int msg; /* copy from c_msg */
int debug; /* copy from c_debug */
int amp; /* allow more groups */
- int strength /* minimal size for N */ ;
+ int strength; /* minimal size for N */
} SRP_ARG;
# define SRP_NUMBER_ITERATIONS_FOR_PRIME 64
* The callback is only called for a non default group.
*
* An application does not need the call back at all if
- * only the stanard groups are used. In real life situations,
+ * only the standard groups are used. In real life situations,
* client and server already share well known groups,
* thus there is no need to verify them.
* Furthermore, in case that a server actually proposes a group that
OPT_DEBUG, OPT_TLSEXTDEBUG, OPT_STATUS, OPT_WDEBUG,
OPT_MSG, OPT_MSGFILE, OPT_ENGINE, OPT_TRACE, OPT_SECURITY_DEBUG,
OPT_SECURITY_DEBUG_VERBOSE, OPT_SHOWCERTS, OPT_NBIO_TEST, OPT_STATE,
- OPT_PSK_IDENTITY, OPT_PSK, OPT_SRPUSER, OPT_SRPPASS, OPT_SRP_STRENGTH,
- OPT_SRP_LATEUSER, OPT_SRP_MOREGROUPS, OPT_SSL3, OPT_SSL_CONFIG,
+#ifndef OPENSSL_NO_PSK
+ OPT_PSK_IDENTITY, OPT_PSK,
+#endif
+#ifndef OPENSSL_NO_SRP
+ OPT_SRPUSER, OPT_SRPPASS, OPT_SRP_STRENGTH, OPT_SRP_LATEUSER,
+ OPT_SRP_MOREGROUPS,
+#endif
+ OPT_SSL3, OPT_SSL_CONFIG,
OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_KEYFORM, OPT_PASS,
OPT_CERT_CHAIN, OPT_CAPATH, OPT_NOCAPATH, OPT_CHAINCAPATH, OPT_VERIFYCAPATH,
{"psk", OPT_PSK, 's', "PSK in hex (without 0x)"},
#endif
#ifndef OPENSSL_NO_SRP
- {"srpuser", OPT_SRPUSER, 's', "SRP authentification for 'user'"},
+ {"srpuser", OPT_SRPUSER, 's', "SRP authentication for 'user'"},
{"srppass", OPT_SRPPASS, 's', "Password for 'user'"},
{"srp_lateuser", OPT_SRP_LATEUSER, '-',
"SRP username into second ClientHello message"},
{"noct", OPT_NOCT, '-', "Do not request or parse SCTs (default)"},
{"ctlogfile", OPT_CTLOG_FILE, '<', "CT log list CONF file"},
#endif
- {NULL}
+ {NULL, OPT_EOF, 0x00, NULL}
};
typedef enum PROTOCOL_choice {
PROTO_IRC
} PROTOCOL_CHOICE;
-static OPT_PAIR services[] = {
+static const OPT_PAIR services[] = {
{"smtp", PROTO_SMTP},
{"pop3", PROTO_POP3},
{"imap", PROTO_IMAP},
{"xmpp-server", PROTO_XMPP_SERVER},
{"telnet", PROTO_TELNET},
{"irc", PROTO_IRC},
- {NULL}
+ {NULL, 0}
};
int s_client_main(int argc, char **argv)
BIO_printf(bio_err, "Error getting client auth engine\n");
goto opthelp;
}
- break;
#endif
break;
case OPT_RAND:
goto end;
}
break;
-#else
- case OPT_PSK_IDENTITY:
- case OPT_PSK:
- break;
#endif
#ifndef OPENSSL_NO_SRP
case OPT_SRPUSER:
if (min_version < TLS1_VERSION)
min_version = TLS1_VERSION;
break;
-#else
- case OPT_SRPUSER:
- case OPT_SRPPASS:
- case OPT_SRP_STRENGTH:
- case OPT_SRP_LATEUSER:
- case OPT_SRP_MOREGROUPS:
- break;
#endif
case OPT_SSL_CONFIG:
ssl_config = opt_arg();
goto end;
}
} else if (dane_tlsa_rrset != NULL) {
- BIO_printf(bio_err, "%s: DANE TLSA authentication requires the "
- "-dane_tlsa_domain option.\n", prog);
- goto end;
+ BIO_printf(bio_err, "%s: DANE TLSA authentication requires the "
+ "-dane_tlsa_domain option.\n", prog);
+ goto end;
}
re_start:
SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
if (peer != NULL) {
EVP_PKEY *pktmp;
+
pktmp = X509_get0_pubkey(peer);
BIO_printf(bio, "Server public key is %d bit\n",
EVP_PKEY_bits(pktmp));
static unsigned int split_send_fragment = 0;
static unsigned int max_pipelines = 0;
-#ifndef OPENSSL_NO_ENGINE
-static char *engine_id = NULL;
-#endif
static const char *session_id_prefix = NULL;
#ifndef OPENSSL_NO_DTLS
async = 0;
split_send_fragment = 0;
max_pipelines = 0;
-#ifndef OPENSSL_NO_ENGINE
- engine_id = NULL;
-#endif
}
static int local_argc = 0;
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
#endif
- {NULL}
+ {NULL, OPT_EOF, 0, NULL}
};
int s_server_main(int argc, char *argv[])
{
- ENGINE *e = NULL;
+ ENGINE *engine = NULL;
EVP_PKEY *s_key = NULL, *s_dkey = NULL;
SSL_CONF_CTX *cctx = NULL;
const SSL_METHOD *meth = TLS_server_method();
session_id_prefix = opt_arg();
break;
case OPT_ENGINE:
- e = setup_engine(opt_arg(), 1);
+ engine = setup_engine(opt_arg(), 1);
break;
case OPT_RAND:
inrand = opt_arg();
goto end;
if (nocert == 0) {
- s_key = load_key(s_key_file, s_key_format, 0, pass, e,
+ s_key = load_key(s_key_file, s_key_format, 0, pass, engine,
"server certificate private key file");
if (!s_key) {
ERR_print_errors(bio_err);
}
if (tlsextcbp.servername) {
- s_key2 = load_key(s_key_file2, s_key_format, 0, pass, e,
+ s_key2 = load_key(s_key_file2, s_key_format, 0, pass, engine,
"second server certificate private key file");
if (!s_key2) {
ERR_print_errors(bio_err);
s_dkey_file = s_dcert_file;
s_dkey = load_key(s_dkey_file, s_dkey_format,
- 0, dpass, e, "second certificate private key file");
+ 0, dpass, engine, "second certificate private key file");
if (!s_dkey) {
ERR_print_errors(bio_err);
goto end;