diff options
| author | beck <> | 2000-03-19 11:13:58 +0000 |
|---|---|---|
| committer | beck <> | 2000-03-19 11:13:58 +0000 |
| commit | 796d609550df3a33fc11468741c5d2f6d3df4c11 (patch) | |
| tree | 6c6d539061caa20372dad0ac4ddb1dfae2fbe7fe /src/lib/libssl/src/ssl/ssltest.c | |
| parent | 5be3114c1fd7e0dfea1e38d3abb4cbba75244419 (diff) | |
| download | openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.gz openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.bz2 openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.zip | |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
Diffstat (limited to 'src/lib/libssl/src/ssl/ssltest.c')
| -rw-r--r-- | src/lib/libssl/src/ssl/ssltest.c | 226 |
1 files changed, 138 insertions, 88 deletions
diff --git a/src/lib/libssl/src/ssl/ssltest.c b/src/lib/libssl/src/ssl/ssltest.c index 90570f4bee..d655bbbd84 100644 --- a/src/lib/libssl/src/ssl/ssltest.c +++ b/src/lib/libssl/src/ssl/ssltest.c | |||
| @@ -56,11 +56,12 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <assert.h> | ||
| 60 | #include <errno.h> | ||
| 61 | #include <limits.h> | ||
| 59 | #include <stdio.h> | 62 | #include <stdio.h> |
| 60 | #include <stdlib.h> | 63 | #include <stdlib.h> |
| 61 | #include <string.h> | 64 | #include <string.h> |
| 62 | #include <errno.h> | ||
| 63 | #include <limits.h> | ||
| 64 | 65 | ||
| 65 | #include "openssl/e_os.h" | 66 | #include "openssl/e_os.h" |
| 66 | 67 | ||
| @@ -69,14 +70,11 @@ | |||
| 69 | #include <openssl/x509.h> | 70 | #include <openssl/x509.h> |
| 70 | #include <openssl/ssl.h> | 71 | #include <openssl/ssl.h> |
| 71 | #include <openssl/err.h> | 72 | #include <openssl/err.h> |
| 73 | #include <openssl/rand.h> | ||
| 72 | #ifdef WINDOWS | 74 | #ifdef WINDOWS |
| 73 | #include "../crypto/bio/bss_file.c" | 75 | #include "../crypto/bio/bss_file.c" |
| 74 | #endif | 76 | #endif |
| 75 | 77 | ||
| 76 | #if defined(NO_RSA) && !defined(NO_SSL2) | ||
| 77 | #define NO_SSL2 | ||
| 78 | #endif | ||
| 79 | |||
| 80 | #ifdef VMS | 78 | #ifdef VMS |
| 81 | # define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM" | 79 | # define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM" |
| 82 | # define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM" | 80 | # define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM" |
| @@ -85,19 +83,23 @@ | |||
| 85 | # define TEST_CLIENT_CERT "../apps/client.pem" | 83 | # define TEST_CLIENT_CERT "../apps/client.pem" |
| 86 | #endif | 84 | #endif |
| 87 | 85 | ||
| 88 | int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); | 86 | static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); |
| 89 | #ifndef NO_RSA | 87 | #ifndef NO_RSA |
| 90 | static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength); | 88 | static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength); |
| 91 | #endif | 89 | #endif |
| 92 | #ifndef NO_DH | 90 | #ifndef NO_DH |
| 93 | static DH *get_dh512(void); | 91 | static DH *get_dh512(void); |
| 94 | #endif | 92 | #endif |
| 95 | BIO *bio_err=NULL; | 93 | #ifndef NO_DSA |
| 96 | BIO *bio_stdout=NULL; | 94 | static void MS_CALLBACK dsa_cb(int p, int n, void *arg); |
| 95 | #endif | ||
| 96 | |||
| 97 | static BIO *bio_err=NULL; | ||
