X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=apps%2Fs_server.c;h=29ed59863871741b0b8e58724b650800d8c0a3bb;hb=2006dd12d693499ecbf532748ecbb819868f6951;hp=c83337b828f5ffe6be58c943af6e862e40c7c1c4;hpb=cf1b7d96647d55e533f779e476e3d4371f40445a;p=oweals%2Fopenssl.git diff --git a/apps/s_server.c b/apps/s_server.c index c83337b828..29ed598638 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -62,7 +62,7 @@ #include #include #include -#ifdef OPENSSL_NO_STDIO +#ifdef NO_STDIO #define APPS_WIN16 #endif @@ -83,7 +83,7 @@ typedef unsigned int u_int; #include #include #include -#include +#include #include "s_apps.h" #ifdef WINDOWS @@ -95,7 +95,7 @@ typedef unsigned int u_int; #undef FIONBIO #endif -#ifndef OPENSSL_NO_RSA +#ifndef NO_RSA static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength); #endif static int sv_body(char *hostname, int s, unsigned char *context); @@ -104,7 +104,7 @@ static void close_accept_socket(void ); static void sv_usage(void); static int init_ssl_connection(SSL *s); static void print_stats(BIO *bp,SSL_CTX *ctx); -#ifndef OPENSSL_NO_DH +#ifndef NO_DH static DH *load_dh_param(char *dhfile); static DH *get_dh512(void); #endif @@ -120,7 +120,7 @@ static void s_server_init(void); # endif #endif -#ifndef OPENSSL_NO_DH +#ifndef NO_DH static unsigned char dh512_p[]={ 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75, 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F, @@ -177,7 +177,6 @@ static int s_debug=0; static int s_quiet=0; static int hack=0; -static char *engine_id=NULL; #ifdef MONOLITH static void s_server_init(void) @@ -200,7 +199,6 @@ static void s_server_init(void) s_debug=0; s_quiet=0; hack=0; - engine_id=NULL; } #endif @@ -231,7 +229,6 @@ static void sv_usage(void) BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n"); BIO_printf(bio_err," -cipher arg - play with 'openssl ciphers' to see what goes here\n"); - BIO_printf(bio_err," -serverpref - Use server's cipher preferences\n"); BIO_printf(bio_err," -quiet - No server output\n"); BIO_printf(bio_err," -no_tmp_rsa - Do not generate a tmp RSA key\n"); BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); @@ -240,13 +237,12 @@ static void sv_usage(void) BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n"); BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n"); -#ifndef OPENSSL_NO_DH +#ifndef NO_DH BIO_printf(bio_err," -no_dhe - Disable ephemeral DH\n"); #endif BIO_printf(bio_err," -bugs - Turn on SSL bug compatibility\n"); BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n"); BIO_printf(bio_err," -WWW - Respond to a 'GET / HTTP/1.0' with file ./\n"); - BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); } @@ -417,14 +413,16 @@ int MAIN(int argc, char *argv[]) int no_tmp_rsa=0,no_dhe=0,nocert=0; int state=0; SSL_METHOD *meth=NULL; - ENGINE *e=NULL; char *inrand=NULL; +#ifndef NO_DH + DH *dh=NULL; +#endif -#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) +#if !defined(NO_SSL2) && !defined(NO_SSL3) meth=SSLv23_server_method(); -#elif !defined(OPENSSL_NO_SSL3) +#elif !defined(NO_SSL3) meth=SSLv3_server_method(); -#elif !defined(OPENSSL_NO_SSL2) +#elif !defined(NO_SSL2) meth=SSLv2_server_method(); #endif @@ -511,8 +509,6 @@ int MAIN(int argc, char *argv[]) if (--argc < 1) goto bad; CApath= *(++argv); } - else if (strcmp(*argv,"-serverpref") == 0) - { off|=SSL_OP_CIPHER_SERVER_PREFERENCE; } else if (strcmp(*argv,"-cipher") == 0) { if (--argc < 1) goto bad; @@ -560,23 +556,18 @@ int MAIN(int argc, char *argv[]) { off|=SSL_OP_NO_SSLv3; } else if (strcmp(*argv,"-no_tls1") == 0) { off|=SSL_OP_NO_TLSv1; } -#ifndef OPENSSL_NO_SSL2 +#ifndef NO_SSL2 else if (strcmp(*argv,"-ssl2") == 0) { meth=SSLv2_server_method(); } #endif -#ifndef OPENSSL_NO_SSL3 +#ifndef NO_SSL3 else if (strcmp(*argv,"-ssl3") == 0) { meth=SSLv3_server_method(); } #endif -#ifndef OPENSSL_NO_TLS1 +#ifndef NO_TLS1 else if (strcmp(*argv,"-tls1") == 0) { meth=TLSv1_server_method(); } #endif - else if (strcmp(*argv,"-engine") == 0) - { - if (--argc < 1) goto bad; - engine_id= *(++argv); - } else if (strcmp(*argv,"-rand") == 0) { if (--argc < 1) goto bad; @@ -620,7 +611,7 @@ bad: } } -#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) +#if !defined(NO_RSA) || !defined(NO_DSA) if (nocert) #endif { @@ -633,29 +624,6 @@ bad: SSL_load_error_strings(); OpenSSL_add_ssl_algorithms(); - if (engine_id != NULL) - { - if((e = ENGINE_by_id(engine_id)) == NULL) - { - BIO_printf(bio_err,"invalid engine\n"); - ERR_print_errors(bio_err); - goto end; - } - if (s_debug) - { - ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM, - 0, bio_err, 0); - } - if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) - { - BIO_printf(bio_err,"can't use that engine\n"); - ERR_print_errors(bio_err); - goto end; - } - BIO_printf(bio_err,"engine \"%s\" set.\n", engine_id); - ENGINE_free(e); - } - ctx=SSL_CTX_new(meth); if (ctx == NULL) { @@ -693,16 +661,10 @@ bad: /* goto end; */ } -#ifndef OPENSSL_NO_DH +#ifndef NO_DH if (!no_dhe) { - DH *dh=NULL; - - if (dhfile) - dh = load_dh_param(dhfile); - else if (s_cert_file) - dh = load_dh_param(s_cert_file); - + dh=load_dh_param(dhfile ? dhfile : s_cert_file); if (dh != NULL) { BIO_printf(bio_s_out,"Setting temp DH parameters\n"); @@ -727,9 +689,10 @@ bad: goto end; } -#ifndef OPENSSL_NO_RSA +#ifndef NO_RSA #if 1 - SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb); + if (!no_tmp_rsa) + SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb); #else if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) { @@ -838,13 +801,6 @@ static int sv_body(char *hostname, int s, unsigned char *context) if (con == NULL) { con=SSL_new(ctx); -#ifndef OPENSSL_NO_KRB5 - if ((con->kssl_ctx = kssl_ctx_new()) != NULL) - { - kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE, KRB5SVC); - kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB, KRB5KEYTAB); - } -#endif /* OPENSSL_NO_KRB5 */ if(context) SSL_set_session_id_context(con, context, strlen((char *)context)); @@ -1158,7 +1114,7 @@ static int init_ssl_connection(SSL *con) return(1); } -#ifndef OPENSSL_NO_DH +#ifndef NO_DH static DH *load_dh_param(char *dhfile) { DH *ret=NULL; @@ -1540,7 +1496,7 @@ err: return(ret); } -#ifndef OPENSSL_NO_RSA +#ifndef NO_RSA static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) { static RSA *rsa_tmp=NULL;