#ifndef OPENSSL_NO_JPAKE
static char *jpake_secret = NULL;
+#define no_jpake !jpake_secret
+#else
+#define no_jpake 1
#endif
#ifndef OPENSSL_NO_SRP
static srpsrvparm srp_callback_parm;
char *crl_file = NULL;
int crl_format = FORMAT_PEM;
+ int crl_download = 0;
STACK_OF(X509_CRL) *crls = NULL;
meth=SSLv23_server_method();
if (--argc < 1) goto bad;
crl_file= *(++argv);
}
+ else if (strcmp(*argv,"-crl_download") == 0)
+ crl_download = 1;
#ifndef OPENSSL_NO_TLSEXT
else if (strcmp(*argv,"-authz") == 0)
{
goto end;
}
psk_identity = "JPAKE";
- if (cipher)
- {
- BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
- goto end;
- }
- cipher = "PSK";
}
-
#endif
SSL_load_error_strings();
SSL_CTX_set1_param(ctx, vpm);
ssl_ctx_add_crls(ctx, crls, 0);
-
- if (!args_ssl_call(ctx, bio_err, cctx, ssl_args, no_ecdhe))
+ if (!args_ssl_call(ctx, bio_err, cctx, ssl_args, no_ecdhe, no_jpake))
goto end;
- if (!ssl_load_stores(ctx, vfyCApath, vfyCAfile, chCApath, chCAfile, crls, 0))
+ if (!ssl_load_stores(ctx, vfyCApath, vfyCAfile, chCApath, chCAfile,
+ crls, crl_download))
{
BIO_printf(bio_err, "Error loading store locations\n");
ERR_print_errors(bio_err);
SSL_CTX_set1_param(ctx2, vpm);
ssl_ctx_add_crls(ctx2, crls, 0);
-
- if (!args_ssl_call(ctx2, bio_err, cctx, ssl_args, no_ecdhe))
+ if (!args_ssl_call(ctx2, bio_err, cctx, ssl_args, no_ecdhe, no_jpake))
goto end;
}
sk_OPENSSL_STRING_free(ssl_args);
if (cctx)
SSL_CONF_CTX_free(cctx);
+#ifndef OPENSSL_NO_JPAKE
+ if (jpake_secret && psk_key)
+ OPENSSL_free(psk_key);
+#endif
if (bio_s_out != NULL)
{
- BIO_free(bio_s_out);
+ BIO_free(bio_s_out);
bio_s_out=NULL;
}
if (bio_s_msg != NULL)
projects / oweals / openssl.git / blobdiff