| 98 | static BIO *bio_stdout=NULL; | ||
| 97 | 99 | ||
| 98 | static char *cipher=NULL; | 100 | static char *cipher=NULL; |
| 99 | int verbose=0; | 101 | static int verbose=0; |
| 100 | int debug=0; | 102 | static int debug=0; |
| 101 | #if 0 | 103 | #if 0 |
| 102 | /* Not used yet. */ | 104 | /* Not used yet. */ |
| 103 | #ifdef FIONBIO | 105 | #ifdef FIONBIO |
| @@ -105,6 +107,7 @@ static int s_nbio=0; | |||
| 105 | #endif | 107 | #endif |
| 106 | #endif | 108 | #endif |
| 107 | 109 | ||
| 110 | static const char rnd_seed[] = "string to make the random number generator think it has entropy"; | ||
| 108 | 111 | ||
| 109 | int doit_biopair(SSL *s_ssl,SSL *c_ssl,long bytes); | 112 | int doit_biopair(SSL *s_ssl,SSL *c_ssl,long bytes); |
| 110 | int doit(SSL *s_ssl,SSL *c_ssl,long bytes); | 113 | int doit(SSL *s_ssl,SSL *c_ssl,long bytes); |
| @@ -122,6 +125,9 @@ static void sv_usage(void) | |||
| 122 | #if !defined NO_DH && !defined NO_DSA | 125 | #if !defined NO_DH && !defined NO_DSA |
| 123 | fprintf(stderr," -dhe1024 - generate 1024 bit key for DHE\n"); | 126 | fprintf(stderr," -dhe1024 - generate 1024 bit key for DHE\n"); |
| 124 | #endif | 127 | #endif |
| 128 | #if !defined NO_DH | ||
| 129 | fprintf(stderr," -no_dhe - disable DHE\n"); | ||
| 130 | #endif | ||
| 125 | #ifndef NO_SSL2 | 131 | #ifndef NO_SSL2 |
| 126 | fprintf(stderr," -ssl2 - use SSLv2\n"); | 132 | fprintf(stderr," -ssl2 - use SSLv2\n"); |
| 127 | #endif | 133 | #endif |
| @@ -159,16 +165,21 @@ int main(int argc, char *argv[]) | |||
| 159 | int number=1,reuse=0; | 165 | int number=1,reuse=0; |
| 160 | long bytes=1L; | 166 | long bytes=1L; |
| 161 | SSL_CIPHER *ciph; | 167 | SSL_CIPHER *ciph; |
| 162 | int dhe1024 = 0; | 168 | int dhe1024 = 0, no_dhe = 0; |
| 163 | #ifndef NO_DH | 169 | #ifndef NO_DH |
| 164 | DH *dh; | 170 | DH *dh; |
| 165 | #endif | 171 | #endif |
| 172 | verbose = 0; | ||
| 173 | debug = 0; | ||
| 174 | cipher = 0; | ||
| 175 | |||
| 176 | CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); | ||
| 177 | |||
| 178 | RAND_seed(rnd_seed, sizeof rnd_seed); | ||
| 166 | 179 | ||
| 167 | bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); | 180 | bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); |
| 168 | bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE); | 181 | bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE); |
| 169 | 182 | ||
| 170 | CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); | ||
| 171 | |||
| 172 | argc--; | 183 | argc--; |
| 173 | argv++; | 184 | argv++; |
| 174 | 185 | ||
| @@ -186,6 +197,8 @@ int main(int argc, char *argv[]) | |||
| 186 | reuse=1; | 197 | reuse=1; |
| 187 | else if (strcmp(*argv,"-dhe1024") == 0) | 198 | else if (strcmp(*argv,"-dhe1024") == 0) |
| 188 | dhe1024=1; | 199 | dhe1024=1; |
| 200 | else if (strcmp(*argv,"-no_dhe") == 0) | ||
| 201 | no_dhe=1; | ||
| 189 | else if (strcmp(*argv,"-ssl2") == 0) | 202 | else if (strcmp(*argv,"-ssl2") == 0) |
| 190 | ssl2=1; | 203 | ssl2=1; |
| 191 | else if (strcmp(*argv,"-tls1") == 0) | 204 | else if (strcmp(*argv,"-tls1") == 0) |
| @@ -311,31 +324,36 @@ bad: | |||
| 311 | } | 324 | } |
| 312 | 325 | ||
| 313 | #ifndef NO_DH | 326 | #ifndef NO_DH |
