summaryrefslogtreecommitdiff
path: root/src/usr.bin/openssl/s_client.c
diff options
context:
space:
mode:
authortb <>2023-03-06 14:32:06 +0000
committertb <>2023-03-06 14:32:06 +0000
commit6c965e26b1a93da63948edae6b68564be1ded507 (patch)
treebbe07d6e06b695cebe22802551f2db0a61354d7c /src/usr.bin/openssl/s_client.c
parent48e828ea26ee91710242131cd75cd9d1d20b773c (diff)
downloadopenbsd-6c965e26b1a93da63948edae6b68564be1ded507.tar.gz
openbsd-6c965e26b1a93da63948edae6b68564be1ded507.tar.bz2
openbsd-6c965e26b1a93da63948edae6b68564be1ded507.zip
Rename struct ${app}_config to plain cfg
All the structs are static and we need to reach into them many times. Having a shorter name is more concise and results in less visual clutter. It also avoids many overlong lines and we will be able to get rid of some unfortunate line wrapping down the road. Discussed with jsing
Diffstat (limited to 'src/usr.bin/openssl/s_client.c')
-rw-r--r--src/usr.bin/openssl/s_client.c412
1 files changed, 206 insertions, 206 deletions
diff --git a/src/usr.bin/openssl/s_client.c b/src/usr.bin/openssl/s_client.c
index 41f6502325..82a8128243 100644
--- a/src/usr.bin/openssl/s_client.c
+++ b/src/usr.bin/openssl/s_client.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s_client.c,v 1.59 2022/11/11 17:07:39 joshua Exp $ */ 1/* $OpenBSD: s_client.c,v 1.60 2023/03/06 14:32:06 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -246,16 +246,16 @@ static struct {
246 int verify; 246 int verify;
247 X509_VERIFY_PARAM *vpm; 247 X509_VERIFY_PARAM *vpm;
248 char *xmpphost; 248 char *xmpphost;
249} s_client_config; 249} cfg;
250 250
251static int 251static int
252s_client_opt_keymatexportlen(char *arg) 252s_client_opt_keymatexportlen(char *arg)
253{ 253{
254 s_client_config.keymatexportlen = strtonum(arg, 1, INT_MAX, 254 cfg.keymatexportlen = strtonum(arg, 1, INT_MAX,
255 &s_client_config.errstr); 255 &cfg.errstr);
256 if (s_client_config.errstr != NULL) { 256 if (cfg.errstr != NULL) {
257 BIO_printf(bio_err, "invalid argument %s: %s\n", 257 BIO_printf(bio_err, "invalid argument %s: %s\n",
258 arg, s_client_config.errstr); 258 arg, cfg.errstr);
259 return (1); 259 return (1);
260 } 260 }
261 return (0); 261 return (0);
@@ -265,11 +265,11 @@ s_client_opt_keymatexportlen(char *arg)
265static int 265static int
266s_client_opt_mtu(char *arg) 266s_client_opt_mtu(char *arg)
267{ 267{
268 s_client_config.socket_mtu = strtonum(arg, 0, LONG_MAX, 268 cfg.socket_mtu = strtonum(arg, 0, LONG_MAX,
269 &s_client_config.errstr); 269 &cfg.errstr);
270 if (s_client_config.errstr != NULL) { 270 if (cfg.errstr != NULL) {
271 BIO_printf(bio_err, "invalid argument %s: %s\n", 271 BIO_printf(bio_err, "invalid argument %s: %s\n",
272 arg, s_client_config.errstr); 272 arg, cfg.errstr);
273 return (1); 273 return (1);
274 } 274 }
275 return (0); 275 return (0);
@@ -282,7 +282,7 @@ s_client_opt_port(char *arg)
282 if (*arg == '\0') 282 if (*arg == '\0')
283 return (1); 283 return (1);
284 284
285 s_client_config.port = arg; 285 cfg.port = arg;
286 return (0); 286 return (0);
287} 287}
288 288
@@ -290,8 +290,8 @@ s_client_opt_port(char *arg)
290static int 290static int
291s_client_opt_protocol_version_dtls(void) 291s_client_opt_protocol_version_dtls(void)
292{ 292{
293 s_client_config.meth = DTLS_client_method(); 293 cfg.meth = DTLS_client_method();
294 s_client_config.socket_type = SOCK_DGRAM; 294 cfg.socket_type = SOCK_DGRAM;
295 return (0); 295 return (0);
296} 296}
297#endif 297#endif
@@ -300,10 +300,10 @@ s_client_opt_protocol_version_dtls(void)
300static int 300static int
301s_client_opt_protocol_version_dtls1(void) 301s_client_opt_protocol_version_dtls1(void)
302{ 302{
303 s_client_config.meth = DTLS_client_method(); 303 cfg.meth = DTLS_client_method();
304 s_client_config.min_version = DTLS1_VERSION; 304 cfg.min_version = DTLS1_VERSION;
305 s_client_config.max_version = DTLS1_VERSION; 305 cfg.max_version = DTLS1_VERSION;
306 s_client_config.socket_type = SOCK_DGRAM; 306 cfg.socket_type = SOCK_DGRAM;
307 return (0); 307 return (0);
308} 308}
309#endif 309#endif
@@ -312,10 +312,10 @@ s_client_opt_protocol_version_dtls1(void)
312static int 312static int
313s_client_opt_protocol_version_dtls1_2(void) 313s_client_opt_protocol_version_dtls1_2(void)
314{ 314{
315 s_client_config.meth = DTLS_client_method(); 315 cfg.meth = DTLS_client_method();
316 s_client_config.min_version = DTLS1_2_VERSION; 316 cfg.min_version = DTLS1_2_VERSION;
317 s_client_config.max_version = DTLS1_2_VERSION; 317 cfg.max_version = DTLS1_2_VERSION;
318 s_client_config.socket_type = SOCK_DGRAM; 318 cfg.socket_type = SOCK_DGRAM;
319 return (0); 319 return (0);
320} 320}
321#endif 321#endif
@@ -323,40 +323,40 @@ s_client_opt_protocol_version_dtls1_2(void)
323static int 323static int
324s_client_opt_protocol_version_tls1(void) 324s_client_opt_protocol_version_tls1(void)
325{ 325{
326 s_client_config.min_version = TLS1_VERSION; 326 cfg.min_version = TLS1_VERSION;
327 s_client_config.max_version = TLS1_VERSION; 327 cfg.max_version = TLS1_VERSION;
328 return (0); 328 return (0);
329} 329}
330 330
331static int 331static int
332s_client_opt_protocol_version_tls1_1(void) 332s_client_opt_protocol_version_tls1_1(void)
333{ 333{
334 s_client_config.min_version = TLS1_1_VERSION; 334 cfg.min_version = TLS1_1_VERSION;
335 s_client_config.max_version = TLS1_1_VERSION; 335 cfg.max_version = TLS1_1_VERSION;
336 return (0); 336 return (0);
337} 337}
338 338
339static int 339static int
340s_client_opt_protocol_version_tls1_2(void) 340s_client_opt_protocol_version_tls1_2(void)
341{ 341{
342 s_client_config.min_version = TLS1_2_VERSION; 342 cfg.min_version = TLS1_2_VERSION;
343 s_client_config.max_version = TLS1_2_VERSION; 343 cfg.max_version = TLS1_2_VERSION;
344 return (0); 344 return (0);
345} 345}
346 346
347static int 347static int
348s_client_opt_protocol_version_tls1_3(void) 348s_client_opt_protocol_version_tls1_3(void)
349{ 349{
350 s_client_config.min_version = TLS1_3_VERSION; 350 cfg.min_version = TLS1_3_VERSION;
351 s_client_config.max_version = TLS1_3_VERSION; 351 cfg.max_version = TLS1_3_VERSION;
352 return (0); 352 return (0);
353} 353}
354 354
355static int 355static int
356s_client_opt_quiet(void) 356s_client_opt_quiet(void)
357{ 357{
358 s_client_config.quiet = 1; 358 cfg.quiet = 1;
359 s_client_config.ign_eof = 1; 359 cfg.ign_eof = 1;
360 return (0); 360 return (0);
361} 361}
362 362
@@ -364,17 +364,17 @@ static int
364s_client_opt_starttls(char *arg) 364s_client_opt_starttls(char *arg)
365{ 365{
366 if (strcmp(arg, "smtp") == 0) 366 if (strcmp(arg, "smtp") == 0)
367 s_client_config.starttls_proto = PROTO_SMTP; 367 cfg.starttls_proto = PROTO_SMTP;
368 else if (strcmp(arg, "lmtp") == 0) 368 else if (strcmp(arg, "lmtp") == 0)
369 s_client_config.starttls_proto = PROTO_LMTP; 369 cfg.starttls_proto = PROTO_LMTP;
370 else if (strcmp(arg, "pop3") == 0) 370 else if (strcmp(arg, "pop3") == 0)
371 s_client_config.starttls_proto = PROTO_POP3; 371 cfg.starttls_proto = PROTO_POP3;
372 else if (strcmp(arg, "imap") == 0) 372 else if (strcmp(arg, "imap") == 0)
