X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=apps%2Fs_server.c;h=29ed59863871741b0b8e58724b650800d8c0a3bb;hb=2006dd12d693499ecbf532748ecbb819868f6951;hp=86d2ca70c41a08ac343191209f96900d7939fdaf;hpb=52b621db88e28c12290b94b0f730204f424b44a0;p=oweals%2Fopenssl.git diff --git a/apps/s_server.c b/apps/s_server.c index 86d2ca70c4..29ed598638 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -83,7 +83,7 @@ typedef unsigned int u_int; #include #include #include -#include +#include #include "s_apps.h" #ifdef WINDOWS @@ -177,7 +177,6 @@ static int s_debug=0; static int s_quiet=0; static int hack=0; -static char *engine_id=NULL; #ifdef MONOLITH static void s_server_init(void) @@ -200,7 +199,6 @@ static void s_server_init(void) s_debug=0; s_quiet=0; hack=0; - engine_id=NULL; } #endif @@ -231,7 +229,6 @@ static void sv_usage(void) BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n"); BIO_printf(bio_err," -cipher arg - play with 'openssl ciphers' to see what goes here\n"); - BIO_printf(bio_err," -serverpref - Use server's cipher preferences\n"); BIO_printf(bio_err," -quiet - No server output\n"); BIO_printf(bio_err," -no_tmp_rsa - Do not generate a tmp RSA key\n"); BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); @@ -246,7 +243,6 @@ static void sv_usage(void) BIO_printf(bio_err," -bugs - Turn on SSL bug compatibility\n"); BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n"); BIO_printf(bio_err," -WWW - Respond to a 'GET / HTTP/1.0' with file ./\n"); - BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); } @@ -417,8 +413,10 @@ int MAIN(int argc, char *argv[]) int no_tmp_rsa=0,no_dhe=0,nocert=0; int state=0; SSL_METHOD *meth=NULL; - ENGINE *e=NULL; char *inrand=NULL; +#ifndef NO_DH + DH *dh=NULL; +#endif #if !defined(NO_SSL2) && !defined(NO_SSL3) meth=SSLv23_server_method(); @@ -511,8 +509,6 @@ int MAIN(int argc, char *argv[]) if (--argc < 1) goto bad; CApath= *(++argv); } - else if (strcmp(*argv,"-serverpref") == 0) - { off|=SSL_OP_CIPHER_SERVER_PREFERENCE; } else if (strcmp(*argv,"-cipher") == 0) { if (--argc < 1) goto bad; @@ -572,11 +568,6 @@ int MAIN(int argc, char *argv[]) else if (strcmp(*argv,"-tls1") == 0) { meth=TLSv1_server_method(); } #endif - else if (strcmp(*argv,"-engine") == 0) - { - if (--argc < 1) goto bad; - engine_id= *(++argv); - } else if (strcmp(*argv,"-rand") == 0) { if (--argc < 1) goto bad; @@ -633,29 +624,6 @@ bad: SSL_load_error_strings(); OpenSSL_add_ssl_algorithms(); - if (engine_id != NULL) - { - if((e = ENGINE_by_id(engine_id)) == NULL) - { - BIO_printf(bio_err,"invalid engine\n"); - ERR_print_errors(bio_err); - goto end; - } - if (s_debug) - { - ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM, - 0, bio_err, 0); - } - if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) - { - BIO_printf(bio_err,"can't use that engine\n"); - ERR_print_errors(bio_err); - goto end; - } - BIO_printf(bio_err,"engine \"%s\" set.\n", engine_id); - ENGINE_free(e); - } - ctx=SSL_CTX_new(meth); if (ctx == NULL) { @@ -696,13 +664,7 @@ bad: #ifndef NO_DH if (!no_dhe) { - DH *dh=NULL; - - if (dhfile) - dh = load_dh_param(dhfile); - else if (s_cert_file) - dh = load_dh_param(s_cert_file); - + dh=load_dh_param(dhfile ? dhfile : s_cert_file); if (dh != NULL) { BIO_printf(bio_s_out,"Setting temp DH parameters\n"); @@ -729,7 +691,8 @@ bad: #ifndef NO_RSA #if 1 - SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb); + if (!no_tmp_rsa) + SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb); #else if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) { @@ -838,13 +801,6 @@ static int sv_body(char *hostname, int s, unsigned char *context) if (con == NULL) { con=SSL_new(ctx); -#ifndef NO_KRB5 - if ((con->kssl_ctx = kssl_ctx_new()) != NULL) - { - kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE, KRB5SVC); - kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB, KRB5KEYTAB); - } -#endif /* NO_KRB5 */ if(context) SSL_set_session_id_context(con, context, strlen((char *)context));