X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Fs_cb.c;h=0f21838cdbe3c368c286689aa1177e5bd68b1526;hp=380fc329b06699bbfa12cb937a2b48aee578fde9;hb=c5ea65b157e17743c881b9e348524b0281b3d39f;hpb=04611fb0f178b9385c680b576824e35400784269

diff --git a/apps/s_cb.c b/apps/s_cb.c
index 380fc329b0..0f21838cdb 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -259,6 +259,7 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
 int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key,
 		       STACK_OF(X509) *chain, int build_chain)
 	{
+	int chflags = chain ? SSL_BUILD_CHAIN_FLAG_CHECK : 0;
 	if (cert == NULL)
 		return 1;
 	if (SSL_CTX_use_certificate(ctx,cert) <= 0)
@@ -288,7 +289,7 @@ int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key,
 		ERR_print_errors(bio_err);
 		return 0;
 		}
-	if (!chain && build_chain && !SSL_CTX_build_cert_chain(ctx, 0))
+	if (build_chain && !SSL_CTX_build_cert_chain(ctx, chflags))
 		{
 		BIO_printf(bio_err,"error building certificate chain\n");
 		ERR_print_errors(bio_err);
@@ -423,7 +424,7 @@ int ssl_print_sigalgs(BIO *out, SSL *s)
 		BIO_printf(out, "Peer signing digest: %s\n", OBJ_nid2sn(mdnid));
 	return 1;
 	}
- 
+#ifndef OPENSSL_NO_EC
 int ssl_print_point_formats(BIO *out, SSL *s)
 	{
 	int i, nformats;
@@ -515,7 +516,7 @@ int ssl_print_curves(BIO *out, SSL *s, int noshared)
 	BIO_puts(out, "\n");
 	return 1;
 	}
-
+#endif
 int ssl_print_tmp_key(BIO *out, SSL *s)
 	{
 	EVP_PKEY *key;
@@ -531,7 +532,7 @@ int ssl_print_tmp_key(BIO *out, SSL *s)
 	case EVP_PKEY_DH:
 		BIO_printf(out, "DH, %d bits\n", EVP_PKEY_bits(key));
 		break;
-
+#ifndef OPENSSL_NO_ECDH
 	case EVP_PKEY_EC:
 			{
 			EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
@@ -545,6 +546,7 @@ int ssl_print_tmp_key(BIO *out, SSL *s)
 			BIO_printf(out, "ECDH, %s, %d bits\n",
 						cname, EVP_PKEY_bits(key));
 			}
+#endif
 		}
 	EVP_PKEY_free(key);
 	return 1;
@@ -878,6 +880,9 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 				case 20:
 					str_details1 = ", Finished";
 					break;
+				case 23:
+					str_details1 = ", SupplementalData";
+					break;
 					}
 				}
 			}
@@ -1263,6 +1268,16 @@ static int set_cert_cb(SSL *ssl, void *arg)
 	{
 	int i, rv;
 	SSL_EXCERT *exc = arg;
+#ifdef CERT_CB_TEST_RETRY
+	static int retry_cnt;
+	if (retry_cnt < 5)
+		{
+		retry_cnt++;
+		fprintf(stderr, "Certificate callback retry test: count %d\n",
+								retry_cnt);
+		return -1;
+		}
+#endif
 	SSL_certs_clear(ssl);
 
 	if (!exc)
@@ -1676,6 +1691,12 @@ int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx,
 			}
 		}
 #endif
+	if (!SSL_CONF_CTX_finish(cctx))
+		{
+		BIO_puts(err, "Error finishing context\n");
+		ERR_print_errors(err);
+		return 0;
+		}
 	return 1;
 	}
 
@@ -1723,7 +1744,6 @@ int ssl_load_stores(SSL_CTX *ctx,
 		ch = X509_STORE_new();
 		if (!X509_STORE_load_locations(ch, chCAfile, chCApath))
 			goto err;
-		/*X509_STORE_set_verify_cb(ch, verify_callback);*/
 		SSL_CTX_set1_chain_cert_store(ctx, ch);
 		}
 	rv = 1;