373 s_client_config.starttls_proto = PROTO_IMAP; 373 cfg.starttls_proto = PROTO_IMAP;
374 else if (strcmp(arg, "ftp") == 0) 374 else if (strcmp(arg, "ftp") == 0)
375 s_client_config.starttls_proto = PROTO_FTP; 375 cfg.starttls_proto = PROTO_FTP;
376 else if (strcmp(arg, "xmpp") == 0) 376 else if (strcmp(arg, "xmpp") == 0)
377 s_client_config.starttls_proto = PROTO_XMPP; 377 cfg.starttls_proto = PROTO_XMPP;
378 else 378 else
379 return (1); 379 return (1);
380 return (0); 380 return (0);
@@ -383,12 +383,12 @@ s_client_opt_starttls(char *arg)
383static int 383static int
384s_client_opt_verify(char *arg) 384s_client_opt_verify(char *arg)
385{ 385{
386 s_client_config.verify = SSL_VERIFY_PEER; 386 cfg.verify = SSL_VERIFY_PEER;
387 387
388 verify_depth = strtonum(arg, 0, INT_MAX, &s_client_config.errstr); 388 verify_depth = strtonum(arg, 0, INT_MAX, &cfg.errstr);
389 if (s_client_config.errstr != NULL) { 389 if (cfg.errstr != NULL) {
390 BIO_printf(bio_err, "invalid argument %s: %s\n", 390 BIO_printf(bio_err, "invalid argument %s: %s\n",
391 arg, s_client_config.errstr); 391 arg, cfg.errstr);
392 return (1); 392 return (1);
393 } 393 }
394 BIO_printf(bio_err, "verify depth is %d\n", verify_depth); 394 BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
@@ -403,7 +403,7 @@ s_client_opt_verify_param(int argc, char **argv, int *argsused)
403 int badarg = 0; 403 int badarg = 0;
404 404
405 if (!args_verify(&pargs, &pargc, &badarg, bio_err, 405 if (!args_verify(&pargs, &pargc, &badarg, bio_err,
406 &s_client_config.vpm)) { 406 &cfg.vpm)) {
407 BIO_printf(bio_err, "unknown option %s\n", *argv); 407 BIO_printf(bio_err, "unknown option %s\n", *argv);
408 return (1); 408 return (1);
409 } 409 }
@@ -419,14 +419,14 @@ static const struct option s_client_options[] = {
419 .name = "4", 419 .name = "4",
420 .desc = "Use IPv4 only", 420 .desc = "Use IPv4 only",
421 .type = OPTION_VALUE, 421 .type = OPTION_VALUE,
422 .opt.value = &s_client_config.af, 422 .opt.value = &cfg.af,
423 .value = AF_INET, 423 .value = AF_INET,
424 }, 424 },
425 { 425 {
426 .name = "6", 426 .name = "6",
427 .desc = "Use IPv6 only", 427 .desc = "Use IPv6 only",
428 .type = OPTION_VALUE, 428 .type = OPTION_VALUE,
429 .opt.value = &s_client_config.af, 429 .opt.value = &cfg.af,
430 .value = AF_INET6, 430 .value = AF_INET6,
431 }, 431 },
432 { 432 {
@@ -435,67 +435,67 @@ static const struct option s_client_options[] = {
435 .desc = "Set the advertised protocols for ALPN" 435 .desc = "Set the advertised protocols for ALPN"
436 " (comma-separated list)", 436 " (comma-separated list)",
437 .type = OPTION_ARG, 437 .type = OPTION_ARG,
438 .opt.arg = &s_client_config.alpn_in, 438 .opt.arg = &cfg.alpn_in,
439 }, 439 },
440 { 440 {
441 .name = "bugs", 441 .name = "bugs",
442 .desc = "Enable various workarounds for buggy implementations", 442 .desc = "Enable various workarounds for buggy implementations",
443 .type = OPTION_FLAG, 443 .type = OPTION_FLAG,
444 .opt.flag = &s_client_config.bugs, 444 .opt.flag = &cfg.bugs,
445 }, 445 },
446 { 446 {
447 .name = "CAfile", 447 .name = "CAfile",
448 .argname = "file", 448 .argname = "file",
449 .desc = "PEM format file of CA certificates", 449 .desc = "PEM format file of CA certificates",
450 .type = OPTION_ARG, 450 .type = OPTION_ARG,
451 .opt.arg = &s_client_config.CAfile, 451 .opt.arg = &cfg.CAfile,
452 }, 452 },
453 { 453 {
454 .name = "CApath", 454 .name = "CApath",
455 .argname = "directory", 455 .argname = "directory",
456 .desc = "PEM format directory of CA certificates", 456 .desc = "PEM format directory of CA certificates",
457 .type = OPTION_ARG, 457 .type = OPTION_ARG,
458 .opt.arg = &s_client_config.CApath, 458 .opt.arg = &cfg.CApath,
459 }, 459 },
460 { 460 {
461 .name = "cert", 461 .name = "cert",
462 .argname = "file", 462 .argname = "file",
463 .desc = "Certificate file to use, PEM format assumed", 463 .desc = "Certificate file to use, PEM format assumed",
464 .type = OPTION_ARG, 464 .type = OPTION_ARG,
465 .opt.arg = &s_client_config.cert_file, 465 .opt.arg = &cfg.cert_file,
466 }, 466 },
467 { 467 {
468 .name = "certform", 468 .name = "certform",
469 .argname = "fmt", 469 .argname = "fmt",
470 .desc = "Certificate format (PEM or DER) PEM default", 470 .desc = "Certificate format (PEM or DER) PEM default",
471 .type = OPTION_ARG_FORMAT, 471 .type = OPTION_ARG_FORMAT,
472 .opt.value = &s_client_config.cert_format, 472 .opt.value = &cfg.cert_format,
473 }, 473 },
474 { 474 {
475 .name = "cipher", 475 .name = "cipher",
476 .argname = "cipherlist", 476 .argname = "cipherlist",
477 .desc = "Preferred cipher to use (see 'openssl ciphers')", 477 .desc = "Preferred cipher to use (see 'openssl ciphers')",
478 .type = OPTION_ARG, 478 .type = OPTION_ARG,
479 .opt.arg = &s_client_config.cipher, 479 .opt.arg = &cfg.cipher,
480 }, 480 },
481 { 481 {
482 .name = "connect", 482 .name = "connect",
483 .argname = "host:port", 483 .argname = "host:port",
484 .desc = "Who to connect to (default is localhost:4433)", 484 .desc = "Who to connect to (default is localhost:4433)",
485 .type = OPTION_ARG, 485 .type = OPTION_ARG,
486 .opt.arg = &s_client_config.connect, 486 .opt.arg = &cfg.connect,
487 }, 487 },
488 { 488 {
489 .name = "crlf", 489 .name = "crlf",
490 .desc = "Convert LF from terminal into CRLF", 490 .desc = "Convert LF from terminal into CRLF",
491 .type = OPTION_FLAG, 491 .type = OPTION_FLAG,
492 .opt.flag = &s_client_config.crlf, 492 .opt.flag = &cfg.crlf,
493 }, 493 },
494 { 494 {
495 .name = "debug", 495 .name = "debug",
496 .desc = "Print extensive debugging information", 496 .desc = "Print extensive debugging information",
497 .type = OPTION_FLAG, 497 .type = OPTION_FLAG,
498 .opt.flag = &s_client_config.debug, 498 .opt.flag = &cfg.debug,
499 }, 499 },
500#ifndef OPENSSL_NO_DTLS 500#ifndef OPENSSL_NO_DTLS
501 { 501 {
@@ -526,20 +526,20 @@ static const struct option s_client_options[] = {
526 .argname = "list", 526 .argname = "list",
527 .desc = "Specify EC groups (colon-separated list)", 527 .desc = "Specify EC groups (colon-separated list)",
528 .type = OPTION_ARG, 528 .type = OPTION_ARG,
529 .opt.arg = &s_client_config.groups_in, 529 .opt.arg = &cfg.groups_in,
530 }, 530 },
531 { 531 {
532 .name = "host", 532 .name = "host",
533 .argname = "host", 533 .argname = "host",
534 .desc = "Use -connect instead", 534 .desc = "Use -connect instead",
535 .type = OPTION_ARG, 535 .type = OPTION_ARG,
536 .opt.arg = &s_client_config.host, 536 .opt.arg = &cfg.host,
537 }, 537 },
538 { 538 {
539 .name = "ign_eof", 539 .name = "ign_eof",
540 .desc = "Ignore input EOF (default when -quiet)", 540 .desc = "Ignore input EOF (default when -quiet)",
541 .type = OPTION_VALUE, 541 .type = OPTION_VALUE,
542 .opt.value = &s_client_config.ign_eof, 542 .opt.value = &cfg.ign_eof,
543 .value = 1, 543 .value = 1,
544 }, 544 },
545 { 545 {
@@ -547,21 +547,21 @@ static const struct option s_client_options[] = {
547 .argname = "file", 547 .argname = "file",
548 .desc = "Private key file to use, if not, -cert file is used", 548 .desc = "Private key file to use, if not, -cert file is used",
