unsigned char *psk,
unsigned int max_psk_len)
{
- unsigned int psk_len = 0;
- int ret;
- BIGNUM *bn = NULL;
+ long key_len = 0;
+ unsigned char *key;
if (s_debug)
BIO_printf(bio_s_out, "psk_server_cb\n");
BIO_printf(bio_s_out, "PSK client identity found\n");
/* convert the PSK key to binary */
- ret = BN_hex2bn(&bn, psk_key);
- if (!ret) {
- BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
+ key = OPENSSL_hexstr2buf(psk_key, &key_len);
+ if (key == NULL) {
+ BIO_printf(bio_err, "Could not convert PSK key '%s' to buffer\n",
psk_key);
- BN_free(bn);
return 0;
}
- if (BN_num_bytes(bn) > (int)max_psk_len) {
+ if (key_len > (int)max_psk_len) {
BIO_printf(bio_err,
- "psk buffer of callback is too small (%d) for key (%d)\n",
- max_psk_len, BN_num_bytes(bn));
- BN_free(bn);
+ "psk buffer of callback is too small (%d) for key (%ld)\n",
+ max_psk_len, key_len);
+ OPENSSL_free(key);
return 0;
}
- ret = BN_bn2bin(bn, psk);
- BN_free(bn);
-
- if (ret < 0)
- goto out_err;
- psk_len = (unsigned int)ret;
+ memcpy(psk, key, key_len);
+ OPENSSL_free(key);
if (s_debug)
- BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len);
- return psk_len;
+ BIO_printf(bio_s_out, "fetched PSK len=%ld\n", key_len);
+ return key_len;
out_err:
if (s_debug)
BIO_printf(bio_err, "Error in PSK server callback\n");
BIO_puts(bio_err, "cert_status: Can't retrieve issuer certificate.\n");
goto done;
}
- req = OCSP_REQUEST_new();
- if (req == NULL)
- goto err;
id = OCSP_cert_to_id(NULL, x, X509_OBJECT_get0_X509(obj));
X509_OBJECT_free(obj);
if (!id)
goto err;
+ req = OCSP_REQUEST_new();
+ if (req == NULL)
+ goto err;
if (!OCSP_request_add0_id(req, id))
goto err;
id = NULL;
{NULL, OPT_EOF, 0, NULL}
};
+#define IS_PROT_FLAG(o) \
+ (o == OPT_SSL3 || o == OPT_TLS1 || o == OPT_TLS1_1 || o == OPT_TLS1_2 \
+ || o == OPT_DTLS || o == OPT_DTLS1 || o == OPT_DTLS1_2)
+
int s_server_main(int argc, char *argv[])
{
ENGINE *engine = NULL;
char *srpuserseed = NULL;
char *srp_verifier_file = NULL;
#endif
- int min_version = 0, max_version = 0;
+ int min_version = 0, max_version = 0, prot_opt = 0, no_prot_opt = 0;
local_argc = argc;
local_argv = argv;
prog = opt_init(argc, argv, s_server_options);
while ((o = opt_next()) != OPT_EOF) {
+ if (IS_PROT_FLAG(o) && ++prot_opt > 1) {
+ BIO_printf(bio_err, "Cannot supply multiple protocol flags\n");
+ goto end;
+ }
+ if (IS_NO_PROT_FLAG(o))
+ no_prot_opt++;
+ if (prot_opt == 1 && no_prot_opt) {
+ BIO_printf(bio_err, "Cannot supply both a protocol flag and "
+ "\"-no_<prot>\"\n");
+ goto end;
+ }
switch (o) {
case OPT_EOF:
case OPT_ERR:
tv.tv_sec = 1;
tv.tv_usec = 0;
i = select(width, (void *)&readfds, NULL, NULL, &tv);
- if ((i < 0) || (!i && !_kbhit()))
- continue;
- if (_kbhit())
+ if (has_stdin_waiting())
read_from_terminal = 1;
+ if ((i < 0) || (!i && !read_from_terminal))
+ continue;
#else
if ((SSL_version(con) == DTLS1_VERSION) &&
DTLSv1_get_timeout(con, &timeout))
BIO_ADDR_free(client);
dtlslisten = 0;
i = SSL_accept(con);
+ } else {
+ BIO_ADDR_free(client);
}
} else
#endif
first = NULL;
}
-#endif
+#endif /* OPENSSL_NO_SOCK */
projects / openssl.git / blobdiff