===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/openssl/s_server.c,v
retrieving revision 1.16
retrieving revision 1.17
diff -c -r1.16 -r1.17
*** src/usr.bin/openssl/s_server.c	2015/09/10 16:01:06	1.16
--- src/usr.bin/openssl/s_server.c	2015/09/11 14:30:23	1.17
***************
*** 1,4 ****
! /* $OpenBSD: s_server.c,v 1.16 2015/09/10 16:01:06 jsing Exp $ */
  /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
   * All rights reserved.
   *
--- 1,4 ----
! /* $OpenBSD: s_server.c,v 1.17 2015/09/11 14:30:23 bcook Exp $ */
  /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
   * All rights reserved.
   *
***************
*** 226,234 ****
  static char *keymatexportlabel = NULL;
  static int keymatexportlen = 20;
  
- #ifndef OPENSSL_NO_ENGINE
- static char *engine_id = NULL;
- #endif
  static const char *session_id_prefix = NULL;
  
  static int enable_timeouts = 0;
--- 226,231 ----
***************
*** 262,270 ****
  	s_debug = 0;
  	s_msg = 0;
  	s_quiet = 0;
- #ifndef OPENSSL_NO_ENGINE
- 	engine_id = NULL;
- #endif
  }
  
  static void
--- 259,264 ----
***************
*** 286,297 ****
  	BIO_printf(bio_err, " -certform arg - certificate format (PEM or DER) PEM default\n");
  	BIO_printf(bio_err, " -key arg      - Private Key file to use, in cert file if\n");
  	BIO_printf(bio_err, "                 not specified (default is %s)\n", TEST_CERT);
! 	BIO_printf(bio_err, " -keyform arg  - key format (PEM, DER or ENGINE) PEM default\n");
  	BIO_printf(bio_err, " -pass arg     - private key file pass phrase source\n");
  	BIO_printf(bio_err, " -dcert arg    - second certificate file to use (usually for DSA)\n");
  	BIO_printf(bio_err, " -dcertform x  - second certificate format (PEM or DER) PEM default\n");
  	BIO_printf(bio_err, " -dkey arg     - second private key file to use (usually for DSA)\n");
! 	BIO_printf(bio_err, " -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n");
  	BIO_printf(bio_err, " -dpass arg    - second private key file pass phrase source\n");
  	BIO_printf(bio_err, " -dhparam arg  - DH parameter file to use, in cert file if not specified\n");
  	BIO_printf(bio_err, "                 or a default set of parameters is used\n");
--- 280,291 ----
  	BIO_printf(bio_err, " -certform arg - certificate format (PEM or DER) PEM default\n");
  	BIO_printf(bio_err, " -key arg      - Private Key file to use, in cert file if\n");
  	BIO_printf(bio_err, "                 not specified (default is %s)\n", TEST_CERT);
! 	BIO_printf(bio_err, " -keyform arg  - key format (PEM or DER) PEM default\n");
  	BIO_printf(bio_err, " -pass arg     - private key file pass phrase source\n");
  	BIO_printf(bio_err, " -dcert arg    - second certificate file to use (usually for DSA)\n");
  	BIO_printf(bio_err, " -dcertform x  - second certificate format (PEM or DER) PEM default\n");
  	BIO_printf(bio_err, " -dkey arg     - second private key file to use (usually for DSA)\n");
! 	BIO_printf(bio_err, " -dkeyform arg - second key format (PEM or DER) PEM default\n");
  	BIO_printf(bio_err, " -dpass arg    - second private key file pass phrase source\n");
  	BIO_printf(bio_err, " -dhparam arg  - DH parameter file to use, in cert file if not specified\n");
  	BIO_printf(bio_err, "                 or a default set of parameters is used\n");
***************
*** 331,339 ****
  	BIO_printf(bio_err, " -WWW          - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
  	BIO_printf(bio_err, " -HTTP         - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
  	BIO_printf(bio_err, "                 with the assumption it contains a complete HTTP response.\n");
- #ifndef OPENSSL_NO_ENGINE
- 	BIO_printf(bio_err, " -engine id    - Initialise and use the specified engine\n");
- #endif
  	BIO_printf(bio_err, " -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n");
  	BIO_printf(bio_err, " -servername host - servername for HostName TLS extension\n");
  	BIO_printf(bio_err, " -servername_fatal - on mismatch send fatal alert (default warning alert)\n");
--- 325,330 ----
***************
*** 598,604 ****
  	int state = 0;
  	const SSL_METHOD *meth = NULL;
  	int socket_type = SOCK_STREAM;
- 	ENGINE *e = NULL;
  	int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
  	char *passarg = NULL, *pass = NULL;
  	char *dpassarg = NULL, *dpass = NULL;
--- 589,594 ----
***************
*** 832,844 ****
  				goto bad;
  			session_id_prefix = *(++argv);
  		}
- #ifndef OPENSSL_NO_ENGINE
- 		else if (strcmp(*argv, "-engine") == 0) {
- 			if (--argc < 1)
- 				goto bad;
- 			engine_id = *(++argv);
- 		}
- #endif
  		else if (strcmp(*argv, "-servername") == 0) {
  			if (--argc < 1)
  				goto bad;
--- 822,827 ----
***************
*** 899,908 ****
  		goto end;
  	}
  