549 .type = OPTION_ARG, 549 .type = OPTION_ARG,
550 .opt.arg = &s_client_config.key_file, 550 .opt.arg = &cfg.key_file,
551 }, 551 },
552 { 552 {
553 .name = "keyform", 553 .name = "keyform",
554 .argname = "fmt", 554 .argname = "fmt",
555 .desc = "Key format (PEM or DER) PEM default", 555 .desc = "Key format (PEM or DER) PEM default",
556 .type = OPTION_ARG_FORMAT, 556 .type = OPTION_ARG_FORMAT,
557 .opt.value = &s_client_config.key_format, 557 .opt.value = &cfg.key_format,
558 }, 558 },
559 { 559 {
560 .name = "keymatexport", 560 .name = "keymatexport",
561 .argname = "label", 561 .argname = "label",
562 .desc = "Export keying material using label", 562 .desc = "Export keying material using label",
563 .type = OPTION_ARG, 563 .type = OPTION_ARG,
564 .opt.arg = &s_client_config.keymatexportlabel, 564 .opt.arg = &cfg.keymatexportlabel,
565 }, 565 },
566 { 566 {
567 .name = "keymatexportlen", 567 .name = "keymatexportlen",
@@ -578,14 +578,14 @@ static const struct option s_client_options[] = {
578 .name = "legacy_server_connect", 578 .name = "legacy_server_connect",
579 .desc = "Allow initial connection to servers that don't support RI", 579 .desc = "Allow initial connection to servers that don't support RI",
580 .type = OPTION_VALUE_OR, 580 .type = OPTION_VALUE_OR,
581 .opt.value = &s_client_config.off, 581 .opt.value = &cfg.off,
582 .value = SSL_OP_LEGACY_SERVER_CONNECT, 582 .value = SSL_OP_LEGACY_SERVER_CONNECT,
583 }, 583 },
584 { 584 {
585 .name = "msg", 585 .name = "msg",
586 .desc = "Show all protocol messages with hex dump", 586 .desc = "Show all protocol messages with hex dump",
587 .type = OPTION_FLAG, 587 .type = OPTION_FLAG,
588 .opt.flag = &s_client_config.msg, 588 .opt.flag = &cfg.msg,
589 }, 589 },
590#ifndef OPENSSL_NO_DTLS 590#ifndef OPENSSL_NO_DTLS
591 { 591 {
@@ -600,115 +600,115 @@ static const struct option s_client_options[] = {
600 .name = "nbio", 600 .name = "nbio",
601 .desc = "Turn on non-blocking I/O", 601 .desc = "Turn on non-blocking I/O",
602 .type = OPTION_FLAG, 602 .type = OPTION_FLAG,
603 .opt.flag = &s_client_config.nbio, 603 .opt.flag = &cfg.nbio,
604 }, 604 },
605 { 605 {
606 .name = "nbio_test", 606 .name = "nbio_test",
607 .desc = "Test non-blocking I/O", 607 .desc = "Test non-blocking I/O",
608 .type = OPTION_FLAG, 608 .type = OPTION_FLAG,
609 .opt.flag = &s_client_config.nbio_test, 609 .opt.flag = &cfg.nbio_test,
610 }, 610 },
611 { 611 {
612 .name = "nextprotoneg", 612 .name = "nextprotoneg",
613 .argname = "protocols", 613 .argname = "protocols",
614 .type = OPTION_ARG, 614 .type = OPTION_ARG,
615 .opt.arg = &s_client_config.npn_in, /* Ignored. */ 615 .opt.arg = &cfg.npn_in, /* Ignored. */
616 }, 616 },
617 { 617 {
618 .name = "no_comp", 618 .name = "no_comp",
619 .type = OPTION_VALUE_OR, 619 .type = OPTION_VALUE_OR,
620 .opt.value = &s_client_config.off, 620 .opt.value = &cfg.off,
621 .value = SSL_OP_NO_COMPRESSION, 621 .value = SSL_OP_NO_COMPRESSION,
622 }, 622 },
623 { 623 {
624 .name = "no_ign_eof", 624 .name = "no_ign_eof",
625 .desc = "Don't ignore input EOF", 625 .desc = "Don't ignore input EOF",
626 .type = OPTION_VALUE, 626 .type = OPTION_VALUE,
627 .opt.value = &s_client_config.ign_eof, 627 .opt.value = &cfg.ign_eof,
628 .value = 0, 628 .value = 0,
629 }, 629 },
630 { 630 {
631 .name = "no_legacy_server_connect", 631 .name = "no_legacy_server_connect",
632 .desc = "Disallow initial connection to servers that don't support RI", 632 .desc = "Disallow initial connection to servers that don't support RI",
633 .type = OPTION_VALUE_OR, 633 .type = OPTION_VALUE_OR,
634 .opt.value = &s_client_config.clr, 634 .opt.value = &cfg.clr,
635 .value = SSL_OP_LEGACY_SERVER_CONNECT, 635 .value = SSL_OP_LEGACY_SERVER_CONNECT,
636 }, 636 },
637 { 637 {
638 .name = "no_servername", 638 .name = "no_servername",
639 .desc = "Do not send a Server Name Indication (SNI) extension", 639 .desc = "Do not send a Server Name Indication (SNI) extension",
640 .type = OPTION_FLAG, 640 .type = OPTION_FLAG,
641 .opt.value = &s_client_config.no_servername, 641 .opt.value = &cfg.no_servername,
642 }, 642 },
643 { 643 {
644 .name = "no_ssl2", 644 .name = "no_ssl2",
645 .type = OPTION_VALUE_OR, 645 .type = OPTION_VALUE_OR,
646 .opt.value = &s_client_config.off, 646 .opt.value = &cfg.off,
647 .value = SSL_OP_NO_SSLv2, 647 .value = SSL_OP_NO_SSLv2,
648 }, 648 },
649 { 649 {
650 .name = "no_ssl3", 650 .name = "no_ssl3",
651 .type = OPTION_VALUE_OR, 651 .type = OPTION_VALUE_OR,
652 .opt.value = &s_client_config.off, 652 .opt.value = &cfg.off,
653 .value = SSL_OP_NO_SSLv3, 653 .value = SSL_OP_NO_SSLv3,
654 }, 654 },
655 { 655 {
656 .name = "no_ticket", 656 .name = "no_ticket",
657 .desc = "Disable use of RFC4507 session ticket support", 657 .desc = "Disable use of RFC4507 session ticket support",
658 .type = OPTION_VALUE_OR, 658 .type = OPTION_VALUE_OR,
659 .opt.value = &s_client_config.off, 659 .opt.value = &cfg.off,
660 .value = SSL_OP_NO_TICKET, 660 .value = SSL_OP_NO_TICKET,
661 }, 661 },
662 { 662 {
663 .name = "no_tls1", 663 .name = "no_tls1",
664 .desc = "Disable the use of TLSv1", 664 .desc = "Disable the use of TLSv1",
665 .type = OPTION_VALUE_OR, 665 .type = OPTION_VALUE_OR,
666 .opt.value = &s_client_config.off, 666 .opt.value = &cfg.off,
667 .value = SSL_OP_NO_TLSv1, 667 .value = SSL_OP_NO_TLSv1,
668 }, 668 },
669 { 669 {
670 .name = "no_tls1_1", 670 .name = "no_tls1_1",
671 .desc = "Disable the use of TLSv1.1", 671 .desc = "Disable the use of TLSv1.1",
672 .type = OPTION_VALUE_OR, 672 .type = OPTION_VALUE_OR,
673 .opt.value = &s_client_config.off, 673 .opt.value = &cfg.off,
674 .value = SSL_OP_NO_TLSv1_1, 674 .value = SSL_OP_NO_TLSv1_1,
675 }, 675 },
676 { 676 {
677 .name = "no_tls1_2", 677 .name = "no_tls1_2",
678 .desc = "Disable the use of TLSv1.2", 678 .desc = "Disable the use of TLSv1.2",
679 .type = OPTION_VALUE_OR, 679 .type = OPTION_VALUE_OR,
680 .opt.value = &s_client_config.off, 680 .opt.value = &cfg.off,
681 .value = SSL_OP_NO_TLSv1_2, 681 .value = SSL_OP_NO_TLSv1_2,
682 }, 682 },
683 { 683 {
684 .name = "no_tls1_3", 684 .name = "no_tls1_3",
685 .desc = "Disable the use of TLSv1.3", 685 .desc = "Disable the use of TLSv1.3",
686 .type = OPTION_VALUE_OR, 686 .type = OPTION_VALUE_OR,
687 .opt.value = &s_client_config.off, 687 .opt.value = &cfg.off,
688 .value = SSL_OP_NO_TLSv1_3, 688 .value = SSL_OP_NO_TLSv1_3,
689 }, 689 },
690 { 690 {
691 .name = "noservername", 691 .name = "noservername",
692 .type = OPTION_FLAG, 692 .type = OPTION_FLAG,
693 .opt.value = &s_client_config.no_servername, 693 .opt.value = &cfg.no_servername,
694 }, 694 },
695 { 695 {
696 .name = "pass", 696 .name = "pass",
697 .argname = "arg", 697 .argname = "arg",
698 .desc = "Private key file pass phrase source", 698 .desc = "Private key file pass phrase source",
699 .type = OPTION_ARG, 699 .type = OPTION_ARG,
700 .opt.arg = &s_client_config.passarg, 700 .opt.arg = &cfg.passarg,
701 }, 701 },
702 { 702 {
703 .name = "pause", 703 .name = "pause",
704 .desc = "Pause 1 second between each read and write call", 704 .desc = "Pause 1 second between each read and write call",
