have a cert.\n");
BIO_printf(bio_err," -cert arg - certificate file to use\n");
BIO_printf(bio_err," (default is %s)\n",TEST_CERT);
+ BIO_printf(bio_err," -crl_check - check the peer certificate has not been revoked by its CA.\n" \
+ " The CRL(s) are appended to the certificate file\n");
+ BIO_printf(bio_err," -crl_check_all - check the peer certificate has not been revoked by its CA\n" \
+ " or any other CRL in the CA chain. CRL(s) are appened to the\n" \
+ " the certificate file.\n");
BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n");
BIO_printf(bio_err," -key arg - Private Key file to use, in cert file if\n");
BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT);
int use_ssl;
unsigned char *rspder = NULL;
int rspderlen;
- STACK *aia = NULL;
+ STACK_OF(STRING) *aia = NULL;
X509 *x = NULL;
X509_STORE_CTX inctx;
X509_OBJECT obj;
aia = X509_get1_ocsp(x);
if (aia)
{
- if (!OCSP_parse_url(sk_value(aia, 0),
+ if (!OCSP_parse_url(sk_STRING_value(aia, 0),
&host, &port, &path, &use_ssl))
{
BIO_puts(err, "cert_status: can't parse AIA URL\n");
}
if (srctx->verbose)
BIO_printf(err, "cert_status: AIA URL: %s\n",
- sk_value(aia, 0));
+ sk_STRING_value(aia, 0));
}
else
{
int MAIN(int, char **);
+static char *jpake_secret = NULL;
+
int MAIN(int argc, char *argv[])
{
X509_STORE *store = NULL;
EVP_PKEY *s_key2 = NULL;
X509 *s_cert2 = NULL;
#endif
-
#ifndef OPENSSL_NO_TLSEXT
tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING};
#endif
if (--argc < 1) goto bad;
s_key_file2= *(++argv);
}
+
#endif
+ else if (strcmp(*argv,"-jpake") == 0)
+ {
+ if (--argc < 1) goto bad;
+ jpake_secret = *(++argv);
+ }
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
test=BIO_new(BIO_f_nbio_test());
sbio=BIO_push(test,sbio);
}
+
+ if(jpake_secret)
+ jpake_server_auth(bio_s_out, sbio, jpake_secret);
+
SSL_set_bio(con,sbio,sbio);
SSL_set_accept_state(con);
/* SSL_set_fd(con,s); */
int ret=1;
int i,j,k,blank,dot;
SSL *con;
- SSL_CIPHER *c;
+ const SSL_CIPHER *c;
BIO *io,*ssl_bio,*sbio;
long total_bytes;