| 314 | # ifndef NO_DSA | 327 | if (!no_dhe) |
| 315 | if (dhe1024) | ||
| 316 | { | 328 | { |
| 317 | DSA *dsa; | 329 | # ifndef NO_DSA |
| 318 | 330 | if (dhe1024) | |
| 319 | if (verbose) | ||
| 320 | { | 331 | { |
| 321 | fprintf(stdout, "Creating 1024 bit DHE parameters ..."); | 332 | DSA *dsa; |
| 322 | fflush(stdout); | 333 | unsigned char seed[20]; |
| 334 | |||
| 335 | if (verbose) | ||
| 336 | { | ||
| 337 | BIO_printf(bio_err, "Creating 1024 bit DHE parameters\n"); | ||
| 338 | BIO_flush(bio_err); | ||
| 339 | } | ||
| 340 | |||
| 341 | memcpy(seed, "Random String no. 12", 20); | ||
| 342 | dsa = DSA_generate_parameters(1024, seed, 20, NULL, NULL, dsa_cb, bio_err); | ||
| 343 | dh = DSA_dup_DH(dsa); | ||
| 344 | DSA_free(dsa); | ||
| 345 | /* important: SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */ | ||
| 346 | SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE); | ||
| 347 | |||
| 348 | if (verbose) | ||
| 349 | fprintf(stdout, " done\n"); | ||
| 323 | } | 350 | } |
| 324 | 351 | else | |
| 325 | dsa = DSA_generate_parameters(1024, NULL, 0, NULL, NULL, 0, NULL); | ||
| 326 | dh = DSA_dup_DH(dsa); | ||
| 327 | DSA_free(dsa); | ||
| 328 | /* important: SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */ | ||
| 329 | SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE); | ||
| 330 | |||
| 331 | if (verbose) | ||
| 332 | fprintf(stdout, " done\n"); | ||
| 333 | } | ||
| 334 | else | ||
| 335 | # endif | 352 | # endif |
| 336 | dh=get_dh512(); | 353 | dh=get_dh512(); |
| 337 | SSL_CTX_set_tmp_dh(s_ctx,dh); | 354 | SSL_CTX_set_tmp_dh(s_ctx,dh); |
| 338 | DH_free(dh); | 355 | DH_free(dh); |
| 356 | } | ||
| 339 | #endif | 357 | #endif |
| 340 | 358 | ||
| 341 | #ifndef NO_RSA | 359 | #ifndef NO_RSA |
| @@ -373,17 +391,22 @@ bad: | |||
| 373 | 391 | ||
| 374 | if (client_auth) | 392 | if (client_auth) |
| 375 | { | 393 | { |
| 376 | fprintf(stderr,"client authentication\n"); | 394 | BIO_printf(bio_err,"client authentication\n"); |
| 377 | SSL_CTX_set_verify(s_ctx, | 395 | SSL_CTX_set_verify(s_ctx, |
| 378 | SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, | 396 | SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, |
| 379 | verify_callback); | 397 | verify_callback); |
| 380 | } | 398 | } |
| 381 | if (server_auth) | 399 | if (server_auth) |
| 382 | { | 400 | { |
| 383 | fprintf(stderr,"server authentication\n"); | 401 | BIO_printf(bio_err,"server authentication\n"); |
| 384 | SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER, | 402 | SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER, |
| 385 | verify_callback); | 403 | verify_callback); |
| 386 | } | 404 | } |
| 405 | |||
| 406 | { | ||
| 407 | int session_id_context = 0; | ||
| 408 | SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, sizeof session_id_context); | ||
| 409 | } | ||
| 387 | 410 | ||
| 388 | c_ssl=SSL_new(c_ctx); | 411 | c_ssl=SSL_new(c_ctx); |
| 389 | s_ssl=SSL_new(s_ctx); | 412 | s_ssl=SSL_new(s_ctx); |
| @@ -400,13 +423,13 @@ bad: | |||
| 400 | if (!verbose) | 423 | if (!verbose) |
| 401 | { | 424 | { |
| 402 | ciph=SSL_get_current_cipher(c_ssl); | 425 | ciph=SSL_get_current_cipher(c_ssl); |