705 .type = OPTION_FLAG, 705 .type = OPTION_FLAG,
706 .opt.flag = &s_client_config.pause, 706 .opt.flag = &cfg.pause,
707 }, 707 },
708 { 708 {
709 .name = "peekaboo", 709 .name = "peekaboo",
710 .type = OPTION_FLAG, 710 .type = OPTION_FLAG,
711 .opt.flag = &s_client_config.peekaboo, 711 .opt.flag = &cfg.peekaboo,
712 }, 712 },
713 { 713 {
714 .name = "port", 714 .name = "port",
@@ -721,14 +721,14 @@ static const struct option s_client_options[] = {
721 .name = "prexit", 721 .name = "prexit",
722 .desc = "Print session information when the program exits", 722 .desc = "Print session information when the program exits",
723 .type = OPTION_FLAG, 723 .type = OPTION_FLAG,
724 .opt.flag = &s_client_config.prexit, 724 .opt.flag = &cfg.prexit,
725 }, 725 },
726 { 726 {
727 .name = "proxy", 727 .name = "proxy",
728 .argname = "host:port", 728 .argname = "host:port",
729 .desc = "Connect to http proxy", 729 .desc = "Connect to http proxy",
730 .type = OPTION_ARG, 730 .type = OPTION_ARG,
731 .opt.arg = &s_client_config.proxy, 731 .opt.arg = &cfg.proxy,
732 }, 732 },
733 { 733 {
734 .name = "quiet", 734 .name = "quiet",
@@ -740,7 +740,7 @@ static const struct option s_client_options[] = {
740 .name = "reconnect", 740 .name = "reconnect",
741 .desc = "Drop and re-make the connection with the same Session-ID", 741 .desc = "Drop and re-make the connection with the same Session-ID",
742 .type = OPTION_VALUE, 742 .type = OPTION_VALUE,
743 .opt.value = &s_client_config.reconnect, 743 .opt.value = &cfg.reconnect,
744 .value = 5, 744 .value = 5,
745 }, 745 },
746 { 746 {
@@ -748,13 +748,13 @@ static const struct option s_client_options[] = {
748 .argname = "name", 748 .argname = "name",
749 .desc = "Set TLS extension servername in ClientHello (SNI)", 749 .desc = "Set TLS extension servername in ClientHello (SNI)",
750 .type = OPTION_ARG, 750 .type = OPTION_ARG,
751 .opt.arg = &s_client_config.servername, 751 .opt.arg = &cfg.servername,
752 }, 752 },
753 { 753 {
754 .name = "serverpref", 754 .name = "serverpref",
755 .desc = "Use server's cipher preferences", 755 .desc = "Use server's cipher preferences",
756 .type = OPTION_VALUE_OR, 756 .type = OPTION_VALUE_OR,
757 .opt.value = &s_client_config.off, 757 .opt.value = &cfg.off,
758 .value = SSL_OP_CIPHER_SERVER_PREFERENCE, 758 .value = SSL_OP_CIPHER_SERVER_PREFERENCE,
759 }, 759 },
760 { 760 {
@@ -762,20 +762,20 @@ static const struct option s_client_options[] = {
762 .argname = "file", 762 .argname = "file",
763 .desc = "File to read TLS session from", 763 .desc = "File to read TLS session from",
764 .type = OPTION_ARG, 764 .type = OPTION_ARG,
765 .opt.arg = &s_client_config.sess_in, 765 .opt.arg = &cfg.sess_in,
766 }, 766 },
767 { 767 {
768 .name = "sess_out", 768 .name = "sess_out",
769 .argname = "file", 769 .argname = "file",
770 .desc = "File to write TLS session to", 770 .desc = "File to write TLS session to",
771 .type = OPTION_ARG, 771 .type = OPTION_ARG,
772 .opt.arg = &s_client_config.sess_out, 772 .opt.arg = &cfg.sess_out,
773 }, 773 },
774 { 774 {
775 .name = "showcerts", 775 .name = "showcerts",
776 .desc = "Show all server certificates in the chain", 776 .desc = "Show all server certificates in the chain",
777 .type = OPTION_FLAG, 777 .type = OPTION_FLAG,
778 .opt.flag = &s_client_config.showcerts, 778 .opt.flag = &cfg.showcerts,
779 }, 779 },
780 { 780 {
781 .name = "starttls", 781 .name = "starttls",
@@ -789,20 +789,20 @@ static const struct option s_client_options[] = {
789 .name = "state", 789 .name = "state",
790 .desc = "Print the TLS session states", 790 .desc = "Print the TLS session states",
791 .type = OPTION_FLAG, 791 .type = OPTION_FLAG,
792 .opt.flag = &s_client_config.state, 792 .opt.flag = &cfg.state,
793 }, 793 },
794 { 794 {
795 .name = "status", 795 .name = "status",
796 .desc = "Send a certificate status request to the server (OCSP)", 796 .desc = "Send a certificate status request to the server (OCSP)",
797 .type = OPTION_FLAG, 797 .type = OPTION_FLAG,
798 .opt.flag = &s_client_config.status_req, 798 .opt.flag = &cfg.status_req,
799 }, 799 },
800#ifndef OPENSSL_NO_DTLS 800#ifndef OPENSSL_NO_DTLS
801 { 801 {
802 .name = "timeout", 802 .name = "timeout",
803 .desc = "Enable send/receive timeout on DTLS connections", 803 .desc = "Enable send/receive timeout on DTLS connections",
804 .type = OPTION_FLAG, 804 .type = OPTION_FLAG,
805 .opt.flag = &s_client_config.enable_timeouts, 805 .opt.flag = &cfg.enable_timeouts,
806 }, 806 },
807#endif 807#endif
808 { 808 {
@@ -833,7 +833,7 @@ static const struct option s_client_options[] = {
833 .name = "tlsextdebug", 833 .name = "tlsextdebug",
834 .desc = "Hex dump of all TLS extensions received", 834 .desc = "Hex dump of all TLS extensions received",
835 .type = OPTION_FLAG, 835 .type = OPTION_FLAG,
836 .opt.flag = &s_client_config.tlsextdebug, 836 .opt.flag = &cfg.tlsextdebug,
837 }, 837 },
838#ifndef OPENSSL_NO_SRTP 838#ifndef OPENSSL_NO_SRTP
839 { 839 {
@@ -841,7 +841,7 @@ static const struct option s_client_options[] = {
841 .argname = "profiles", 841 .argname = "profiles",
842 .desc = "Offer SRTP key management with a colon-separated profiles", 842 .desc = "Offer SRTP key management with a colon-separated profiles",
843 .type = OPTION_ARG, 843 .type = OPTION_ARG,
844 .opt.arg = &s_client_config.srtp_profiles, 844 .opt.arg = &cfg.srtp_profiles,
845 }, 845 },
846#endif 846#endif
847 { 847 {
@@ -862,7 +862,7 @@ static const struct option s_client_options[] = {
862 .argname = "host", 862 .argname = "host",
863 .desc = "Connect to this virtual host on the xmpp server", 863 .desc = "Connect to this virtual host on the xmpp server",
864 .type = OPTION_ARG, 864 .type = OPTION_ARG,
865 .opt.arg = &s_client_config.xmpphost, 865 .opt.arg = &cfg.xmpphost,
866 }, 866 },
867 { 867 {
868 .name = NULL, 868 .name = NULL,
@@ -928,17 +928,17 @@ s_client_main(int argc, char **argv)
928 exit(1); 928 exit(1);
929 } 929 }
930 930
931 memset(&s_client_config, 0, sizeof(s_client_config)); 931 memset(&cfg, 0, sizeof(cfg));
932 s_client_config.af = AF_UNSPEC; 932 cfg.af = AF_UNSPEC;
933 s_client_config.cert_format = FORMAT_PEM; 933 cfg.cert_format = FORMAT_PEM;
934 s_client_config.host = SSL_HOST_NAME; 934 cfg.host = SSL_HOST_NAME;
935 s_client_config.key_format = FORMAT_PEM; 935 cfg.key_format = FORMAT_PEM;
936 s_client_config.keymatexportlen = 20; 936 cfg.keymatexportlen = 20;
937 s_client_config.meth = TLS_client_method(); 937 cfg.meth = TLS_client_method();
938 s_client_config.port = PORT_STR; 938 cfg.port = PORT_STR;
939 s_client_config.socket_type = SOCK_STREAM; 939 cfg.socket_type = SOCK_STREAM;
940 s_client_config.starttls_proto = PROTO_OFF; 940 cfg.starttls_proto = PROTO_OFF;
941 s_client_config.verify = SSL_VERIFY_NONE; 941 cfg.verify = SSL_VERIFY_NONE;
942 942
943 if (((cbuf = malloc(BUFSIZZ)) == NULL) || 943 if (((cbuf = malloc(BUFSIZZ)) == NULL) ||
944 ((sbuf = malloc(BUFSIZZ)) == NULL) || 944 ((sbuf = malloc(BUFSIZZ)) == NULL) ||
@@ -953,45 +953,45 @@ s_client_main(int argc, char **argv)
