#include <stdio.h>
#include <stdlib.h>
+#include <string.h> /* for memcpy() and strcmp() */
#define USE_SOCKETS
#define NON_MAIN
#include "apps.h"
if (ncurves <= 0)
return 1;
curves = OPENSSL_malloc(ncurves * sizeof(int));
+ if (!curves) {
+ BIO_puts(out, "Malloc error getting supported curves\n");
+ return 0;
+ }
SSL_get1_curves(s, curves);
+
BIO_puts(out, "Supported Elliptic Curves: ");
for (i = 0; i < ncurves; i++) {
if (i)
if (cmd == (BIO_CB_READ | BIO_CB_RETURN)) {
BIO_printf(out, "read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
- (void *)bio, argp, (unsigned long)argi, ret, ret);
+ (void *)bio, (void *)argp, (unsigned long)argi, ret, ret);
BIO_dump(out, argp, (int)ret);
return (ret);
} else if (cmd == (BIO_CB_WRITE | BIO_CB_RETURN)) {
BIO_printf(out, "write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
- (void *)bio, argp, (unsigned long)argi, ret, ret);
+ (void *)bio, (void *)argp, (unsigned long)argi, ret, ret);
BIO_dump(out, argp, (int)ret);
}
return (ret);
extname = "next protocol";
break;
#endif
+#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
+ case TLSEXT_TYPE_application_layer_protocol_negotiation:
+ extname = "application layer protocol negotiation";
+ break;
+#endif
case TLSEXT_TYPE_padding:
extname = "TLS padding";
/* Initialize a random secret */
if (!cookie_initialized) {
- if (!RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH)) {
+ if (RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH) <= 0) {
BIO_printf(bio_err, "error setting random cookie secret\n");
return 0;
}
}
int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx,
- int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr)
+ int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr,
+ int *no_prot_opt)
{
char *arg = **pargs, *argn = (*pargs)[1];
int rv;
+ if (strcmp(arg, "-no_ssl2") == 0 || strcmp(arg, "-no_ssl3") == 0
+ || strcmp(arg, "-no_tls1") == 0 || strcmp(arg, "-no_tls1_1") == 0
+ || strcmp(arg, "-no_tls1_2") == 0) {
+ *no_prot_opt = 1;
+ }
+
/* Attempt to run SSL configuration command */
rv = SSL_CONF_cmd_argv(cctx, pargc, pargs);
/* If parameter not recognised just return */