* OTHERWISE.
*/
-#include <assert.h>
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
"Set the advertised protocols for the NPN extension (comma-separated list)"},
#endif
#ifndef OPENSSL_NO_SRTP
- {"use_srtp", OPT_SRTP_PROFILES, '<',
+ {"use_srtp", OPT_SRTP_PROFILES, 's',
"Offer SRTP key management with a colon-separated profile list"},
{"alpn", OPT_ALPN, 's',
"Set the advertised protocols for the ALPN extension (comma-separated list)"},
if (s_quiet && !s_debug) {
bio_s_out = BIO_new(BIO_s_null());
if (s_msg && !bio_s_msg)
- bio_s_msg = dup_bio_out();
+ bio_s_msg = dup_bio_out(FORMAT_TEXT);
} else {
if (bio_s_out == NULL)
- bio_s_out = dup_bio_out();
+ bio_s_out = dup_bio_out(FORMAT_TEXT);
}
}
#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
if (ctx2)
SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile));
}
+ if (s_tlsextstatus) {
+ SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
+ SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
+ if (ctx2) {
+ SSL_CTX_set_tlsext_status_cb(ctx2, cert_status_cb);
+ SSL_CTX_set_tlsext_status_arg(ctx2, &tlscstatp);
+ }
+ }
BIO_printf(bio_s_out, "ACCEPT\n");
(void)BIO_flush(bio_s_out);
SSL_set_tlsext_debug_callback(con, tlsext_cb);
SSL_set_tlsext_debug_arg(con, bio_s_out);
}
- if (s_tlsextstatus) {
- SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
- SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
- }
if (context
&& !SSL_set_session_id_context(con,
{
while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP
&& SSL_state(con) == SSL3_ST_SR_CLNT_HELLO_C) {
- fprintf(stderr,
- "LOOKUP from certificate callback during accept\n");
+ BIO_printf(bio_err,
+ "LOOKUP from certificate callback during accept\n");
i = SSL_accept(con);
}
}
#endif
if (SSL_cache_hit(con))
BIO_printf(bio_s_out, "Reused session-id\n");
- if (SSL_ctrl(con, SSL_CTRL_GET_FLAGS, 0, NULL) &
- TLS1_FLAGS_TLS_PADDING_BUG)
- BIO_printf(bio_s_out, "Peer has incorrect TLSv1 block padding\n");
BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
if (keymatexportlabel != NULL) {
#ifdef RENEG
total_bytes += i;
- fprintf(stderr, "%d\n", i);
+ BIO_printf(bio_err, "%d\n", i);
if (total_bytes > 3 * 1024) {
total_bytes = 0;
- fprintf(stderr, "RENEGOTIATE\n");
+ BIO_printf(bio_err, "RENEGOTIATE\n");
SSL_renegotiate(con);
}
#endif