953 badop = 1; 953 badop = 1;
954 goto bad; 954 goto bad;
955 } 955 }
956 if (s_client_config.proxy != NULL) { 956 if (cfg.proxy != NULL) {
957 if (!extract_host_port(s_client_config.proxy, 957 if (!extract_host_port(cfg.proxy,
958 &s_client_config.host, NULL, &s_client_config.port)) 958 &cfg.host, NULL, &cfg.port))
959 goto bad; 959 goto bad;
960 if (s_client_config.connect == NULL) 960 if (cfg.connect == NULL)
961 s_client_config.connect = SSL_HOST_NAME; 961 cfg.connect = SSL_HOST_NAME;
962 } else if (s_client_config.connect != NULL) { 962 } else if (cfg.connect != NULL) {
963 if (!extract_host_port(s_client_config.connect, 963 if (!extract_host_port(cfg.connect,
964 &s_client_config.host, NULL, &s_client_config.port)) 964 &cfg.host, NULL, &cfg.port))
965 goto bad; 965 goto bad;
966 } 966 }
967 if (badop) { 967 if (badop) {
968 bad: 968 bad:
969 if (s_client_config.errstr == NULL) 969 if (cfg.errstr == NULL)
970 sc_usage(); 970 sc_usage();
971 goto end; 971 goto end;
972 } 972 }
973 973
974 if (!app_passwd(bio_err, s_client_config.passarg, NULL, &pass, NULL)) { 974 if (!app_passwd(bio_err, cfg.passarg, NULL, &pass, NULL)) {
975 BIO_printf(bio_err, "Error getting password\n"); 975 BIO_printf(bio_err, "Error getting password\n");
976 goto end; 976 goto end;
977 } 977 }
978 if (s_client_config.key_file == NULL) 978 if (cfg.key_file == NULL)
979 s_client_config.key_file = s_client_config.cert_file; 979 cfg.key_file = cfg.cert_file;
980 980
981 981
982 if (s_client_config.key_file) { 982 if (cfg.key_file) {
983 983
984 key = load_key(bio_err, s_client_config.key_file, 984 key = load_key(bio_err, cfg.key_file,
985 s_client_config.key_format, 0, pass, 985 cfg.key_format, 0, pass,
986 "client certificate private key file"); 986 "client certificate private key file");
987 if (!key) { 987 if (!key) {
988 ERR_print_errors(bio_err); 988 ERR_print_errors(bio_err);
989 goto end; 989 goto end;
990 } 990 }
991 } 991 }
992 if (s_client_config.cert_file) { 992 if (cfg.cert_file) {
993 cert = load_cert(bio_err, s_client_config.cert_file, 993 cert = load_cert(bio_err, cfg.cert_file,
994 s_client_config.cert_format, 994 cfg.cert_format,
995 NULL, "client certificate file"); 995 NULL, "client certificate file");
996 996
997 if (!cert) { 997 if (!cert) {
@@ -999,8 +999,8 @@ s_client_main(int argc, char **argv)
999 goto end; 999 goto end;
1000 } 1000 }
1001 } 1001 }
1002 if (s_client_config.quiet && !s_client_config.debug && 1002 if (cfg.quiet && !cfg.debug &&
1003 !s_client_config.msg) { 1003 !cfg.msg) {
1004 if ((bio_c_out = BIO_new(BIO_s_null())) == NULL) 1004 if ((bio_c_out = BIO_new(BIO_s_null())) == NULL)
1005 goto end; 1005 goto end;
1006 } else { 1006 } else {
@@ -1008,7 +1008,7 @@ s_client_main(int argc, char **argv)
1008 goto end; 1008 goto end;
1009 } 1009 }
1010 1010
1011 ctx = SSL_CTX_new(s_client_config.meth); 1011 ctx = SSL_CTX_new(cfg.meth);
1012 if (ctx == NULL) { 1012 if (ctx == NULL) {
1013 ERR_print_errors(bio_err); 1013 ERR_print_errors(bio_err);
1014 goto end; 1014 goto end;
@@ -1016,31 +1016,31 @@ s_client_main(int argc, char **argv)
1016 1016
1017 SSL_CTX_clear_mode(ctx, SSL_MODE_AUTO_RETRY); 1017 SSL_CTX_clear_mode(ctx, SSL_MODE_AUTO_RETRY);
1018 1018
1019 if (s_client_config.vpm) 1019 if (cfg.vpm)
1020 SSL_CTX_set1_param(ctx, s_client_config.vpm); 1020 SSL_CTX_set1_param(ctx, cfg.vpm);
1021 1021
1022 if (!SSL_CTX_set_min_proto_version(ctx, s_client_config.min_version)) 1022 if (!SSL_CTX_set_min_proto_version(ctx, cfg.min_version))
1023 goto end; 1023 goto end;
1024 if (!SSL_CTX_set_max_proto_version(ctx, s_client_config.max_version)) 1024 if (!SSL_CTX_set_max_proto_version(ctx, cfg.max_version))
1025 goto end; 1025 goto end;
1026 1026
1027#ifndef OPENSSL_NO_SRTP 1027#ifndef OPENSSL_NO_SRTP
1028 if (s_client_config.srtp_profiles != NULL) 1028 if (cfg.srtp_profiles != NULL)
1029 SSL_CTX_set_tlsext_use_srtp(ctx, s_client_config.srtp_profiles); 1029 SSL_CTX_set_tlsext_use_srtp(ctx, cfg.srtp_profiles);
1030#endif 1030#endif
1031 if (s_client_config.bugs) 1031 if (cfg.bugs)
1032 SSL_CTX_set_options(ctx, SSL_OP_ALL | s_client_config.off); 1032 SSL_CTX_set_options(ctx, SSL_OP_ALL | cfg.off);
1033 else 1033 else
1034 SSL_CTX_set_options(ctx, s_client_config.off); 1034 SSL_CTX_set_options(ctx, cfg.off);
1035 1035
1036 if (s_client_config.clr) 1036 if (cfg.clr)
1037 SSL_CTX_clear_options(ctx, s_client_config.clr); 1037 SSL_CTX_clear_options(ctx, cfg.clr);
1038 1038
1039 if (s_client_config.alpn_in) { 1039 if (cfg.alpn_in) {
1040 unsigned short alpn_len; 1040 unsigned short alpn_len;
1041 unsigned char *alpn; 1041 unsigned char *alpn;
1042 1042
1043 alpn = next_protos_parse(&alpn_len, s_client_config.alpn_in); 1043 alpn = next_protos_parse(&alpn_len, cfg.alpn_in);
1044 if (alpn == NULL) { 1044 if (alpn == NULL) {
1045 BIO_printf(bio_err, "Error parsing -alpn argument\n"); 1045 BIO_printf(bio_err, "Error parsing -alpn argument\n");
1046 goto end; 1046 goto end;
@@ -1048,42 +1048,42 @@ s_client_main(int argc, char **argv)
1048 SSL_CTX_set_alpn_protos(ctx, alpn, alpn_len); 1048 SSL_CTX_set_alpn_protos(ctx, alpn, alpn_len);
1049 free(alpn); 1049 free(alpn);
1050 } 1050 }
1051 if (s_client_config.groups_in != NULL) { 1051 if (cfg.groups_in != NULL) {
1052 if (SSL_CTX_set1_groups_list(ctx, s_client_config.groups_in) != 1) { 1052 if (SSL_CTX_set1_groups_list(ctx, cfg.groups_in) != 1) {
1053 BIO_printf(bio_err, "Failed to set groups '%s'\n", 1053 BIO_printf(bio_err, "Failed to set groups '%s'\n",
1054 s_client_config.groups_in); 1054 cfg.groups_in);
1055 goto end; 1055 goto end;
1056 } 1056 }
1057 } 1057 }
1058 1058
1059 if (s_client_config.state) 1059 if (cfg.state)
1060 SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback); 1060 SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
1061 if (s_client_config.cipher != NULL) 1061 if (cfg.cipher != NULL)
1062 if (!SSL_CTX_set_cipher_list(ctx, s_client_config.cipher)) { 1062 if (!SSL_CTX_set_cipher_list(ctx, cfg.cipher)) {
1063 BIO_printf(bio_err, "error setting cipher list\n"); 1063 BIO_printf(bio_err, "error setting cipher list\n");
1064 ERR_print_errors(bio_err); 1064 ERR_print_errors(bio_err);
1065 goto end; 1065 goto end;
1066 } 1066 }
1067 1067
1068 SSL_CTX_set_verify(ctx, s_client_config.verify, verify_callback); 1068 SSL_CTX_set_verify(ctx, cfg.verify, verify_callback);
1069 if (!set_cert_key_stuff(ctx, cert, key)) 1069 if (!set_cert_key_stuff(ctx, cert, key))
1070 goto end; 1070 goto end;
1071 1071
1072 if ((s_client_config.CAfile || s_client_config.CApath) 1072 if ((cfg.CAfile || cfg.CApath)
1073 && !SSL_CTX_load_verify_locations(ctx, s_client_config.CAfile, 1073 && !SSL_CTX_load_verify_locations(ctx, cfg.CAfile,
1074 s_client_config.CApath)) 1074 cfg.CApath))
1075 ERR_print_errors(bio_err); 1075 ERR_print_errors(bio_err);
1076 1076
1077 if (!SSL_CTX_set_default_verify_paths(ctx)) 1077 if (!SSL_CTX_set_default_verify_paths(ctx))
1078 ERR_print_errors(bio_err); 1078 ERR_print_errors(bio_err);
1079 1079
1080 con = SSL_new(ctx); 1080 con = SSL_new(ctx);
