VMS updates.
[openssl.git] / apps / s_server.c
index aeca2ea..5498931 100644 (file)
  * [including the GNU Public Licence.]
  */
 
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#ifdef NO_STDIO
+#define APPS_WIN16
+#endif
+
 /* With IPv6, it looks like Digital has mixed up the proper order of
    recursive header file inclusion, resulting in the compiler complaining
    that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
 typedef unsigned int u_int;
 #endif
 
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#ifdef NO_STDIO
-#define APPS_WIN16
-#endif
 #include <openssl/lhash.h>
 #include <openssl/bn.h>
 #define USE_SOCKETS
@@ -226,6 +227,9 @@ static void sv_usage(void)
        BIO_printf(bio_err," -no_ssl2      - Just disable SSLv2\n");
        BIO_printf(bio_err," -no_ssl3      - Just disable SSLv3\n");
        BIO_printf(bio_err," -no_tls1      - Just disable TLSv1\n");
+#ifndef NO_DH
+       BIO_printf(bio_err," -no_dhe       - Disable ephemeral DH\n");
+#endif
        BIO_printf(bio_err," -bugs         - Turn on SSL bug compatability\n");
        BIO_printf(bio_err," -www          - Respond to a 'GET /' with a status page\n");
        BIO_printf(bio_err," -WWW          - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
@@ -393,7 +397,7 @@ int MAIN(int argc, char *argv[])
        int badop=0,bugs=0;
        int ret=1;
        int off=0;
-       int no_tmp_rsa=0,nocert=0;
+       int no_tmp_rsa=0,no_dhe=0,nocert=0;
        int state=0;
        SSL_METHOD *meth=NULL;
 #ifndef NO_DH
@@ -518,6 +522,8 @@ int MAIN(int argc, char *argv[])
                        { bugs=1; }
                else if (strcmp(*argv,"-no_tmp_rsa") == 0)
                        { no_tmp_rsa=1; }
+               else if (strcmp(*argv,"-no_dhe") == 0)
+                       { no_dhe=1; }
                else if (strcmp(*argv,"-www") == 0)
                        { www=1; }
                else if (strcmp(*argv,"-WWW") == 0)
@@ -620,21 +626,24 @@ bad:
                }
 
 #ifndef NO_DH
-       /* EAY EAY EAY evil hack */
-       dh=load_dh_param();
-       if (dh != NULL)
-               {
-               BIO_printf(bio_s_out,"Setting temp DH parameters\n");
-               }
-       else
+       if (!no_dhe)
                {
-               BIO_printf(bio_s_out,"Using default temp DH parameters\n");
-               dh=get_dh512();
-               }
-       BIO_flush(bio_s_out);
+               /* EAY EAY EAY evil hack */
+               dh=load_dh_param();
+               if (dh != NULL)
+                       {
+                       BIO_printf(bio_s_out,"Setting temp DH parameters\n");
+                       }
+               else
+                       {
+                       BIO_printf(bio_s_out,"Using default temp DH parameters\n");
+                       dh=get_dh512();
+                       }
+               (void)BIO_flush(bio_s_out);
 
-       SSL_CTX_set_tmp_dh(ctx,dh);
-       DH_free(dh);
+               SSL_CTX_set_tmp_dh(ctx,dh);
+               DH_free(dh);
+               }
 #endif
        
        if (!set_cert_stuff(ctx,s_cert_file,s_key_file))
@@ -1019,7 +1028,7 @@ static DH *load_dh_param(void)
 
        if ((bio=BIO_new_file(DH_PARAM,"r")) == NULL)
                goto err;
-       ret=PEM_read_bio_DHparams(bio,NULL,NULL);
+       ret=PEM_read_bio_DHparams(bio,NULL,NULL,NULL);
 err:
        if (bio != NULL) BIO_free(bio);
        return(ret);
@@ -1403,13 +1412,13 @@ static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
                if (!s_quiet)
                        {
                        BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength);
-                       BIO_flush(bio_err);
+                       (void)BIO_flush(bio_err);
                        }
                rsa_tmp=RSA_generate_key(keylength,RSA_F4,NULL,NULL);
                if (!s_quiet)
                        {
                        BIO_printf(bio_err,"\n");
-                       BIO_flush(bio_err);
+                       (void)BIO_flush(bio_err);
                        }
                }
        return(rsa_tmp);