X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=ssl%2Fssltest.c;h=9ef43dfa88fb48561200dbbf4d20003ec535f59d;hb=c7ba21493a193d65745f9765a19522bcafa43336;hp=0d611161ab954f46fa90d10915cf770a40bf0c68;hpb=ddac197404f585b8da58df794fc3beb9d08e8cd2;p=oweals%2Fopenssl.git diff --git a/ssl/ssltest.c b/ssl/ssltest.c index 0d611161ab..9ef43dfa88 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -317,7 +317,7 @@ static void sv_usage(void) static void print_details(SSL *c_ssl, const char *prefix) { - SSL_CIPHER *ciph; + const SSL_CIPHER *ciph; X509 *cert; ciph=SSL_get_current_cipher(c_ssl); @@ -422,6 +422,25 @@ static void lock_dbg_cb(int mode, int type, const char *file, int line) } } +#ifdef TLSEXT_TYPE_opaque_prf_input +struct cb_info_st { void *input; size_t len; int ret; }; +struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */ +struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */ +struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */ +struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */ + +int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_) + { + struct cb_info_st *arg = arg_; + + if (arg == NULL) + return 1; + + if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len)) + return 0; + return arg->ret; + } +#endif int main(int argc, char *argv[]) { @@ -470,7 +489,7 @@ int main(int argc, char *argv[]) debug = 0; cipher = 0; - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); + bio_err=BIO_new_fp(stderr,BIO_NOCLOSE|BIO_FP_TEXT); CRYPTO_set_locking_callback(lock_dbg_cb); @@ -489,7 +508,7 @@ int main(int argc, char *argv[]) RAND_seed(rnd_seed, sizeof rnd_seed); - bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE); + bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE|BIO_FP_TEXT); argc--; argv++; @@ -836,6 +855,13 @@ bad: SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb); #endif +#ifdef TLSEXT_TYPE_opaque_prf_input + SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb); + SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb); + SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1); /* or &co2 or NULL */ + SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1); /* or &so2 or NULL */ +#endif + if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM)) { ERR_print_errors(bio_err); @@ -988,7 +1014,7 @@ end: #endif CRYPTO_cleanup_all_ex_data(); ERR_free_strings(); - ERR_remove_state(0); + ERR_remove_thread_state(NULL); EVP_cleanup(); CRYPTO_mem_leaks(bio_err); if (bio_err != NULL) BIO_free(bio_err); @@ -2151,7 +2177,7 @@ static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg) if (cb_arg->proxy_auth) { - if (ok) + if (ok > 0) { const char *cond_end = NULL; @@ -2350,7 +2376,7 @@ static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identi int ret; unsigned int psk_len = 0; - ret = snprintf(identity, max_identity_len, "Client_identity"); + ret = BIO_snprintf(identity, max_identity_len, "Client_identity"); if (ret < 0) goto out_err; if (debug) @@ -2382,7 +2408,7 @@ static int do_test_cipherlist(void) { int i = 0; const SSL_METHOD *meth; - SSL_CIPHER *ci, *tci = NULL; + const SSL_CIPHER *ci, *tci = NULL; #ifndef OPENSSL_NO_SSL2 fprintf(stderr, "testing SSLv2 cipher list order: ");