1081 if (s_client_config.sess_in) { 1081 if (cfg.sess_in) {
1082 SSL_SESSION *sess; 1082 SSL_SESSION *sess;
1083 BIO *stmp = BIO_new_file(s_client_config.sess_in, "r"); 1083 BIO *stmp = BIO_new_file(cfg.sess_in, "r");
1084 if (!stmp) { 1084 if (!stmp) {
1085 BIO_printf(bio_err, "Can't open session file %s\n", 1085 BIO_printf(bio_err, "Can't open session file %s\n",
1086 s_client_config.sess_in); 1086 cfg.sess_in);
1087 ERR_print_errors(bio_err); 1087 ERR_print_errors(bio_err);
1088 goto end; 1088 goto end;
1089 } 1089 }
@@ -1091,7 +1091,7 @@ s_client_main(int argc, char **argv)
1091 BIO_free(stmp); 1091 BIO_free(stmp);
1092 if (!sess) { 1092 if (!sess) {
1093 BIO_printf(bio_err, "Can't open session file %s\n", 1093 BIO_printf(bio_err, "Can't open session file %s\n",
1094 s_client_config.sess_in); 1094 cfg.sess_in);
1095 ERR_print_errors(bio_err); 1095 ERR_print_errors(bio_err);
1096 goto end; 1096 goto end;
1097 } 1097 }
@@ -1100,15 +1100,15 @@ s_client_main(int argc, char **argv)
1100 } 1100 }
1101 1101
1102 /* Attempt to opportunistically use the host name for SNI. */ 1102 /* Attempt to opportunistically use the host name for SNI. */
1103 servername = s_client_config.servername; 1103 servername = cfg.servername;
1104 if (servername == NULL) 1104 if (servername == NULL)
1105 servername = s_client_config.host; 1105 servername = cfg.host;
1106 1106
1107 if (!s_client_config.no_servername && servername != NULL && 1107 if (!cfg.no_servername && servername != NULL &&
1108 !SSL_set_tlsext_host_name(con, servername)) { 1108 !SSL_set_tlsext_host_name(con, servername)) {
1109 long ssl_err = ERR_peek_error(); 1109 long ssl_err = ERR_peek_error();
1110 1110
1111 if (s_client_config.servername != NULL || 1111 if (cfg.servername != NULL ||
1112 ERR_GET_LIB(ssl_err) != ERR_LIB_SSL || 1112 ERR_GET_LIB(ssl_err) != ERR_LIB_SSL ||
1113 ERR_GET_REASON(ssl_err) != SSL_R_SSL3_EXT_INVALID_SERVERNAME) { 1113 ERR_GET_REASON(ssl_err) != SSL_R_SSL3_EXT_INVALID_SERVERNAME) {
1114 BIO_printf(bio_err, 1114 BIO_printf(bio_err,
@@ -1119,7 +1119,7 @@ s_client_main(int argc, char **argv)
1119 servername = NULL; 1119 servername = NULL;
1120 ERR_clear_error(); 1120 ERR_clear_error();
1121 } 1121 }
1122 if (!s_client_config.no_servername && servername != NULL) { 1122 if (!cfg.no_servername && servername != NULL) {
1123 tlsextcbp.biodebug = bio_err; 1123 tlsextcbp.biodebug = bio_err;
1124 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); 1124 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
1125 SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); 1125 SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
@@ -1127,22 +1127,22 @@ s_client_main(int argc, char **argv)
1127 1127
1128 re_start: 1128 re_start:
1129 1129
1130 if (init_client(&s, s_client_config.host, s_client_config.port, 1130 if (init_client(&s, cfg.host, cfg.port,
1131 s_client_config.socket_type, s_client_config.af) == 0) { 1131 cfg.socket_type, cfg.af) == 0) {
1132 BIO_printf(bio_err, "connect:errno=%d\n", errno); 1132 BIO_printf(bio_err, "connect:errno=%d\n", errno);
1133 goto end; 1133 goto end;
1134 } 1134 }
1135 BIO_printf(bio_c_out, "CONNECTED(%08X)\n", s); 1135 BIO_printf(bio_c_out, "CONNECTED(%08X)\n", s);
1136 1136
1137 if (s_client_config.nbio) { 1137 if (cfg.nbio) {
1138 if (!s_client_config.quiet) 1138 if (!cfg.quiet)
1139 BIO_printf(bio_c_out, "turning on non blocking io\n"); 1139 BIO_printf(bio_c_out, "turning on non blocking io\n");
1140 if (!BIO_socket_nbio(s, 1)) { 1140 if (!BIO_socket_nbio(s, 1)) {
1141 ERR_print_errors(bio_err); 1141 ERR_print_errors(bio_err);
1142 goto end; 1142 goto end;
1143 } 1143 }
1144 } 1144 }
1145 if (s_client_config.pause & 0x01) 1145 if (cfg.pause & 0x01)
1146 SSL_set_debug(con, 1); 1146 SSL_set_debug(con, 1);
1147 1147
1148 if (SSL_is_dtls(con)) { 1148 if (SSL_is_dtls(con)) {
@@ -1157,7 +1157,7 @@ s_client_main(int argc, char **argv)
1157 } 1157 }
1158 (void) BIO_ctrl_set_connected(sbio, 1, &peer); 1158 (void) BIO_ctrl_set_connected(sbio, 1, &peer);
1159 1159
1160 if (s_client_config.enable_timeouts) { 1160 if (cfg.enable_timeouts) {
1161 timeout.tv_sec = 0; 1161 timeout.tv_sec = 0;
1162 timeout.tv_usec = DGRAM_RCV_TIMEOUT; 1162 timeout.tv_usec = DGRAM_RCV_TIMEOUT;
1163 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, 1163 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0,
@@ -1168,35 +1168,35 @@ s_client_main(int argc, char **argv)
1168 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, 1168 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0,
1169 &timeout); 1169 &timeout);
1170 } 1170 }
1171 if (s_client_config.socket_mtu > 28) { 1171 if (cfg.socket_mtu > 28) {
1172 SSL_set_options(con, SSL_OP_NO_QUERY_MTU); 1172 SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
1173 SSL_set_mtu(con, s_client_config.socket_mtu - 28); 1173 SSL_set_mtu(con, cfg.socket_mtu - 28);
1174 } else 1174 } else
1175 /* want to do MTU discovery */ 1175 /* want to do MTU discovery */
1176 BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); 1176 BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
1177 } else 1177 } else
1178 sbio = BIO_new_socket(s, BIO_NOCLOSE); 1178 sbio = BIO_new_socket(s, BIO_NOCLOSE);
1179 1179
1180 if (s_client_config.nbio_test) { 1180 if (cfg.nbio_test) {
1181 BIO *test; 1181 BIO *test;
1182 1182
1183 test = BIO_new(BIO_f_nbio_test()); 1183 test = BIO_new(BIO_f_nbio_test());
1184 sbio = BIO_push(test, sbio); 1184 sbio = BIO_push(test, sbio);
1185 } 1185 }
1186 if (s_client_config.debug) { 1186 if (cfg.debug) {
1187 SSL_set_debug(con, 1); 1187 SSL_set_debug(con, 1);
1188 BIO_set_callback(sbio, bio_dump_callback); 1188 BIO_set_callback(sbio, bio_dump_callback);
1189 BIO_set_callback_arg(sbio, (char *) bio_c_out); 1189 BIO_set_callback_arg(sbio, (char *) bio_c_out);
1190 } 1190 }
1191 if (s_client_config.msg) { 1191 if (cfg.msg) {
1192 SSL_set_msg_callback(con, msg_cb); 1192 SSL_set_msg_callback(con, msg_cb);
1193 SSL_set_msg_callback_arg(con, bio_c_out); 1193 SSL_set_msg_callback_arg(con, bio_c_out);
1194 } 1194 }
1195 if (s_client_config.tlsextdebug) { 1195 if (cfg.tlsextdebug) {
1196 SSL_set_tlsext_debug_callback(con, tlsext_cb); 1196 SSL_set_tlsext_debug_callback(con, tlsext_cb);
1197 SSL_set_tlsext_debug_arg(con, bio_c_out); 1197 SSL_set_tlsext_debug_arg(con, bio_c_out);
1198 } 1198 }
1199 if (s_client_config.status_req) { 1199 if (cfg.status_req) {
1200 SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp); 1200 SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp);
1201 SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb); 1201 SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb);
1202 SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out); 1202 SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out);
@@ -1225,8 +1225,8 @@ s_client_main(int argc, char **argv)
1225 * push a buffering BIO into the chain that is removed again later on 1225 * push a buffering BIO into the chain that is removed again later on
1226 * to not disturb the rest of the s_client operation. 1226 * to not disturb the rest of the s_client operation.
