commit missing apps code for reneg fix

diff --git a/apps/s_cb.c b/apps/s_cb.c
index 78c8a5cc28e7e32229e6465b4e54de8538b4ab56..4d0975ab4166b40c62859a66c1138f2cb565ccf2 100644 (file)
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -338,6 +338,9 @@ void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret)
                }
        }
 
                }
        }
 

+               case TLSEXT_TYPE_renegotiate:
+               extname = "renegotiate";
+               break;

 
 void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)
        {
 
 void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)
        {

diff --git a/apps/s_client.c b/apps/s_client.c
index c97597d448a1bdb426f903ac20d97481348c4414..a4be63a1148186e631ad5f3abc95e446b7247ad3 100644 (file)
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -343,6 +343,7 @@ static void sc_usage(void)
        BIO_printf(bio_err," -status           - request certificate status from server\n");
        BIO_printf(bio_err," -no_ticket        - disable use of RFC4507bis session tickets\n");
 #endif
        BIO_printf(bio_err," -status           - request certificate status from server\n");
        BIO_printf(bio_err," -no_ticket        - disable use of RFC4507bis session tickets\n");
 #endif

+       BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");

        }
 
 #ifndef OPENSSL_NO_TLSEXT
        }
 
 #ifndef OPENSSL_NO_TLSEXT


@@ -658,6 +659,8 @@ int MAIN(int argc, char **argv)
 #endif
                else if (strcmp(*argv,"-serverpref") == 0)
                        off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
 #endif
                else if (strcmp(*argv,"-serverpref") == 0)
                        off|=SSL_OP_CIPHER_SERVER_PREFERENCE;

+               else if (strcmp(*argv,"-legacy_renegotiation") == 0)
+                       off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;

                else if (strcmp(*argv,"-cipher") == 0)
                        {
                        if (--argc < 1) goto bad;
                else if (strcmp(*argv,"-cipher") == 0)
                        {
                        if (--argc < 1) goto bad;

diff --git a/apps/s_server.c b/apps/s_server.c
index cd15c965d2ccdea7ffff6e81e3ad9fffecc87af8..8a08a306959ac478b1c4520272b43e8f6ef947d3 100644 (file)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -491,6 +491,7 @@ static void sv_usage(void)
        BIO_printf(bio_err,"                 not specified (default is %s)\n",TEST_CERT2);
        BIO_printf(bio_err," -tlsextdebug  - hex dump of all TLS extensions received\n");
        BIO_printf(bio_err," -no_ticket    - disable use of RFC4507bis session tickets\n");
        BIO_printf(bio_err,"                 not specified (default is %s)\n",TEST_CERT2);
        BIO_printf(bio_err," -tlsextdebug  - hex dump of all TLS extensions received\n");
        BIO_printf(bio_err," -no_ticket    - disable use of RFC4507bis session tickets\n");

+       BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");

 #endif
        }
 
 #endif
        }
 


@@ -1014,6 +1015,8 @@ int MAIN(int argc, char *argv[])
                        verify_return_error = 1;
                else if (strcmp(*argv,"-serverpref") == 0)
                        { off|=SSL_OP_CIPHER_SERVER_PREFERENCE; }
                        verify_return_error = 1;
                else if (strcmp(*argv,"-serverpref") == 0)
                        { off|=SSL_OP_CIPHER_SERVER_PREFERENCE; }

+               else if (strcmp(*argv,"-legacy_renegotiation") == 0)
+                       off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;

                else if (strcmp(*argv,"-cipher") == 0)
                        {
                        if (--argc < 1) goto bad;
                else if (strcmp(*argv,"-cipher") == 0)
                        {
                        if (--argc < 1) goto bad;