version 1.30, 2017/01/20 08:57:12 |
version 1.31, 2017/01/24 09:07:40 |
|
|
BIO_printf(bio_err, " -no_ticket - disable use of RFC4507bis session tickets\n"); |
BIO_printf(bio_err, " -no_ticket - disable use of RFC4507bis session tickets\n"); |
BIO_printf(bio_err, " -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); |
BIO_printf(bio_err, " -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); |
BIO_printf(bio_err, " -alpn arg - enable ALPN extension, considering named protocols supported (comma-separated list)\n"); |
BIO_printf(bio_err, " -alpn arg - enable ALPN extension, considering named protocols supported (comma-separated list)\n"); |
|
BIO_printf(bio_err, " -groups arg - specify EC curve groups (colon-separated list)\n"); |
#ifndef OPENSSL_NO_SRTP |
#ifndef OPENSSL_NO_SRTP |
BIO_printf(bio_err, " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); |
BIO_printf(bio_err, " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); |
#endif |
#endif |
|
|
{NULL, 0}; |
{NULL, 0}; |
const char *next_proto_neg_in = NULL; |
const char *next_proto_neg_in = NULL; |
const char *alpn_in = NULL; |
const char *alpn_in = NULL; |
|
const char *groups_in = NULL; |
char *sess_in = NULL; |
char *sess_in = NULL; |
char *sess_out = NULL; |
char *sess_out = NULL; |
struct sockaddr peer; |
struct sockaddr peer; |
|
|
off |= SSL_OP_NO_SSLv2; |
off |= SSL_OP_NO_SSLv2; |
else if (strcmp(*argv, "-no_comp") == 0) { |
else if (strcmp(*argv, "-no_comp") == 0) { |
off |= SSL_OP_NO_COMPRESSION; |
off |= SSL_OP_NO_COMPRESSION; |
} |
} else if (strcmp(*argv, "-no_ticket") == 0) { |
else if (strcmp(*argv, "-no_ticket") == 0) { |
|
off |= SSL_OP_NO_TICKET; |
off |= SSL_OP_NO_TICKET; |
} |
} else if (strcmp(*argv, "-nextprotoneg") == 0) { |
else if (strcmp(*argv, "-nextprotoneg") == 0) { |
|
if (--argc < 1) |
if (--argc < 1) |
goto bad; |
goto bad; |
next_proto_neg_in = *(++argv); |
next_proto_neg_in = *(++argv); |
} |
} else if (strcmp(*argv, "-alpn") == 0) { |
else if (strcmp(*argv, "-alpn") == 0) { |
|
if (--argc < 1) |
if (--argc < 1) |
goto bad; |
goto bad; |
alpn_in = *(++argv); |
alpn_in = *(++argv); |
|
} else if (strcmp(*argv, "-groups") == 0) { |
|
if (--argc < 1) |
|
goto bad; |
|
groups_in = *(++argv); |
} else if (strcmp(*argv, "-serverpref") == 0) |
} else if (strcmp(*argv, "-serverpref") == 0) |
off |= SSL_OP_CIPHER_SERVER_PREFERENCE; |
off |= SSL_OP_CIPHER_SERVER_PREFERENCE; |
else if (strcmp(*argv, "-legacy_renegotiation") == 0) |
else if (strcmp(*argv, "-legacy_renegotiation") == 0) |
|
|
} |
} |
SSL_CTX_set_alpn_protos(ctx, alpn, alpn_len); |
SSL_CTX_set_alpn_protos(ctx, alpn, alpn_len); |
free(alpn); |
free(alpn); |
|
} |
|
if (groups_in != NULL) { |
|
if (SSL_CTX_set1_groups_list(ctx, groups_in) != 1) { |
|
BIO_printf(bio_err, "Failed to set groups '%s'\n", |
|
groups_in); |
|
goto end; |
|
} |
} |
} |
|
|
if (state) |
if (state) |