1227 */ 1227 */
1228 if (s_client_config.starttls_proto == PROTO_SMTP || 1228 if (cfg.starttls_proto == PROTO_SMTP ||
1229 s_client_config.starttls_proto == PROTO_LMTP) { 1229 cfg.starttls_proto == PROTO_LMTP) {
1230 int foundit = 0; 1230 int foundit = 0;
1231 BIO *fbio = BIO_new(BIO_f_buffer()); 1231 BIO *fbio = BIO_new(BIO_f_buffer());
1232 BIO_push(fbio, sbio); 1232 BIO_push(fbio, sbio);
@@ -1237,7 +1237,7 @@ s_client_main(int argc, char **argv)
1237 while (mbuf_len > 3 && mbuf[3] == '-'); 1237 while (mbuf_len > 3 && mbuf[3] == '-');
1238 /* STARTTLS command requires EHLO... */ 1238 /* STARTTLS command requires EHLO... */
1239 BIO_printf(fbio, "%cHLO openssl.client.net\r\n", 1239 BIO_printf(fbio, "%cHLO openssl.client.net\r\n",
1240 s_client_config.starttls_proto == PROTO_SMTP ? 'E' : 'L'); 1240 cfg.starttls_proto == PROTO_SMTP ? 'E' : 'L');
1241 (void) BIO_flush(fbio); 1241 (void) BIO_flush(fbio);
1242 /* wait for multi-line response to end EHLO SMTP response */ 1242 /* wait for multi-line response to end EHLO SMTP response */
1243 do { 1243 do {
@@ -1255,7 +1255,7 @@ s_client_main(int argc, char **argv)
1255 " try anyway...\n"); 1255 " try anyway...\n");
1256 BIO_printf(sbio, "STARTTLS\r\n"); 1256 BIO_printf(sbio, "STARTTLS\r\n");
1257 BIO_read(sbio, sbuf, BUFSIZZ); 1257 BIO_read(sbio, sbuf, BUFSIZZ);
1258 } else if (s_client_config.starttls_proto == PROTO_POP3) { 1258 } else if (cfg.starttls_proto == PROTO_POP3) {
1259 mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ); 1259 mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ);
1260 if (mbuf_len == -1) { 1260 if (mbuf_len == -1) {
1261 BIO_printf(bio_err, "BIO_read failed\n"); 1261 BIO_printf(bio_err, "BIO_read failed\n");
@@ -1263,7 +1263,7 @@ s_client_main(int argc, char **argv)
1263 } 1263 }
1264 BIO_printf(sbio, "STLS\r\n"); 1264 BIO_printf(sbio, "STLS\r\n");
1265 BIO_read(sbio, sbuf, BUFSIZZ); 1265 BIO_read(sbio, sbuf, BUFSIZZ);
1266 } else if (s_client_config.starttls_proto == PROTO_IMAP) { 1266 } else if (cfg.starttls_proto == PROTO_IMAP) {
1267 int foundit = 0; 1267 int foundit = 0;
1268 BIO *fbio = BIO_new(BIO_f_buffer()); 1268 BIO *fbio = BIO_new(BIO_f_buffer());
1269 BIO_push(fbio, sbio); 1269 BIO_push(fbio, sbio);
@@ -1287,7 +1287,7 @@ s_client_main(int argc, char **argv)
1287 " try anyway...\n"); 1287 " try anyway...\n");
1288 BIO_printf(sbio, ". STARTTLS\r\n"); 1288 BIO_printf(sbio, ". STARTTLS\r\n");
1289 BIO_read(sbio, sbuf, BUFSIZZ); 1289 BIO_read(sbio, sbuf, BUFSIZZ);
1290 } else if (s_client_config.starttls_proto == PROTO_FTP) { 1290 } else if (cfg.starttls_proto == PROTO_FTP) {
1291 BIO *fbio = BIO_new(BIO_f_buffer()); 1291 BIO *fbio = BIO_new(BIO_f_buffer());
1292 BIO_push(fbio, sbio); 1292 BIO_push(fbio, sbio);
1293 /* wait for multi-line response to end from FTP */ 1293 /* wait for multi-line response to end from FTP */
@@ -1300,13 +1300,13 @@ s_client_main(int argc, char **argv)
1300 BIO_free(fbio); 1300 BIO_free(fbio);
1301 BIO_printf(sbio, "AUTH TLS\r\n"); 1301 BIO_printf(sbio, "AUTH TLS\r\n");
1302 BIO_read(sbio, sbuf, BUFSIZZ); 1302 BIO_read(sbio, sbuf, BUFSIZZ);
1303 } else if (s_client_config.starttls_proto == PROTO_XMPP) { 1303 } else if (cfg.starttls_proto == PROTO_XMPP) {
1304 int seen = 0; 1304 int seen = 0;
1305 BIO_printf(sbio, "<stream:stream " 1305 BIO_printf(sbio, "<stream:stream "
1306 "xmlns:stream='http://etherx.jabber.org/streams' " 1306 "xmlns:stream='http://etherx.jabber.org/streams' "
1307 "xmlns='jabber:client' to='%s' version='1.0'>", 1307 "xmlns='jabber:client' to='%s' version='1.0'>",
1308 s_client_config.xmpphost ? 1308 cfg.xmpphost ?
