Add -show_chain option to print out verified chain.
[openssl.git] / apps / sess_id.c
index bad6364..b16686c 100644 (file)
 #include <stdlib.h>
 #include <string.h>
 #include "apps.h"
-#include "bio.h"
-#include "err.h"
-#include "x509.h"
-#include "pem.h"
-#include "ssl.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/ssl.h>
 
 #undef PROG
 #define PROG   sess_id_main
 
-static char *sess_id_usage[]={
+static const char *sess_id_usage[]={
 "usage: sess_id args\n",
 "\n",
-" -inform arg     - input format - default PEM (one of DER, TXT or PEM)\n",
+" -inform arg     - input format - default PEM (DER or PEM)\n",
 " -outform arg    - output format - default PEM\n",
 " -in arg         - input file - default stdin\n",
 " -out arg        - output file - default stdout\n",
 " -text           - print ssl session id details\n",
 " -cert           - output certificate \n",
 " -noout          - no CRL output\n",
+" -context arg    - set the session ID context\n",
 NULL
 };
 
-#ifndef NOPROTO
 static SSL_SESSION *load_sess_id(char *file, int format);
-#else
-static SSL_SESSION *load_sess_id();
-#endif
 
-int MAIN(argc, argv)
-int argc;
-char **argv;
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
        {
        SSL_SESSION *x=NULL;
+       X509 *peer = NULL;
        int ret=1,i,num,badops=0;
        BIO *out=NULL;
        int informat,outformat;
-       char *infile=NULL,*outfile=NULL;
+       char *infile=NULL,*outfile=NULL,*context=NULL;
        int cert=0,noout=0,text=0;
-       char **pp;
+       const char **pp;
 
        apps_startup();
 
@@ -140,6 +138,11 @@ char **argv;
                        cert= ++num;
                else if (strcmp(*argv,"-noout") == 0)
                        noout= ++num;
+               else if (strcmp(*argv,"-context") == 0)
+                   {
+                   if(--argc < 1) goto bad;
+                   context=*++argv;
+                   }
                else
                        {
                        BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -154,13 +157,25 @@ char **argv;
                {
 bad:
                for (pp=sess_id_usage; (*pp != NULL); pp++)
-                       BIO_printf(bio_err,*pp);
+                       BIO_printf(bio_err,"%s",*pp);
                goto end;
                }
 
        ERR_load_crypto_strings();
        x=load_sess_id(infile,informat);
        if (x == NULL) { goto end; }
+       peer = SSL_SESSION_get0_peer(x);
+
+       if(context)
+           {
+           size_t ctx_len = strlen(context);
+           if(ctx_len > SSL_MAX_SID_CTX_LENGTH)
+               {
+               BIO_printf(bio_err,"Context too long\n");
+               goto end;
+               }
+           SSL_SESSION_set1_id_context(x, (unsigned char *)context, ctx_len);
+           }
 
 #ifdef undef
        /* just testing for memory leaks :-) */
@@ -193,7 +208,15 @@ bad:
                        }
 
                if (outfile == NULL)
+                       {
                        BIO_set_fp(out,stdout,BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+                       {
+                       BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+                       out = BIO_push(tmpbio, out);
+                       }
+#endif
+                       }
                else
                        {
                        if (BIO_write_filename(out,outfile) <= 0)
@@ -210,17 +233,17 @@ bad:
 
                if (cert)
                        {
-                       if (x->peer == NULL)
+                       if (peer == NULL)
                                BIO_puts(out,"No certificate present\n");
                        else
-                               X509_print(out,x->peer);
+                               X509_print(out,peer);
                        }
                }
 
        if (!noout && !cert)
                {
                if      (outformat == FORMAT_ASN1)
-                       i=(int)i2d_SSL_SESSION_bio(out,x);
+                       i=i2d_SSL_SESSION_bio(out,x);
                else if (outformat == FORMAT_PEM)
                        i=PEM_write_bio_SSL_SESSION(out,x);
                else    {
@@ -232,12 +255,12 @@ bad:
                        goto end;
                        }
                }
-       else if (!noout && (x->peer != NULL)) /* just print the certificate */
+       else if (!noout && (peer != NULL)) /* just print the certificate */
                {
                if      (outformat == FORMAT_ASN1)
-                       i=(int)i2d_X509_bio(out,x->peer);
+                       i=(int)i2d_X509_bio(out,peer);
                else if (outformat == FORMAT_PEM)
-                       i=PEM_write_bio_X509(out,x->peer);
+                       i=PEM_write_bio_X509(out,peer);
                else    {
                        BIO_printf(bio_err,"bad output format specified for outfile\n");
                        goto end;
@@ -249,14 +272,13 @@ bad:
                }
        ret=0;
 end:
-       if (out != NULL) BIO_free(out);
+       if (out != NULL) BIO_free_all(out);
        if (x != NULL) SSL_SESSION_free(x);
-       EXIT(ret);
+       apps_shutdown();
+       OPENSSL_EXIT(ret);
        }
 
-static SSL_SESSION *load_sess_id(infile, format)
-char *infile;
-int format;
+static SSL_SESSION *load_sess_id(char *infile, int format)
        {
        SSL_SESSION *x=NULL;
        BIO *in=NULL;
@@ -281,7 +303,7 @@ int format;
        if      (format == FORMAT_ASN1)
                x=d2i_SSL_SESSION_bio(in,NULL);
        else if (format == FORMAT_PEM)
-               x=PEM_read_bio_SSL_SESSION(in,NULL,NULL);
+               x=PEM_read_bio_SSL_SESSION(in,NULL,NULL,NULL);
        else    {
                BIO_printf(bio_err,"bad input format specified for input crl\n");
                goto end;