static int cmd_curves(SSL_CONF_CTX *cctx, const char *value)
{
int rv;
- if (!(cctx->flags & SSL_CONF_FLAG_CLIENT))
- return -2;
if (cctx->ssl)
rv = SSL_set1_curves_list(cctx->ssl, value);
/* NB: ctx == NULL performs syntax checking only */
onoff = 0;
value++;
}
- if (strcasecmp(value, "automatic"))
+ if (!strcasecmp(value, "automatic"))
+ {
+ if (onoff == -1)
+ onoff = 1;
+ }
+ else if (onoff != -1)
return 0;
}
else if (cctx->flags & SSL_CONF_FLAG_CMDLINE)
rv = SSL_CTX_set_cipher_list(cctx->ctx, value);
if (cctx->ssl)
rv = SSL_set_cipher_list(cctx->ssl, value);
- return rv;
+ return rv > 0;
}
static int cmd_protocol(SSL_CONF_CTX *cctx, const char *value)
size_t i;
if (cmd == NULL)
{
- SSLerr(SSL_F_SSL_CONF_CTX_CMD, SSL_R_INVALID_NULL_CMD_NAME);
+ SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_INVALID_NULL_CMD_NAME);
return 0;
}
/* If a prefix is set, check and skip */
if (runcmd)
{
+ int rv;
if (value == NULL)
return -3;
- if (t->cmd(cctx, value))
+ rv = t->cmd(cctx, value);
+ if (rv > 0)
return 2;
+ if (rv == -2)
+ return -2;
if (cctx->flags & SSL_CONF_FLAG_SHOW_ERRORS)
{
- SSLerr(SSL_F_SSL_CONF_CTX_CMD, SSL_R_BAD_VALUE);
+ SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_BAD_VALUE);
ERR_add_error_data(4, "cmd=", cmd, ", value=", value);
}
- return -1;
+ return 0;
}
if (cctx->flags & SSL_CONF_FLAG_CMDLINE)
if (cctx->flags & SSL_CONF_FLAG_SHOW_ERRORS)
{
- SSLerr(SSL_F_SSL_CONF_CTX_CMD, SSL_R_UNKNOWN_CMD_NAME);
+ SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_UNKNOWN_CMD_NAME);
ERR_add_error_data(2, "cmd=", cmd);
}