}
X509_free(cert);
}
- if (SSL_get_server_tmp_key(c_ssl, &pkey)) {
+ if (SSL_get_peer_tmp_key(c_ssl, &pkey)) {
BIO_puts(bio_stdout, ", temp key: ");
print_key_details(bio_stdout, pkey);
EVP_PKEY_free(pkey);
goto end;
if (cipher != NULL) {
- if (!SSL_CTX_set_cipher_list(c_ctx, cipher)
- || !SSL_CTX_set_cipher_list(s_ctx, cipher)
- || !SSL_CTX_set_cipher_list(s_ctx2, cipher)) {
- ERR_print_errors(bio_err);
- goto end;
+ if (strcmp(cipher, "") == 0) {
+ if (!SSL_CTX_set_cipher_list(c_ctx, cipher)) {
+ if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_NO_CIPHER_MATCH) {
+ ERR_clear_error();
+ } else {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ } else {
+ /* Should have failed when clearing all TLSv1.2 ciphers. */
+ fprintf(stderr, "CLEARING ALL TLSv1.2 CIPHERS SHOULD FAIL\n");
+ goto end;
+ }
+
+ if (!SSL_CTX_set_cipher_list(s_ctx, cipher)) {
+ if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_NO_CIPHER_MATCH) {
+ ERR_clear_error();
+ } else {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ } else {
+ /* Should have failed when clearing all TLSv1.2 ciphers. */
+ fprintf(stderr, "CLEARING ALL TLSv1.2 CIPHERS SHOULD FAIL\n");
+ goto end;
+ }
+
+ if (!SSL_CTX_set_cipher_list(s_ctx2, cipher)) {
+ if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_NO_CIPHER_MATCH) {
+ ERR_clear_error();
+ } else {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ } else {
+ /* Should have failed when clearing all TLSv1.2 ciphers. */
+ fprintf(stderr, "CLEARING ALL TLSv1.2 CIPHERS SHOULD FAIL\n");
+ goto end;
+ }
+ } else {
+ if (!SSL_CTX_set_cipher_list(c_ctx, cipher)
+ || !SSL_CTX_set_cipher_list(s_ctx, cipher)
+ || !SSL_CTX_set_cipher_list(s_ctx2, cipher)) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
}
}
if (ciphersuites != NULL) {
projects / openssl.git / blobdiff