NISTZ256: owur'ize.

[oweals/openssl.git] / apps / s_server.c

diff --git a/apps/s_server.c b/apps/s_server.c
index 2aaa2cb7da0aa84f7805b6d289ea9a08943f84e0..e12db0c86615d7bb901c9f334cc1ee68c7a16843 100644 (file)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -228,6 +228,8 @@ static int s_server_verify = SSL_VERIFY_NONE;
 static int s_server_session_id_context = 1; /* anything will do */
 static const char *s_cert_file = TEST_CERT, *s_key_file =
     NULL, *s_chain_file = NULL;
+static const char *krb5svc = NULL;
+static const char *krb5tab = NULL;
 #ifndef OPENSSL_NO_TLSEXT
 static const char *s_cert_file2 = TEST_CERT2, *s_key_file2 = NULL;
 #endif
@@ -338,6 +340,8 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity,
  out_err:
     if (s_debug)
         BIO_printf(bio_err, "Error in PSK server callback\n");
+    (void)BIO_flush(bio_err);
+    (void)BIO_flush(bio_s_out);
     return 0;
 }
 #endif
@@ -837,7 +841,8 @@ typedef enum OPTION_choice {
     OPT_SRTP_PROFILES, OPT_KEYMATEXPORT, OPT_KEYMATEXPORTLEN,
     OPT_S_ENUM,
     OPT_V_ENUM,
-    OPT_X_ENUM
+    OPT_X_ENUM,
+    OPT_KRB5SVC, OPT_KRBTAB
 } OPTION_CHOICE;
 
 OPTIONS s_server_options[] = {
@@ -895,6 +900,8 @@ OPTIONS s_server_options[] = {
     {"jpake", OPT_JPAKE, 's', "JPAKE secret to use"},
 # endif
 #endif
+    {"krb5svc", OPT_KRB5SVC, 's', "Kerberos service name"},
+    {"keytab", OPT_KRBTAB, '<', "Kerberos keytab file"},
 #ifndef OPENSSL_NO_SRP
     {"srpvfile", OPT_SRPVFILE, '<', "The verifier file for SRP"},
     {"srpuserseed", OPT_SRPUSERSEED, 's',
@@ -1376,7 +1383,7 @@ int s_server_main(int argc, char *argv[])
             session_id_prefix = opt_arg();
             break;
         case OPT_ENGINE:
-            engine_id = opt_arg();
+            e = setup_engine(opt_arg(), 1);
             break;
         case OPT_RAND:
             inrand = opt_arg();
@@ -1411,6 +1418,12 @@ int s_server_main(int argc, char *argv[])
         case OPT_JPAKE:
             goto opthelp;
 #endif
+        case OPT_KRB5SVC:
+            krb5svc = opt_arg();
+            break;
+        case OPT_KRBTAB:
+            krb5tab = opt_arg();
+            break;
         case OPT_SRTP_PROFILES:
             srtp_profiles = opt_arg();
             break;
@@ -1447,10 +1460,6 @@ int s_server_main(int argc, char *argv[])
     }
 #endif
 
-#ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine_id, 1);
-#endif
-
     if (!app_passwd(passarg, dpassarg, &pass, &dpass)) {
         BIO_printf(bio_err, "Error getting password\n");
         goto end;
@@ -2404,6 +2413,7 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
     }
     if (ret >= 0)
         BIO_printf(bio_s_out, "ACCEPT\n");
+    (void)BIO_flush(bio_s_out);
     return (ret);
 }
 
@@ -2724,7 +2734,22 @@ static int www_body(char *hostname, int s, int stype, unsigned char *context)
 /*                      BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
             BIO_puts(io, "\n");
             for (i = 0; i < local_argc; i++) {
-                BIO_puts(io, local_argv[i]);
+                const char *myp;
+                for (myp = local_argv[i]; *myp; myp++)
+                    switch (*myp) {
+                    case '<':
+                        BIO_puts(io, "&lt;");
+                        break;
+                    case '>':
+                        BIO_puts(io, "&gt;");
+                        break;
+                    case '&':
+                        BIO_puts(io, "&amp;");
+                        break;
+                    default:
+                        BIO_write(io, myp, 1);
+                        break;
+                    }
                 BIO_write(io, " ", 1);
             }
             BIO_puts(io, "\n");
@@ -3155,6 +3180,7 @@ static int add_session(SSL *ssl, SSL_SESSION *session)
     sess->derlen = i2d_SSL_SESSION(session, NULL);
     if (sess->derlen < 0) {
         BIO_printf(bio_err, "Error encoding session\n");
+        OPENSSL_free(sess);
         return 0;
     }
 
@@ -3162,10 +3188,8 @@ static int add_session(SSL *ssl, SSL_SESSION *session)
     sess->der = OPENSSL_malloc(sess->derlen);
     if (!sess->id || !sess->der) {
         BIO_printf(bio_err, "Out of memory adding to external cache\n");
-        if (sess->id)
-            OPENSSL_free(sess->id);
-        if (sess->der)
-            OPENSSL_free(sess->der);
+        OPENSSL_free(sess->id);
+        OPENSSL_free(sess->der);
         OPENSSL_free(sess);
         return 0;
     }
@@ -3173,7 +3197,10 @@ static int add_session(SSL *ssl, SSL_SESSION *session)
 
     /* Assume it still works. */
     if (i2d_SSL_SESSION(session, &p) != sess->derlen) {
-        BIO_printf(bio_err, "Error encoding session\n");
+        BIO_printf(bio_err, "Unexpected session encoding length\n");
+        OPENSSL_free(sess->id);
+        OPENSSL_free(sess->der);
+        OPENSSL_free(sess);
         return 0;
     }