X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=apps%2Fs_server.c;h=855dbd10cb809b94861e23d805aa7eed830d565b;hb=be1bd9239ff7874ec8f60c6217898654d016674a;hp=1a9ce281c3bf63ef07d6ce42ade15b206164aad6;hpb=836f996010d6a5f38d9a13279c37e84a42819966;p=oweals%2Fopenssl.git diff --git a/apps/s_server.c b/apps/s_server.c index 1a9ce281c3..855dbd10cb 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -62,7 +62,8 @@ #include #include #include -#ifdef NO_STDIO +#include +#ifdef OPENSSL_NO_STDIO #define APPS_WIN16 #endif @@ -70,7 +71,7 @@ recursive header file inclusion, resulting in the compiler complaining that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is needed to have fileno() declared correctly... So let's define u_int */ -#if defined(VMS) && defined(__DECC) && !defined(__U_INT) +#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) #define __U_INT typedef unsigned int u_int; #endif @@ -86,16 +87,16 @@ typedef unsigned int u_int; #include #include "s_apps.h" -#ifdef WINDOWS +#ifdef OPENSSL_SYS_WINDOWS #include #endif -#if (defined(VMS) && __VMS_VER < 70000000) +#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000) /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ #undef FIONBIO #endif -#ifndef NO_RSA +#ifndef OPENSSL_NO_RSA static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength); #endif static int sv_body(char *hostname, int s, unsigned char *context); @@ -104,7 +105,7 @@ static void close_accept_socket(void ); static void sv_usage(void); static int init_ssl_connection(SSL *s); static void print_stats(BIO *bp,SSL_CTX *ctx); -#ifndef NO_DH +#ifndef OPENSSL_NO_DH static DH *load_dh_param(char *dhfile); static DH *get_dh512(void); #endif @@ -120,7 +121,7 @@ static void s_server_init(void); # endif #endif -#ifndef NO_DH +#ifndef OPENSSL_NO_DH static unsigned char dh512_p[]={ 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75, 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F, @@ -240,13 +241,14 @@ static void sv_usage(void) BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n"); BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n"); -#ifndef NO_DH +#ifndef OPENSSL_NO_DH BIO_printf(bio_err," -no_dhe - Disable ephemeral DH\n"); #endif BIO_printf(bio_err," -bugs - Turn on SSL bug compatibility\n"); BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n"); BIO_printf(bio_err," -WWW - Respond to a 'GET / HTTP/1.0' with file ./\n"); BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); + BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); } static int local_argc=0; @@ -417,12 +419,13 @@ int MAIN(int argc, char *argv[]) int state=0; SSL_METHOD *meth=NULL; ENGINE *e=NULL; + char *inrand=NULL; -#if !defined(NO_SSL2) && !defined(NO_SSL3) +#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) meth=SSLv23_server_method(); -#elif !defined(NO_SSL3) +#elif !defined(OPENSSL_NO_SSL3) meth=SSLv3_server_method(); -#elif !defined(NO_SSL2) +#elif !defined(OPENSSL_NO_SSL2) meth=SSLv2_server_method(); #endif @@ -558,15 +561,15 @@ int MAIN(int argc, char *argv[]) { off|=SSL_OP_NO_SSLv3; } else if (strcmp(*argv,"-no_tls1") == 0) { off|=SSL_OP_NO_TLSv1; } -#ifndef NO_SSL2 +#ifndef OPENSSL_NO_SSL2 else if (strcmp(*argv,"-ssl2") == 0) { meth=SSLv2_server_method(); } #endif -#ifndef NO_SSL3 +#ifndef OPENSSL_NO_SSL3 else if (strcmp(*argv,"-ssl3") == 0) { meth=SSLv3_server_method(); } #endif -#ifndef NO_TLS1 +#ifndef OPENSSL_NO_TLS1 else if (strcmp(*argv,"-tls1") == 0) { meth=TLSv1_server_method(); } #endif @@ -575,6 +578,11 @@ int MAIN(int argc, char *argv[]) if (--argc < 1) goto bad; engine_id= *(++argv); } + else if (strcmp(*argv,"-rand") == 0) + { + if (--argc < 1) goto bad; + inrand= *(++argv); + } else { BIO_printf(bio_err,"unknown option %s\n",*argv); @@ -591,7 +599,14 @@ bad: goto end; } - app_RAND_load_file(NULL, bio_err, 0); + if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL + && !RAND_status()) + { + BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); + } + if (inrand != NULL) + BIO_printf(bio_err,"%ld semi-random bytes loaded\n", + app_RAND_load_files(inrand)); if (bio_s_out == NULL) { @@ -606,7 +621,7 @@ bad: } } -#if !defined(NO_RSA) || !defined(NO_DSA) +#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) if (nocert) #endif { @@ -679,7 +694,7 @@ bad: /* goto end; */ } -#ifndef NO_DH +#ifndef OPENSSL_NO_DH if (!no_dhe) { DH *dh=NULL; @@ -713,9 +728,10 @@ bad: goto end; } -#ifndef NO_RSA +#ifndef OPENSSL_NO_RSA #if 1 - SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb); + if (!no_tmp_rsa) + SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb); #else if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) { @@ -801,7 +817,7 @@ static int sv_body(char *hostname, int s, unsigned char *context) unsigned long l; SSL *con=NULL; BIO *sbio; -#ifdef WINDOWS +#ifdef OPENSSL_SYS_WINDOWS struct timeval tv; #endif @@ -824,13 +840,13 @@ static int sv_body(char *hostname, int s, unsigned char *context) if (con == NULL) { con=SSL_new(ctx); -#ifndef NO_KRB5 +#ifndef OPENSSL_NO_KRB5 if ((con->kssl_ctx = kssl_ctx_new()) != NULL) { kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE, KRB5SVC); kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB, KRB5KEYTAB); } -#endif /* NO_KRB5 */ +#endif /* OPENSSL_NO_KRB5 */ if(context) SSL_set_session_id_context(con, context, strlen((char *)context)); @@ -868,7 +884,7 @@ static int sv_body(char *hostname, int s, unsigned char *context) if (!read_from_sslcon) { FD_ZERO(&readfds); -#ifndef WINDOWS +#ifndef OPENSSL_SYS_WINDOWS FD_SET(fileno(stdin),&readfds); #endif FD_SET(s,&readfds); @@ -878,7 +894,7 @@ static int sv_body(char *hostname, int s, unsigned char *context) * the compiler: if you do have a cast then you can either * go for (int *) or (void *). */ -#ifdef WINDOWS +#ifdef OPENSSL_SYS_WINDOWS /* Under Windows we can't select on stdin: only * on sockets. As a workaround we timeout the select every * second and check for any keypress. In a proper Windows @@ -1144,7 +1160,7 @@ static int init_ssl_connection(SSL *con) return(1); } -#ifndef NO_DH +#ifndef OPENSSL_NO_DH static DH *load_dh_param(char *dhfile) { DH *ret=NULL; @@ -1280,7 +1296,7 @@ static int www_body(char *hostname, int s, unsigned char *context) else { BIO_printf(bio_s_out,"read R BLOCK\n"); -#ifndef MSDOS +#ifndef OPENSSL_SYS_MSDOS sleep(1); #endif continue; @@ -1526,7 +1542,7 @@ err: return(ret); } -#ifndef NO_RSA +#ifndef OPENSSL_NO_RSA static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) { static RSA *rsa_tmp=NULL;