| 403 | fprintf(stdout,"Protocol %s, cipher %s, %s\n", | 426 | BIO_printf(bio_stdout,"Protocol %s, cipher %s, %s\n", |
| 404 | SSL_get_version(c_ssl), | 427 | SSL_get_version(c_ssl), |
| 405 | SSL_CIPHER_get_version(ciph), | 428 | SSL_CIPHER_get_version(ciph), |
| 406 | SSL_CIPHER_get_name(ciph)); | 429 | SSL_CIPHER_get_name(ciph)); |
| 407 | } | 430 | } |
| 408 | if ((number > 1) || (bytes > 1L)) | 431 | if ((number > 1) || (bytes > 1L)) |
| 409 | printf("%d handshakes of %ld bytes done\n",number,bytes); | 432 | BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",number,bytes); |
| 410 | 433 | ||
| 411 | SSL_free(s_ssl); | 434 | SSL_free(s_ssl); |
| 412 | SSL_free(c_ssl); | 435 | SSL_free(c_ssl); |
| @@ -421,6 +444,7 @@ end: | |||
| 421 | ERR_remove_state(0); | 444 | ERR_remove_state(0); |
| 422 | EVP_cleanup(); | 445 | EVP_cleanup(); |
| 423 | CRYPTO_mem_leaks(bio_err); | 446 | CRYPTO_mem_leaks(bio_err); |
| 447 | if (bio_err != NULL) BIO_free(bio_err); | ||
| 424 | EXIT(ret); | 448 | EXIT(ret); |
| 425 | } | 449 | } |
| 426 | 450 | ||
| @@ -485,7 +509,7 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count) | |||
| 485 | * BIO_ctrl_pending(bio) number of bytes we can read now | 509 | * BIO_ctrl_pending(bio) number of bytes we can read now |
| 486 | * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil | 510 | * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil |
| 487 | * other side's read attempt | 511 | * other side's read attempt |
| 488 | * BIO_ctrl_get_write_gurantee(bio) number of bytes we can write now | 512 | * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now |
| 489 | * | 513 | * |
| 490 | * ..._read_request is never more than ..._write_guarantee; | 514 | * ..._read_request is never more than ..._write_guarantee; |
| 491 | * it depends on the application which one you should use. | 515 | * it depends on the application which one you should use. |
| @@ -517,7 +541,7 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count) | |||
| 517 | else | 541 | else |
| 518 | i = (int)cw_num; | 542 | i = (int)cw_num; |
| 519 | r = BIO_write(c_ssl_bio, cbuf, i); | 543 | r = BIO_write(c_ssl_bio, cbuf, i); |
| 520 | if (r == -1) | 544 | if (r < 0) |
| 521 | { | 545 | { |
| 522 | if (!BIO_should_retry(c_ssl_bio)) | 546 | if (!BIO_should_retry(c_ssl_bio)) |
| 523 | { | 547 | { |
| @@ -590,7 +614,7 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count) | |||
| 590 | else | 614 | else |
| 591 | i = (int)sw_num; | 615 | i = (int)sw_num; |
| 592 | r = BIO_write(s_ssl_bio, sbuf, i); | 616 | r = BIO_write(s_ssl_bio, sbuf, i); |
| 593 | if (r == -1) | 617 | if (r < 0) |
| 594 | { | 618 | { |
| 595 | if (!BIO_should_retry(s_ssl_bio)) | 619 | if (!BIO_should_retry(s_ssl_bio)) |
| 596 | { | 620 | { |
| @@ -643,45 +667,40 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count) | |||
| 643 | { | 667 | { |
| 644 | /* "I/O" BETWEEN CLIENT AND SERVER. */ | 668 | /* "I/O" BETWEEN CLIENT AND SERVER. */ |
| 645 | 669 | ||
| 646 | #define RELAYBUFSIZ 200 | ||
| 647 | static char buf[RELAYBUFSIZ]; | ||
| 648 | |||
| 649 | /* RELAYBUF is arbitrary. When writing data over some real | ||
| 650 | * network, use a buffer of the same size as in the BIO_pipe | ||
| 651 | * and make that size large (for reading from the network | ||
