=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/openssl/s_client.c,v retrieving revision 1.5 retrieving revision 1.6 diff -c -r1.5 -r1.6 *** src/usr.bin/openssl/s_client.c 2014/10/22 13:51:31 1.5 --- src/usr.bin/openssl/s_client.c 2014/11/06 14:50:12 1.6 *************** *** 1,4 **** ! /* $OpenBSD: s_client.c,v 1.5 2014/10/22 13:51:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * --- 1,4 ---- ! /* $OpenBSD: s_client.c,v 1.6 2014/11/06 14:50:12 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * *************** *** 179,188 **** static int c_nbio = 0; static int c_Pause = 0; static int c_debug = 0; - #ifndef OPENSSL_NO_TLSEXT static int c_tlsextdebug = 0; static int c_status_req = 0; - #endif static int c_msg = 0; static int c_showcerts = 0; --- 179,186 ---- *************** *** 191,199 **** static void sc_usage(void); static void print_stuff(BIO * berr, SSL * con, int full); - #ifndef OPENSSL_NO_TLSEXT static int ocsp_resp_cb(SSL * s, void *arg); - #endif static BIO *bio_c_out = NULL; static int c_quiet = 0; static int c_ign_eof = 0; --- 189,195 ---- *************** *** 251,257 **** #endif BIO_printf(bio_err, " -sess_out arg - file to write SSL session to\n"); BIO_printf(bio_err, " -sess_in arg - file to read SSL session from\n"); - #ifndef OPENSSL_NO_TLSEXT BIO_printf(bio_err, " -servername host - Set TLS extension servername in ClientHello\n"); BIO_printf(bio_err, " -tlsextdebug - hex dump of all TLS extensions received\n"); BIO_printf(bio_err, " -status - request certificate status from server\n"); --- 247,252 ---- *************** *** 259,265 **** #ifndef OPENSSL_NO_NEXTPROTONEG BIO_printf(bio_err, " -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); #endif - #endif #ifndef OPENSSL_NO_SRTP BIO_printf(bio_err, " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); #endif --- 254,259 ---- *************** *** 267,273 **** BIO_printf(bio_err, " -keymatexportlen len - Export len bytes of keying material (default 20)\n"); } - #ifndef OPENSSL_NO_TLSEXT /* This is a context that we pass to callbacks */ typedef struct tlsextctx_st { --- 261,266 ---- *************** *** 324,330 **** return SSL_TLSEXT_ERR_OK; } #endif /* ndef OPENSSL_NO_NEXTPROTONEG */ - #endif enum { PROTO_OFF = 0, --- 317,322 ---- *************** *** 378,391 **** ENGINE *ssl_client_engine = NULL; #endif ENGINE *e = NULL; - #ifndef OPENSSL_NO_TLSEXT char *servername = NULL; tlsextctx tlsextcbp = {NULL, 0}; #ifndef OPENSSL_NO_NEXTPROTONEG const char *next_proto_neg_in = NULL; #endif - #endif char *sess_in = NULL; char *sess_out = NULL; struct sockaddr peer; --- 370,381 ---- *************** *** 475,486 **** c_Pause = 1; else if (strcmp(*argv, "-debug") == 0) c_debug = 1; - #ifndef OPENSSL_NO_TLSEXT else if (strcmp(*argv, "-tlsextdebug") == 0) c_tlsextdebug = 1; else if (strcmp(*argv, "-status") == 0) c_status_req = 1; - #endif else if (strcmp(*argv, "-msg") == 0) c_msg = 1; else if (strcmp(*argv, "-showcerts") == 0) --- 465,474 ---- *************** *** 548,554 **** else if (strcmp(*argv, "-no_comp") == 0) { off |= SSL_OP_NO_COMPRESSION; } - #ifndef OPENSSL_NO_TLSEXT else if (strcmp(*argv, "-no_ticket") == 0) { off |= SSL_OP_NO_TICKET; } --- 536,541 ---- *************** *** 559,565 **** next_proto_neg_in = *(++argv); } #endif - #endif else if (strcmp(*argv, "-serverpref") == 0) off |= SSL_OP_CIPHER_SERVER_PREFERENCE; else if (strcmp(*argv, "-legacy_renegotiation") == 0) --- 546,551 ---- *************** *** 611,624 **** } else if (strcmp(*argv, "-6") == 0) { af = AF_INET6; } - #ifndef OPENSSL_NO_TLSEXT else if (strcmp(*argv, "-servername") == 0) { if (--argc < 1) goto bad; servername = *(++argv); /* meth=TLSv1_client_method(); */ } - #endif #ifndef OPENSSL_NO_SRTP else if (strcmp(*argv, "-use_srtp") == 0) { if (--argc < 1) --- 597,608 ---- *************** *** 777,789 **** ERR_print_errors(bio_err); /* goto end; */ } - #ifndef OPENSSL_NO_TLSEXT if (servername != NULL) { tlsextcbp.biodebug = bio_err; SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); } - #endif con = SSL_new(ctx); if (sess_in) { --- 761,771 ---- *************** *** 806,812 **** SSL_set_session(con, sess); SSL_SESSION_free(sess); } - #ifndef OPENSSL_NO_TLSEXT if (servername != NULL) { if (!SSL_set_tlsext_host_name(con, servername)) { BIO_printf(bio_err, "Unable to set TLS servername extension.\n"); --- 788,793 ---- *************** *** 814,820 **** goto end; } } - #endif /* SSL_set_cipher_list(con,"RC4-MD5"); */ re_start: --- 795,800 ---- *************** *** 881,887 **** SSL_set_msg_callback(con, msg_cb); SSL_set_msg_callback_arg(con, bio_c_out); } - #ifndef OPENSSL_NO_TLSEXT if (c_tlsextdebug) { SSL_set_tlsext_debug_callback(con, tlsext_cb); SSL_set_tlsext_debug_arg(con, bio_c_out); --- 861,866 ---- *************** *** 891,897 **** SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb); SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out); } - #endif SSL_set_bio(con, sbio, sbio); SSL_set_connect_state(con); --- 870,875 ---- *************** *** 1472,1478 **** (void) BIO_flush(bio); } - #ifndef OPENSSL_NO_TLSEXT static int ocsp_resp_cb(SSL * s, void *arg) --- 1450,1455 ---- *************** *** 1499,1502 **** return 1; } - #endif --- 1476,1478 ----