From ece8574ae6d2b3a06bd13e6142ab9f3c555c890f Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 3 Mar 2015 15:47:08 +0000 Subject: [PATCH] Add DTLS support to ssltest MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Reviewed-by: Emilia Käsper (cherry picked from commit 98b8cdd32277cea829c31034a53f2487f750615d) Conflicts: ssl/ssltest.c --- ssl/ssltest.c | 31 ++++++++++++++++++++++++++----- 1 file changed, 26 insertions(+), 5 deletions(-) diff --git a/ssl/ssltest.c b/ssl/ssltest.c index 9f5d586247..8a6f00f42e 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -715,6 +715,10 @@ static void sv_usage(void) #endif #ifndef OPENSSL_NO_TLS1 fprintf(stderr, " -tls1 - use TLSv1\n"); +#endif +#ifndef OPENSSL_NO_DTLS + fprintf(stderr, " -dtls1 - use DTLSv1\n"); + fprintf(stderr, " -dtls12 - use DTLSv1.2\n"); #endif fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); @@ -877,7 +881,7 @@ int main(int argc, char *argv[]) int badop = 0; int bio_pair = 0; int force = 0; - int tls1 = 0, ssl2 = 0, ssl3 = 0, ret = 1; + int dtls1 = 0, dtls12 = 0, tls1 = 0, ssl2 = 0, ssl3 = 0, ret = 1; int client_auth = 0; int server_auth = 0, i; struct app_verify_arg app_verify_arg = @@ -1037,6 +1041,16 @@ int main(int argc, char *argv[]) no_protocol = 1; #endif ssl3 = 1; + } else if (strcmp(*argv, "-dtls1") == 0) { +#ifdef OPENSSL_NO_DTLS + no_protocol = 1; +#endif + dtls1 = 1; + } else if (strcmp(*argv, "-dtls12") == 0) { +#ifdef OPENSSL_NO_DTLS + no_protocol = 1; +#endif + dtls12 = 1; } else if (strncmp(*argv, "-num", 4) == 0) { if (--argc < 1) goto bad; @@ -1172,8 +1186,8 @@ int main(int argc, char *argv[]) goto end; } - if (ssl2 + ssl3 + tls1 > 1) { - fprintf(stderr, "At most one of -ssl2, -ssl3, or -tls1 should " + if (ssl2 + ssl3 + tls1 + dtls1 + dtls12 > 1) { + fprintf(stderr, "At most one of -ssl2, -ssl3, -tls1, -dtls1 or -dtls12 should " "be requested.\n"); EXIT(1); } @@ -1190,10 +1204,10 @@ int main(int argc, char *argv[]) goto end; } - if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force) { + if (!ssl2 && !ssl3 && !tls1 && !dtls1 && !dtls12 && number > 1 && !reuse && !force) { fprintf(stderr, "This case cannot work. Use -f to perform " "the test anyway (and\n-d to see what happens), " - "or add one of -ssl2, -ssl3, -tls1, -reuse\n" + "or add one of ssl2, -ssl3, -tls1, -dtls1, -dtls12, -reuse\n" "to avoid protocol mismatch.\n"); EXIT(1); } @@ -1271,6 +1285,13 @@ int main(int argc, char *argv[]) meth = SSLv3_method(); else #endif +#ifndef OPENSSL_NO_DTLS + if (dtls1) + meth = DTLSv1_method(); + else if (dtls12) + meth = DTLSv1_2_method(); + else +#endif #ifndef OPENSSL_NO_TLS1 if (tls1) meth = TLSv1_method(); -- 2.25.1