+ {"use_srtp", OPT_SRTP_PROFILES, '<',
+ "Offer SRTP key management with a colon-separated profile list"},
+ {"alpn", OPT_ALPN, 's',
+ "Set the advertised protocols for the ALPN extension (comma-separated list)"},
+#endif
+ {"keymatexport", OPT_KEYMATEXPORT, 's',
+ "Export keying material using label"},
+ {"keymatexportlen", OPT_KEYMATEXPORTLEN, 'p',
+ "Export len bytes of keying material (default 20)"},
+ {"CRL", OPT_CRL, '<'},
+ {"crl_download", OPT_CRL_DOWNLOAD, '-'},
+ {"cert_chain", OPT_CERT_CHAIN, '<'},
+ {"dcert_chain", OPT_DCERT_CHAIN, '<'},
+ {"chainCApath", OPT_CHAINCAPATH, '/'},
+ {"verifyCApath", OPT_VERIFYCAPATH, '/'},
+ {"no_cache", OPT_NO_CACHE, '-'},
+ {"ext_cache", OPT_EXT_CACHE, '-'},
+ {"CRLform", OPT_CRLFORM, 'F'},
+ {"verify_return_error", OPT_VERIFY_RET_ERROR, '-'},
+ {"verify_quiet", OPT_VERIFY_QUIET, '-'},
+ {"build_chain", OPT_BUILD_CHAIN, '-'},
+ {"chainCAfile", OPT_CHAINCAFILE, '<'},
+ {"verifyCAfile", OPT_VERIFYCAFILE, '<'},
+ {"ign_eof", OPT_IGN_EOF, '-'},
+ {"no_ign_eof", OPT_NO_IGN_EOF, '-'},
+ {"status", OPT_STATUS, '-'},
+ {"status_verbose", OPT_STATUS_VERBOSE, '-'},
+ {"status_timeout", OPT_STATUS_TIMEOUT, 'n'},
+ {"status_url", OPT_STATUS_URL, 's'},
+ {"trace", OPT_TRACE, '-'},
+ {"security_debug", OPT_SECURITY_DEBUG, '-'},
+ {"security_debug_verbose", OPT_SECURITY_DEBUG_VERBOSE, '-'},
+ {"brief", OPT_BRIEF, '-'},
+ {"rev", OPT_REV, '-'},
+#ifndef OPENSSL_NO_ENGINE
+ {"engine", OPT_ENGINE, 's'},
+#endif
+ OPT_S_OPTIONS,
+ OPT_V_OPTIONS,
+ OPT_X_OPTIONS,
+ {NULL}
+};
+
+int s_server_main(int argc, char *argv[])
+{
+ ENGINE *e = NULL;
+ EVP_PKEY *s_key = NULL, *s_dkey = NULL;
+ SSL_CONF_CTX *cctx = NULL;
+ const SSL_METHOD *meth = SSLv23_server_method();
+ SSL_EXCERT *exc = NULL;
+ STACK_OF(OPENSSL_STRING) *ssl_args = NULL;
+ STACK_OF(X509) *s_chain = NULL, *s_dchain = NULL;
+ STACK_OF(X509_CRL) *crls = NULL;
+ X509 *s_cert = NULL, *s_dcert = NULL;
+ X509_VERIFY_PARAM *vpm = NULL;
+ char *CApath = NULL, *CAfile = NULL, *chCApath = NULL, *chCAfile = NULL;
+ char *dhfile = NULL, *dpassarg = NULL, *dpass = NULL, *inrand = NULL;
+ char *passarg = NULL, *pass = NULL, *vfyCApath = NULL, *vfyCAfile = NULL;
+ char *crl_file = NULL, *prog, *p;
+ const char *unix_path = NULL;
+#ifndef NO_SYS_UN_H
+ int unlink_unix_path = 0;
+#endif
+ int (*server_cb) (char *hostname, int s, int stype,
+ unsigned char *context);
+ int vpmtouched = 0, build_chain = 0, no_cache = 0, ext_cache = 0;
+ int no_tmp_rsa = 0, no_dhe = 0, no_ecdhe = 0, nocert = 0, ret = 1;
+ int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
+ int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM;
+ int rev = 0, naccept = -1, sdebug = 0, socket_type = SOCK_STREAM;
+ int state = 0, crl_format = FORMAT_PEM, crl_download = 0;
+ unsigned short port = PORT;
+ unsigned char *context = NULL;
+ OPTION_CHOICE o;
+#ifndef OPENSSL_NO_TLSEXT
+ EVP_PKEY *s_key2 = NULL;
+ X509 *s_cert2 = NULL;
+ tlsextctx tlsextcbp = { NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING };
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ const char *next_proto_neg_in = NULL;
+ tlsextnextprotoctx next_proto = { NULL, 0 };
+# endif
+ const char *alpn_in = NULL;
+ tlsextalpnctx alpn_ctx = { NULL, 0 };