X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=apps%2Fs_server.c;h=44886c5c26150e48a8862dab24781669fdc837a2;hb=db186beee4ae2af2ea87f75781d62ea34846e440;hp=64ef2455bcf692b8668bdd555425d2aabf2461ff;hpb=8d6e60486f3682e31830b11b7188038d6a85871f;p=oweals%2Fopenssl.git

diff --git a/apps/s_server.c b/apps/s_server.c
index 64ef2455bc..44886c5c26 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -108,11 +108,6 @@
  * Hudson (tjh@cryptsoft.com).
  *
  */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by 
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
 
 #include <assert.h>
 #include <stdio.h>
@@ -149,6 +144,14 @@ typedef unsigned int u_int;
 #include <conio.h>
 #endif
 
+#ifdef OPENSSL_SYS_WINCE
+/* Windows CE incorrectly defines fileno as returning void*, so to avoid problems below... */
+#ifdef fileno
+#undef fileno
+#endif
+#define fileno(a) (int)_fileno(a)
+#endif
+
 #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
 /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
 #undef FIONBIO
@@ -169,7 +172,6 @@ static int generate_session_id(const SSL *ssl, unsigned char *id,
 static DH *load_dh_param(char *dhfile);
 static DH *get_dh512(void);
 #endif
-
 #ifdef MONOLITH
 static void s_server_init(void);
 #endif
@@ -208,7 +210,6 @@ static DH *get_dh512(void)
 	}
 #endif
 
-
 /* static int load_CA(SSL_CTX *ctx, char *file);*/
 
 #undef BUFSIZZ
@@ -286,11 +287,6 @@ static void sv_usage(void)
 	BIO_printf(bio_err," -dkey arg     - second private key file to use (usually for DSA)\n");
 	BIO_printf(bio_err," -dhparam arg  - DH parameter file to use, in cert file if not specified\n");
 	BIO_printf(bio_err,"                 or a default set of parameters is used\n");
-#ifndef OPENSSL_NO_ECDH
-	BIO_printf(bio_err," -named_curve arg  - Elliptic curve name to use for ephemeral ECDH keys.\n" \
-	                   "                 Use \"openssl ecparam -list_curves\" for all names\n" \
-	                   "                 (default is sect163r2).\n");
-#endif
 #ifdef FIONBIO
 	BIO_printf(bio_err," -nbio         - Run with non-blocking IO\n");
 #endif
@@ -314,9 +310,6 @@ static void sv_usage(void)
 	BIO_printf(bio_err," -no_tls1      - Just disable TLSv1\n");
 #ifndef OPENSSL_NO_DH
 	BIO_printf(bio_err," -no_dhe       - Disable ephemeral DH\n");
-#endif
-#ifndef OPENSSL_NO_ECDH
-	BIO_printf(bio_err," -no_ecdhe     - Disable ephemeral ECDH\n");
 #endif
 	BIO_printf(bio_err," -bugs         - Turn on SSL bug compatibility\n");
 	BIO_printf(bio_err," -www          - Respond to a 'GET /' with a status page\n");
@@ -491,11 +484,10 @@ int MAIN(int argc, char *argv[])
 	char *CApath=NULL,*CAfile=NULL;
 	char *context = NULL;
 	char *dhfile = NULL;
-	char *named_curve = NULL;
 	int badop=0,bugs=0;
 	int ret=1;
 	int off=0;
-	int no_tmp_rsa=0,no_dhe=0,no_ecdhe=0,nocert=0;
+	int no_tmp_rsa=0,no_dhe=0,nocert=0;
 	int state=0;
 	SSL_METHOD *meth=NULL;
 	ENGINE *e=NULL;
@@ -576,13 +568,6 @@ int MAIN(int argc, char *argv[])
 			if (--argc < 1) goto bad;
 			dhfile = *(++argv);
 			}
-#ifndef OPENSSL_NO_ECDH		
-		else if	(strcmp(*argv,"-named_curve") == 0)
-			{
-			if (--argc < 1) goto bad;
-			named_curve = *(++argv);
-			}
-#endif
 		else if	(strcmp(*argv,"-dcert") == 0)
 			{
 			if (--argc < 1) goto bad;
@@ -651,8 +636,6 @@ int MAIN(int argc, char *argv[])
 			{ no_tmp_rsa=1; }
 		else if	(strcmp(*argv,"-no_dhe") == 0)
 			{ no_dhe=1; }
-		else if	(strcmp(*argv,"-no_ecdhe") == 0)
-			{ no_ecdhe=1; }
 		else if	(strcmp(*argv,"-www") == 0)
 			{ www=1; }
 		else if	(strcmp(*argv,"-WWW") == 0)
@@ -735,7 +718,7 @@ bad:
 			}
 		}
 
-#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
+#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA)
 	if (nocert)
 #endif
 		{
@@ -823,59 +806,6 @@ bad:
 		DH_free(dh);
 		}
 #endif
-
-#ifndef OPENSSL_NO_ECDH
-	if (!no_ecdhe)
-		{
-		EC_KEY *ecdh=NULL;
-
-		ecdh = EC_KEY_new();
-		if (ecdh == NULL)
-			{
-			BIO_printf(bio_err,"Could not create ECDH struct.\n");
-			goto end;
-			}
-
-		if (named_curve)
-			{
-			int nid = OBJ_sn2nid(named_curve);
-
-			if (nid == 0)
-				{
-				BIO_printf(bio_err, "unknown curve name (%s)\n", 
-					named_curve);
-				goto end;
-				}
-
-			ecdh->group = EC_GROUP_new_by_nid(nid);
-			if (ecdh->group == NULL)
-				{
-				BIO_printf(bio_err, "unable to create curve (%s)\n", 
-					named_curve);
-				goto end;
-				}
-			}
-
-		if (ecdh->group != NULL)
-			{
-			BIO_printf(bio_s_out,"Setting temp ECDH parameters\n");
-			}
-		else
-			{
-			BIO_printf(bio_s_out,"Using default temp ECDH parameters\n");
-			ecdh->group=EC_GROUP_new_by_nid(NID_sect163r2);
-			if (ecdh->group == NULL) 
-				{
-				BIO_printf(bio_err, "unable to create curve (sect163r2)\n");
-				goto end;
-				}
-			}
-		(void)BIO_flush(bio_s_out);
-
-		SSL_CTX_set_tmp_ecdh(ctx,ecdh);
-		EC_KEY_free(ecdh);
-		}
-#endif
 	
 	if (!set_cert_stuff(ctx,s_cert_file,s_key_file))
 		goto end;
@@ -938,7 +868,7 @@ end:
 		bio_s_out=NULL;
 		}
 	apps_shutdown();
-	EXIT(ret);
+	OPENSSL_EXIT(ret);
 	}
 
 static void print_stats(BIO *bio, SSL_CTX *ssl_ctx)
@@ -1254,7 +1184,7 @@ err:
 	BIO_printf(bio_s_out,"CONNECTION CLOSED\n");
 	if (buf != NULL)
 		{
-		memset(buf,0,bufsize);
+		OPENSSL_cleanse(buf,bufsize);
 		OPENSSL_free(buf);
 		}
 	if (ret >= 0)