X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=apps%2Fs_server.c;h=23d2217625a3176e5b570f47be1570e2123369a7;hb=3008a7d819dfcfd4de999b2931245c41336534bc;hp=ead4d90e15fcf31860dd6f6be81259d2afd49e1e;hpb=2124e869a8da94e0540d44df15bbf6007da3bf91;p=oweals%2Fopenssl.git

diff --git a/apps/s_server.c b/apps/s_server.c
index ead4d90e15..23d2217625 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -283,11 +283,10 @@ static char *engine_id=NULL;
 static const char *session_id_prefix=NULL;
 
 static int enable_timeouts = 0;
-#ifdef mtu
-#undef mtu
-#endif
-static long mtu;
+static long socket_mtu;
+#ifndef OPENSSL_NO_DTLS1
 static int cert_chain = 0;
+#endif
 
 
 #ifdef MONOLITH
@@ -375,7 +374,7 @@ static void sv_usage(void)
 	BIO_printf(bio_err," -tls1         - Just talk TLSv1\n");
 	BIO_printf(bio_err," -dtls1        - Just talk DTLSv1\n");
 	BIO_printf(bio_err," -timeout      - Enable timeouts\n");
-	BIO_printf(bio_err," -mtu          - Set MTU\n");
+	BIO_printf(bio_err," -mtu          - Set link layer MTU\n");
 	BIO_printf(bio_err," -chain        - Read a certificate chain\n");
 	BIO_printf(bio_err," -no_ssl2      - Just disable SSLv2\n");
 	BIO_printf(bio_err," -no_ssl3      - Just disable SSLv3\n");
@@ -742,7 +741,9 @@ BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids));
 #endif
 int MAIN(int, char **);
 
+#ifndef OPENSSL_NO_JPAKE
 static char *jpake_secret = NULL;
+#endif
 
 int MAIN(int argc, char *argv[])
 	{
@@ -762,9 +763,7 @@ int MAIN(int argc, char *argv[])
 	int state=0;
 	SSL_METHOD *meth=NULL;
         int socket_type=SOCK_STREAM;
-#ifndef OPENSSL_NO_ENGINE
 	ENGINE *e=NULL;
-#endif
 	char *inrand=NULL;
 	int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
 	char *passarg = NULL, *pass = NULL;
@@ -1032,7 +1031,7 @@ int MAIN(int argc, char *argv[])
 		else if (strcmp(*argv,"-mtu") == 0)
 			{
 			if (--argc < 1) goto bad;
-			mtu = atol(*(++argv));
+			socket_mtu = atol(*(++argv));
 			}
 		else if (strcmp(*argv, "-chain") == 0)
 			cert_chain = 1;
@@ -1074,11 +1073,13 @@ int MAIN(int argc, char *argv[])
 			}
 			
 #endif
+#ifndef OPENSSL_NO_JPAKE
 		else if (strcmp(*argv,"-jpake") == 0)
 			{
 			if (--argc < 1) goto bad;
 			jpake_secret = *(++argv);
 			}
+#endif
 		else
 			{
 			BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -1658,10 +1659,10 @@ static int sv_body(char *hostname, int s, unsigned char *context)
 			}
 
 		
-		if ( mtu > 0)
+		if (socket_mtu > 28)
 			{
 			SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
-			SSL_set_mtu(con, mtu);
+			SSL_set_mtu(con, socket_mtu - 28);
 			}
 		else
 			/* want to do MTU discovery */
@@ -1680,9 +1681,10 @@ static int sv_body(char *hostname, int s, unsigned char *context)
 		test=BIO_new(BIO_f_nbio_test());
 		sbio=BIO_push(test,sbio);
 		}
-
+#ifndef OPENSSL_NO_JPAKE
 	if(jpake_secret)
 		jpake_server_auth(bio_s_out, sbio, jpake_secret);
+#endif
 
 	SSL_set_bio(con,sbio,sbio);
 	SSL_set_accept_state(con);