src/usr.bin/openssl/s_server.c - diff

Return to s_server.c CVS log

Up to [local] / src / usr.bin / openssl

Diff for /src/usr.bin/openssl/s_server.c between version 1.32 and 1.33

version 1.32, 2019/10/04 09:47:34

version 1.33, 2020/04/19 17:05:55

Line 288

BIO_printf(bio_err, " -dpass arg - second private key file pass phrase source\n");

BIO_printf(bio_err, " -dhparam arg - DH parameter file to use, in cert file if not specified\n");

BIO_printf(bio_err, " or a default set of parameters is used\n");

BIO_printf(bio_err, " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \

" Use \"openssl ecparam -list_curves\" for all names\n" \

" (default is nistp256).\n");

BIO_printf(bio_err, " -nbio - Run with non-blocking IO\n");

BIO_printf(bio_err, " -nbio_test - test with the non-blocking test bio\n");

BIO_printf(bio_err, " -crlf - convert LF from terminal into CRLF\n");

Line 333

Line 330

BIO_printf(bio_err, " not specified (default is %s)\n", TEST_CERT2);

BIO_printf(bio_err, " -tlsextdebug - hex dump of all TLS extensions received\n");

BIO_printf(bio_err, " -no_ticket - disable use of RFC4507bis session tickets\n");

BIO_printf(bio_err," -alpn arg - set the advertised protocols for the ALPN extension (comma-separated list)\n");

BIO_printf(bio_err, " -alpn arg - set the advertised protocols for the ALPN extension (comma-separated list)\n");

BIO_printf(bio_err, " -groups arg - specify EC groups (colon-separated list)\n");

#ifndef OPENSSL_NO_SRTP

BIO_printf(bio_err, " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");

#endif

Line 581

Line 579

X509 *s_cert2 = NULL;

tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING};

const char *alpn_in = NULL;

const char *groups_in = NULL;

tlsextalpnctx alpn_ctx = { NULL, 0 };

if (single_execution) {

Line 656

Line 655

if (--argc < 1)

goto bad;

dhfile = *(++argv);

}

} else if (strcmp(*argv, "-named_curve") == 0) {

else if (strcmp(*argv, "-named_curve") == 0) {

if (--argc < 1)

goto bad;

named_curve = *(++argv);

}

} else if (strcmp(*argv, "-dcertform") == 0) {

else if (strcmp(*argv, "-dcertform") == 0) {

if (--argc < 1)

goto bad;

s_dcert_format = str2fmt(*(++argv));

Line 831

Line 828

if (--argc < 1)

goto bad;

alpn_in = *(++argv);

} else if (strcmp(*argv, "-groups") == 0) {

if (--argc < 1)

goto bad;

groups_in = *(++argv);

}

#ifndef OPENSSL_NO_SRTP

else if (strcmp(*argv, "-use_srtp") == 0) {

Line 1055

Line 1056

if (alpn_ctx.data)

SSL_CTX_set_alpn_select_cb(ctx, alpn_cb, &alpn_ctx);

if (groups_in != NULL) {

if (SSL_CTX_set1_groups_list(ctx, groups_in) != 1) {

BIO_printf(bio_err, "Failed to set groups '%s'\n",

groups_in);

goto end;

}

#ifndef OPENSSL_NO_DH

if (!no_dhe) {

DH *dh = NULL;

Line 1108

Line 1117

}

#endif

if (!no_ecdhe) {

if (!no_ecdhe && named_curve != NULL) {

EC_KEY *ecdh = NULL;

int nid;

if (named_curve) {

if ((nid = OBJ_sn2nid(named_curve)) == 0) {

int nid = OBJ_sn2nid(named_curve);

BIO_printf(bio_err, "unknown curve name (%s)\n",

named_curve);

if (nid == 0) {

goto end;

BIO_printf(bio_err, "unknown curve name (%s)\n",

named_curve);

goto end;

}

ecdh = EC_KEY_new_by_curve_name(nid);

if (ecdh == NULL) {

BIO_printf(bio_err, "unable to create curve (%s)\n",

named_curve);

goto end;

}

if (ecdh != NULL) {

if ((ecdh = EC_KEY_new_by_curve_name(nid)) == NULL) {

BIO_printf(bio_s_out, "Setting temp ECDH parameters\n");

BIO_printf(bio_err, "unable to create curve (%s)\n",

} else {

named_curve);

BIO_printf(bio_s_out, "Using default temp ECDH parameters\n");

goto end;

ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);

if (ecdh == NULL) {

BIO_printf(bio_err, "unable to create curve (nistp256)\n");

goto end;

}

BIO_printf(bio_s_out, "Setting temp ECDH parameters\n");

(void) BIO_flush(bio_s_out);

SSL_CTX_set_tmp_ecdh(ctx, ecdh);