Updates from 1.0.0-stable

[openssl.git] / apps / s_server.c

diff --git a/apps/s_server.c b/apps/s_server.c
index 3b7fb0776524c226f307297a4844112af4b347bb..6c9e6baba41f178e49db9d0bc950efb7e52d3555 100644 (file)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -298,7 +298,9 @@ static const char *session_id_prefix=NULL;
 
 static int enable_timeouts = 0;
 static long socket_mtu;
+#ifndef OPENSSL_NO_DTLS1
 static int cert_chain = 0;
+#endif
 
 #ifndef OPENSSL_NO_PSK
 static char *psk_identity="Client_identity";
@@ -459,7 +461,7 @@ static void sv_usage(void)
        BIO_printf(bio_err," -tls1         - Just talk TLSv1\n");
        BIO_printf(bio_err," -dtls1        - Just talk DTLSv1\n");
        BIO_printf(bio_err," -timeout      - Enable timeouts\n");
-       BIO_printf(bio_err," -mtu          - Set MTU\n");
+       BIO_printf(bio_err," -mtu          - Set link layer MTU\n");
        BIO_printf(bio_err," -chain        - Read a certificate chain\n");
        BIO_printf(bio_err," -no_ssl2      - Just disable SSLv2\n");
        BIO_printf(bio_err," -no_ssl3      - Just disable SSLv3\n");
@@ -671,7 +673,7 @@ static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
                        return p->extension_error;
                if (ctx2)
                        {
-                       BIO_printf(p->biodebug,"Swiching server context.\n");
+                       BIO_printf(p->biodebug,"Switching server context.\n");
                        SSL_set_SSL_CTX(s,ctx2);
                        }     
                }
@@ -849,9 +851,7 @@ int MAIN(int argc, char *argv[])
        int state=0;
        const SSL_METHOD *meth=NULL;
        int socket_type=SOCK_STREAM;
-#ifndef OPENSSL_NO_ENGINE
        ENGINE *e=NULL;
-#endif
        char *inrand=NULL;
        int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
        char *passarg = NULL, *pass = NULL;
@@ -1222,16 +1222,16 @@ bad:
                        goto end;
                        }
                psk_identity = "JPAKE";
+               if (cipher)
+                       {
+                       BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
+                       goto end;
+                       }
+               cipher = "PSK";
                }
 
-       if (cipher)
-               {
-               BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
-               goto end;
-               }
-       cipher = "PSK";
 #endif
-               
+
        SSL_load_error_strings();
        OpenSSL_add_ssl_algorithms();
 
@@ -1825,10 +1825,10 @@ static int sv_body(char *hostname, int s, unsigned char *context)
                        BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
                        }
 
-               if (socket_mtu > 0)
+               if (socket_mtu > 28)
                        {
                        SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
-                       SSL_set_mtu(con, socket_mtu);
+                       SSL_set_mtu(con, socket_mtu - 28);
                        }
                else
                        /* want to do MTU discovery */