| 652 | * small buffers usually won't hurt). | ||
| 653 | * Here sizes differ for testing. */ | ||
| 654 | |||
| 655 | size_t r1, r2; | 670 | size_t r1, r2; |
| 656 | size_t num; | 671 | BIO *io1 = server_io, *io2 = client_io; |
| 657 | int r; | 672 | /* we use the non-copying interface for io1 |
| 673 | * and the standard BIO_write/BIO_read interface for io2 | ||
| 674 | */ | ||
| 675 | |||
| 658 | static int prev_progress = 1; | 676 | static int prev_progress = 1; |
| 659 | int progress = 0; | 677 | int progress = 0; |
| 660 | 678 | ||
| 661 | /* client to server */ | 679 | /* io1 to io2 */ |
| 662 | do | 680 | do |
| 663 | { | 681 | { |
| 664 | r1 = BIO_ctrl_pending(client_io); | 682 | size_t num; |
| 665 | r2 = BIO_ctrl_get_write_guarantee(server_io); | 683 | int r; |
| 684 | |||
| 685 | r1 = BIO_ctrl_pending(io1); | ||
| 686 | r2 = BIO_ctrl_get_write_guarantee(io2); | ||
| 666 | 687 | ||
| 667 | num = r1; | 688 | num = r1; |
| 668 | if (r2 < num) | 689 | if (r2 < num) |
| 669 | num = r2; | 690 | num = r2; |
| 670 | if (num) | 691 | if (num) |
| 671 | { | 692 | { |
| 672 | if (sizeof buf < num) | 693 | char *dataptr; |
| 673 | num = sizeof buf; | 694 | |
| 674 | if (INT_MAX < num) /* yeah, right */ | 695 | if (INT_MAX < num) /* yeah, right */ |
| 675 | num = INT_MAX; | 696 | num = INT_MAX; |
| 676 | 697 | ||
| 677 | r = BIO_read(client_io, buf, (int)num); | 698 | r = BIO_nread(io1, &dataptr, (int)num); |
| 678 | if (r != (int)num) /* can't happen */ | 699 | assert(r > 0); |
| 679 | { | 700 | assert(r <= (int)num); |
| 680 | fprintf(stderr, "ERROR: BIO_read could not read " | 701 | /* possibly r < num (non-contiguous data) */ |
| 681 | "BIO_ctrl_pending() bytes"); | 702 | num = r; |
| 682 | goto err; | 703 | r = BIO_write(io2, dataptr, (int)num); |
| 683 | } | ||
| 684 | r = BIO_write(server_io, buf, (int)num); | ||
| 685 | if (r != (int)num) /* can't happen */ | 704 | if (r != (int)num) /* can't happen */ |
| 686 | { | 705 | { |
| 687 | fprintf(stderr, "ERROR: BIO_write could not write " | 706 | fprintf(stderr, "ERROR: BIO_write could not write " |
| @@ -691,48 +710,58 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count) | |||
| 691 | progress = 1; | 710 | progress = 1; |
| 692 | 711 | ||
| 693 | if (debug) | 712 | if (debug) |
| 694 | printf("C->S relaying: %d bytes\n", (int)num); | 713 | printf((io1 == client_io) ? |
| 714 | "C->S relaying: %d bytes\n" : | ||
| 715 | "S->C relaying: %d bytes\n", | ||
| 716 | (int)num); | ||
| 695 | } | 717 | } |
| 696 | } | 718 | } |
| 697 | while (r1 && r2); | 719 | while (r1 && r2); |
| 698 | 720 | ||
| 699 | /* server to client */ | 721 | /* io2 to io1 */ |
| 700 | do | 722 | { |
| 701 | { | 723 | size_t num; |
| 702 | r1 = BIO_ctrl_pending(server_io); | 724 | int r; |
| 703 | r2 = BIO_ctrl_get_write_guarantee(client_io); | 725 | |
| 704 | 726 | r1 = BIO_ctrl_pending(io2); | |
| 727 | r2 = BIO_ctrl_get_read_request(io1); | ||
| 728 | /* here we could use ..._get_write_guarantee instead of | ||
| 729 | * ..._get_read_request, but by using the latter | ||
| 730 | * we test restartability of the SSL implementation | ||
| 731 | * more thoroughly */ | ||
| 705 | num = r1; | 732 | num = r1; |