- #ifndef OPENSSL_NO_ENGINE
- 	e = setup_engine(bio_err, engine_id, 1);
- #endif
- 
  	if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) {
  		BIO_printf(bio_err, "Error getting password\n");
  		goto end;
--- 882,887 ----
***************
*** 913,940 ****
  		s_key_file2 = s_cert_file2;
  
  	if (nocert == 0) {
! 		s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e,
  		    "server certificate private key file");
  		if (!s_key) {
  			ERR_print_errors(bio_err);
  			goto end;
  		}
  		s_cert = load_cert(bio_err, s_cert_file, s_cert_format,
! 		    NULL, e, "server certificate file");
  
  		if (!s_cert) {
  			ERR_print_errors(bio_err);
  			goto end;
  		}
  		if (tlsextcbp.servername) {
! 			s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e,
  			    "second server certificate private key file");
  			if (!s_key2) {
  				ERR_print_errors(bio_err);
  				goto end;
  			}
  			s_cert2 = load_cert(bio_err, s_cert_file2, s_cert_format,
! 			    NULL, e, "second server certificate file");
  
  			if (!s_cert2) {
  				ERR_print_errors(bio_err);
--- 892,919 ----
  		s_key_file2 = s_cert_file2;
  
  	if (nocert == 0) {
! 		s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass,
  		    "server certificate private key file");
  		if (!s_key) {
  			ERR_print_errors(bio_err);
  			goto end;
  		}
  		s_cert = load_cert(bio_err, s_cert_file, s_cert_format,
! 		    NULL, "server certificate file");
  
  		if (!s_cert) {
  			ERR_print_errors(bio_err);
  			goto end;
  		}
  		if (tlsextcbp.servername) {
! 			s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass,
  			    "second server certificate private key file");
  			if (!s_key2) {
  				ERR_print_errors(bio_err);
  				goto end;
  			}
  			s_cert2 = load_cert(bio_err, s_cert_file2, s_cert_format,
! 			    NULL, "second server certificate file");
  
  			if (!s_cert2) {
  				ERR_print_errors(bio_err);
***************
*** 966,979 ****
  			s_dkey_file = s_dcert_file;
  
  		s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format,
! 		    0, dpass, e,
! 		    "second certificate private key file");
  		if (!s_dkey) {
  			ERR_print_errors(bio_err);
  			goto end;
  		}
  		s_dcert = load_cert(bio_err, s_dcert_file, s_dcert_format,
! 		    NULL, e, "second server certificate file");
  
  		if (!s_dcert) {
  			ERR_print_errors(bio_err);
--- 945,957 ----
  			s_dkey_file = s_dcert_file;
  
  		s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format,
! 		    0, dpass, "second certificate private key file");
  		if (!s_dkey) {
  			ERR_print_errors(bio_err);
  			goto end;
  		}
  		s_dcert = load_cert(bio_err, s_dcert_file, s_dcert_format,
! 		    NULL, "second server certificate file");
  
  		if (!s_dcert) {
  			ERR_print_errors(bio_err);