X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=apps%2Fs_server.c;h=e12db0c86615d7bb901c9f334cc1ee68c7a16843;hb=5956b110e3d6137be07e52b1b3ea483a991ab84f;hp=2aaa2cb7da0aa84f7805b6d289ea9a08943f84e0;hpb=7e1b7485706c2b11091b5fa897fe496a2faa56cc;p=oweals%2Fopenssl.git diff --git a/apps/s_server.c b/apps/s_server.c index 2aaa2cb7da..e12db0c866 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -228,6 +228,8 @@ static int s_server_verify = SSL_VERIFY_NONE; static int s_server_session_id_context = 1; /* anything will do */ static const char *s_cert_file = TEST_CERT, *s_key_file = NULL, *s_chain_file = NULL; +static const char *krb5svc = NULL; +static const char *krb5tab = NULL; #ifndef OPENSSL_NO_TLSEXT static const char *s_cert_file2 = TEST_CERT2, *s_key_file2 = NULL; #endif @@ -338,6 +340,8 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity, out_err: if (s_debug) BIO_printf(bio_err, "Error in PSK server callback\n"); + (void)BIO_flush(bio_err); + (void)BIO_flush(bio_s_out); return 0; } #endif @@ -837,7 +841,8 @@ typedef enum OPTION_choice { OPT_SRTP_PROFILES, OPT_KEYMATEXPORT, OPT_KEYMATEXPORTLEN, OPT_S_ENUM, OPT_V_ENUM, - OPT_X_ENUM + OPT_X_ENUM, + OPT_KRB5SVC, OPT_KRBTAB } OPTION_CHOICE; OPTIONS s_server_options[] = { @@ -895,6 +900,8 @@ OPTIONS s_server_options[] = { {"jpake", OPT_JPAKE, 's', "JPAKE secret to use"}, # endif #endif + {"krb5svc", OPT_KRB5SVC, 's', "Kerberos service name"}, + {"keytab", OPT_KRBTAB, '<', "Kerberos keytab file"}, #ifndef OPENSSL_NO_SRP {"srpvfile", OPT_SRPVFILE, '<', "The verifier file for SRP"}, {"srpuserseed", OPT_SRPUSERSEED, 's', @@ -1376,7 +1383,7 @@ int s_server_main(int argc, char *argv[]) session_id_prefix = opt_arg(); break; case OPT_ENGINE: - engine_id = opt_arg(); + e = setup_engine(opt_arg(), 1); break; case OPT_RAND: inrand = opt_arg(); @@ -1411,6 +1418,12 @@ int s_server_main(int argc, char *argv[]) case OPT_JPAKE: goto opthelp; #endif + case OPT_KRB5SVC: + krb5svc = opt_arg(); + break; + case OPT_KRBTAB: + krb5tab = opt_arg(); + break; case OPT_SRTP_PROFILES: srtp_profiles = opt_arg(); break; @@ -1447,10 +1460,6 @@ int s_server_main(int argc, char *argv[]) } #endif -#ifndef OPENSSL_NO_ENGINE - e = setup_engine(engine_id, 1); -#endif - if (!app_passwd(passarg, dpassarg, &pass, &dpass)) { BIO_printf(bio_err, "Error getting password\n"); goto end; @@ -2404,6 +2413,7 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context) } if (ret >= 0) BIO_printf(bio_s_out, "ACCEPT\n"); + (void)BIO_flush(bio_s_out); return (ret); } @@ -2724,7 +2734,22 @@ static int www_body(char *hostname, int s, int stype, unsigned char *context) /* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/ BIO_puts(io, "\n"); for (i = 0; i < local_argc; i++) { - BIO_puts(io, local_argv[i]); + const char *myp; + for (myp = local_argv[i]; *myp; myp++) + switch (*myp) { + case '<': + BIO_puts(io, "<"); + break; + case '>': + BIO_puts(io, ">"); + break; + case '&': + BIO_puts(io, "&"); + break; + default: + BIO_write(io, myp, 1); + break; + } BIO_write(io, " ", 1); } BIO_puts(io, "\n"); @@ -3155,6 +3180,7 @@ static int add_session(SSL *ssl, SSL_SESSION *session) sess->derlen = i2d_SSL_SESSION(session, NULL); if (sess->derlen < 0) { BIO_printf(bio_err, "Error encoding session\n"); + OPENSSL_free(sess); return 0; } @@ -3162,10 +3188,8 @@ static int add_session(SSL *ssl, SSL_SESSION *session) sess->der = OPENSSL_malloc(sess->derlen); if (!sess->id || !sess->der) { BIO_printf(bio_err, "Out of memory adding to external cache\n"); - if (sess->id) - OPENSSL_free(sess->id); - if (sess->der) - OPENSSL_free(sess->der); + OPENSSL_free(sess->id); + OPENSSL_free(sess->der); OPENSSL_free(sess); return 0; } @@ -3173,7 +3197,10 @@ static int add_session(SSL *ssl, SSL_SESSION *session) /* Assume it still works. */ if (i2d_SSL_SESSION(session, &p) != sess->derlen) { - BIO_printf(bio_err, "Error encoding session\n"); + BIO_printf(bio_err, "Unexpected session encoding length\n"); + OPENSSL_free(sess->id); + OPENSSL_free(sess->der); + OPENSSL_free(sess); return 0; }