| 706 | if (r2 < num) | 733 | if (r2 < num) |
| 707 | num = r2; | 734 | num = r2; |
| 708 | if (num) | 735 | if (num) |
| 709 | { | 736 | { |
| 710 | if (sizeof buf < num) | 737 | char *dataptr; |
| 711 | num = sizeof buf; | 738 | |
| 712 | if (INT_MAX < num) | 739 | if (INT_MAX < num) |
| 713 | num = INT_MAX; | 740 | num = INT_MAX; |
| 741 | |||
| 742 | if (num > 1) | ||
| 743 | --num; /* test restartability even more thoroughly */ | ||
| 714 | 744 | ||
| 715 | r = BIO_read(server_io, buf, (int)num); | 745 | r = BIO_nwrite(io1, &dataptr, (int)num); |
| 746 | assert(r > 0); | ||
| 747 | assert(r <= (int)num); | ||
| 748 | num = r; | ||
| 749 | r = BIO_read(io2, dataptr, (int)num); | ||
| 716 | if (r != (int)num) /* can't happen */ | 750 | if (r != (int)num) /* can't happen */ |
| 717 | { | 751 | { |
| 718 | fprintf(stderr, "ERROR: BIO_read could not read " | 752 | fprintf(stderr, "ERROR: BIO_read could not read " |
| 719 | "BIO_ctrl_pending() bytes"); | 753 | "BIO_ctrl_pending() bytes"); |
| 720 | goto err; | 754 | goto err; |
| 721 | } | 755 | } |
| 722 | r = BIO_write(client_io, buf, (int)num); | ||
| 723 | if (r != (int)num) /* can't happen */ | ||
| 724 | { | ||
| 725 | fprintf(stderr, "ERROR: BIO_write could not write " | ||
| 726 | "BIO_ctrl_get_write_guarantee() bytes"); | ||
| 727 | goto err; | ||
| 728 | } | ||
| 729 | progress = 1; | 756 | progress = 1; |
| 730 | 757 | ||
| 731 | if (debug) | 758 | if (debug) |
| 732 | printf("S->C relaying: %d bytes\n", (int)num); | 759 | printf((io2 == client_io) ? |
| 760 | "C->S relaying: %d bytes\n" : | ||
| 761 | "S->C relaying: %d bytes\n", | ||
| 762 | (int)num); | ||
| 733 | } | 763 | } |
| 734 | } | 764 | } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */ |
| 735 | while (r1 && r2); | ||
| 736 | 765 | ||
| 737 | if (!progress && !prev_progress) | 766 | if (!progress && !prev_progress) |
| 738 | if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) | 767 | if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) |
| @@ -1091,7 +1120,7 @@ err: | |||
| 1091 | return(ret); | 1120 | return(ret); |
| 1092 | } | 1121 | } |
| 1093 | 1122 | ||
| 1094 | int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) | 1123 | static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) |
| 1095 | { | 1124 | { |
| 1096 | char *s,buf[256]; | 1125 | char *s,buf[256]; |
| 1097 | 1126 | ||
| @@ -1161,3 +1190,24 @@ static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) | |||
| 1161 | return(rsa_tmp); | 1190 | return(rsa_tmp); |
| 1162 | } | 1191 | } |
| 1163 | #endif | 1192 | #endif |
| 1193 | |||
| 1194 | #ifndef NO_DSA | ||
| 1195 | static void MS_CALLBACK dsa_cb(int p, int n, void *arg) | ||
| 1196 | { | ||
| 1197 | char c='*'; | ||
| 1198 | static int ok=0,num=0; | ||
| 1199 | |||
| 1200 | if (p == 0) { c='.'; num++; }; | ||
| 1201 | if (p == 1) c='+'; | ||
| 1202 | if (p == 2) { c='*'; ok++; } | ||
| 1203 | if (p == 3) c='\n'; | ||
| 1204 | BIO_write(arg,&c,1); | ||
| 1205 | (void)BIO_flush(arg); | ||
| 1206 | |||
| 1207 | if (!ok && (p == 0) && (num > 1)) | ||
| 1208 | { | ||
| 1209 | BIO_printf((BIO *)arg,"error in dsatest\n"); | ||
| 1210 | exit(1); | ||
| 1211 | } | ||
| 1212 | } | ||
| 1213 | #endif | ||