1309 s_client_config.xmpphost : s_client_config.host); 1309 cfg.xmpphost : cfg.host);
1310 seen = BIO_read(sbio, mbuf, BUFSIZZ); 1310 seen = BIO_read(sbio, mbuf, BUFSIZZ);
1311 1311
1312 if (seen <= 0) 1312 if (seen <= 0)
@@ -1329,9 +1329,9 @@ s_client_main(int argc, char **argv)
1329 if (!strstr(sbuf, "<proceed")) 1329 if (!strstr(sbuf, "<proceed"))
1330 goto shut; 1330 goto shut;
1331 mbuf[0] = 0; 1331 mbuf[0] = 0;
1332 } else if (s_client_config.proxy != NULL) { 1332 } else if (cfg.proxy != NULL) {
1333 BIO_printf(sbio, "CONNECT %s HTTP/1.0\r\n\r\n", 1333 BIO_printf(sbio, "CONNECT %s HTTP/1.0\r\n\r\n",
1334 s_client_config.connect); 1334 cfg.connect);
1335 mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ); 1335 mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ);
1336 if (mbuf_len == -1) { 1336 if (mbuf_len == -1) {
1337 BIO_printf(bio_err, "BIO_read failed\n"); 1337 BIO_printf(bio_err, "BIO_read failed\n");
@@ -1353,9 +1353,9 @@ s_client_main(int argc, char **argv)
1353 tty_on = 1; 1353 tty_on = 1;
1354 if (in_init) { 1354 if (in_init) {
1355 in_init = 0; 1355 in_init = 0;
1356 if (s_client_config.sess_out) { 1356 if (cfg.sess_out) {
1357 BIO *stmp = BIO_new_file( 1357 BIO *stmp = BIO_new_file(
1358 s_client_config.sess_out, "w"); 1358 cfg.sess_out, "w");
1359 if (stmp) { 1359 if (stmp) {
1360 PEM_write_bio_SSL_SESSION(stmp, 1360 PEM_write_bio_SSL_SESSION(stmp,
1361 SSL_get_session(con)); 1361 SSL_get_session(con));
@@ -1363,19 +1363,19 @@ s_client_main(int argc, char **argv)
1363 } else 1363 } else
1364 BIO_printf(bio_err, 1364 BIO_printf(bio_err,
1365 "Error writing session file %s\n", 1365 "Error writing session file %s\n",
1366 s_client_config.sess_out); 1366 cfg.sess_out);
1367 } 1367 }
1368 print_stuff(bio_c_out, con, full_log); 1368 print_stuff(bio_c_out, con, full_log);
1369 if (full_log > 0) 1369 if (full_log > 0)
1370 full_log--; 1370 full_log--;
1371 1371
1372 if (s_client_config.starttls_proto) { 1372 if (cfg.starttls_proto) {
1373 BIO_write(bio_err, mbuf, mbuf_len); 1373 BIO_write(bio_err, mbuf, mbuf_len);
1374 /* We don't need to know any more */ 1374 /* We don't need to know any more */
1375 s_client_config.starttls_proto = PROTO_OFF; 1375 cfg.starttls_proto = PROTO_OFF;
1376 } 1376 }
1377 if (s_client_config.reconnect) { 1377 if (cfg.reconnect) {
1378 s_client_config.reconnect--; 1378 cfg.reconnect--;
1379 BIO_printf(bio_c_out, 1379 BIO_printf(bio_c_out,
1380 "drop connection and then reconnect\n"); 1380 "drop connection and then reconnect\n");
1381 SSL_shutdown(con); 1381 SSL_shutdown(con);
@@ -1516,7 +1516,7 @@ s_client_main(int argc, char **argv)
1516 } 1516 }
1517 } 1517 }
1518#endif 1518#endif
1519 if (s_client_config.peekaboo) { 1519 if (cfg.peekaboo) {
1520 k = p = SSL_peek(con, pbuf, 1024 /* BUFSIZZ */ ); 1520 k = p = SSL_peek(con, pbuf, 1024 /* BUFSIZZ */ );
1521 pending = SSL_pending(con); 1521 pending = SSL_pending(con);
1522 if (SSL_get_error(con, p) == SSL_ERROR_NONE) { 1522 if (SSL_get_error(con, p) == SSL_ERROR_NONE) {
@@ -1535,7 +1535,7 @@ s_client_main(int argc, char **argv)
1535 goto end; 1535 goto end;
1536 sbuf_off = 0; 1536 sbuf_off = 0;
1537 sbuf_len = k; 1537 sbuf_len = k;
1538 if (s_client_config.peekaboo) { 1538 if (cfg.peekaboo) {
1539 if (p != pending) { 1539 if (p != pending) {
1540 ret = -1; 1540 ret = -1;
1541 BIO_printf(bio_err, 1541 BIO_printf(bio_err,
@@ -1594,7 +1594,7 @@ s_client_main(int argc, char **argv)
1594 BIO_printf(bio_err, "poll error"); 1594 BIO_printf(bio_err, "poll error");
1595 goto shut; 1595 goto shut;
1596 } 1596 }
1597 if (s_client_config.crlf) { 1597 if (cfg.crlf) {
1598 int j, lf_num; 1598 int j, lf_num;
1599 1599
1600 i = read(fileno(stdin), cbuf, BUFSIZZ / 2); 1600 i = read(fileno(stdin), cbuf, BUFSIZZ / 2);
@@ -1615,13 +1615,13 @@ s_client_main(int argc, char **argv)
1615 } else 1615 } else
1616 i = read(fileno(stdin), cbuf, BUFSIZZ); 1616 i = read(fileno(stdin), cbuf, BUFSIZZ);
1617 1617
1618 if ((!s_client_config.ign_eof) && 1618 if ((!cfg.ign_eof) &&
1619 ((i <= 0) || (cbuf[0] == 'Q'))) { 1619 ((i <= 0) || (cbuf[0] == 'Q'))) {
1620 BIO_printf(bio_err, "DONE\n"); 1620 BIO_printf(bio_err, "DONE\n");
1621 ret = 0; 1621 ret = 0;
1622 goto shut; 1622 goto shut;
1623 } 1623 }
1624 if ((!s_client_config.ign_eof) && (cbuf[0] == 'R')) { 1624 if ((!cfg.ign_eof) && (cbuf[0] == 'R')) {
1625 BIO_printf(bio_err, "RENEGOTIATING\n"); 1625 BIO_printf(bio_err, "RENEGOTIATING\n");
1626 SSL_renegotiate(con); 1626 SSL_renegotiate(con);
1627 cbuf_len = 0; 1627 cbuf_len = 0;
@@ -1644,7 +1644,7 @@ s_client_main(int argc, char **argv)
1644 close(SSL_get_fd(con)); 1644 close(SSL_get_fd(con));
1645 end: 1645 end:
1646 if (con != NULL) { 1646 if (con != NULL) {
1647 if (s_client_config.prexit != 0) 1647 if (cfg.prexit != 0)
1648 print_stuff(bio_c_out, con, 1); 1648 print_stuff(bio_c_out, con, 1);
1649 SSL_free(con); 1649 SSL_free(con);
1650 } 1650 }
@@ -1652,7 +1652,7 @@ s_client_main(int argc, char **argv)
1652 X509_free(cert); 1652 X509_free(cert);
1653 EVP_PKEY_free(key); 1653 EVP_PKEY_free(key);
1654 free(pass); 1654 free(pass);
1655 X509_VERIFY_PARAM_free(s_client_config.vpm); 1655 X509_VERIFY_PARAM_free(cfg.vpm);
1656 freezero(cbuf, BUFSIZZ); 1656 freezero(cbuf, BUFSIZZ);
1657 freezero(sbuf, BUFSIZZ); 1657 freezero(sbuf, BUFSIZZ);
1658 freezero(pbuf, BUFSIZZ); 1658 freezero(pbuf, BUFSIZZ);
@@ -1692,7 +1692,7 @@ print_stuff(BIO *bio, SSL *s, int full)
1692 X509_NAME_oneline(X509_get_issuer_name( 1692 X509_NAME_oneline(X509_get_issuer_name(
1693 sk_X509_value(sk, i)), buf, sizeof buf); 1693 sk_X509_value(sk, i)), buf, sizeof buf);
1694 BIO_printf(bio, " i:%s\n", buf); 1694 BIO_printf(bio, " i:%s\n", buf);
1695 if (s_client_config.showcerts) 1695 if (cfg.showcerts)
1696 PEM_write_bio_X509(bio, 1696 PEM_write_bio_X509(bio,
1697 sk_X509_value(sk, i)); 1697 sk_X509_value(sk, i));
1698 } 1698 }
@@ -1701,7 +1701,7 @@ print_stuff(BIO *bio, SSL *s, int full)
1701 peer = SSL_get_peer_certificate(s); 1701 peer = SSL_get_peer_certificate(s);
1702 if (peer != NULL) { 1702 if (peer != NULL) {
1703 BIO_printf(bio, "Server certificate\n"); 1703 BIO_printf(bio, "Server certificate\n");
1704 if (!(s_client_config.showcerts && got_a_chain)) { 1704 if (!(cfg.showcerts && got_a_chain)) {
1705 /* Redundant if we showed the whole chain */ 1705 /* Redundant if we showed the whole chain */
1706 PEM_write_bio_X509(bio, peer); 1706 PEM_write_bio_X509(bio, peer);
1707 } 1707 }
@@ -1820,23 +1820,23 @@ print_stuff(BIO *bio, SSL *s, int full)
1820#endif 1820#endif
1821 1821
1822 SSL_SESSION_print(bio, SSL_get_session(s)); 1822 SSL_SESSION_print(bio, SSL_get_session(s));
1823 if (s_client_config.keymatexportlabel != NULL) { 1823 if (cfg.keymatexportlabel != NULL) {
1824 BIO_printf(bio, "Keying material exporter:\n"); 1824 BIO_printf(bio, "Keying material exporter:\n");
1825 BIO_printf(bio, " Label: '%s'\n", 1825 BIO_printf(bio, " Label: '%s'\n",
1826 s_client_config.keymatexportlabel); 1826 cfg.keymatexportlabel);
1827 BIO_printf(bio, " Length: %i bytes\n", 1827 BIO_printf(bio, " Length: %i bytes\n",
1828 s_client_config.keymatexportlen); 1828 cfg.keymatexportlen);
1829 exportedkeymat = malloc(s_client_config.keymatexportlen); 1829 exportedkeymat = malloc(cfg.keymatexportlen);
1830 if (exportedkeymat != NULL) { 1830 if (exportedkeymat != NULL) {
1831 if (!SSL_export_keying_material(s, exportedkeymat, 1831 if (!SSL_export_keying_material(s, exportedkeymat,
1832 s_client_config.keymatexportlen, 1832 cfg.keymatexportlen,
1833 s_client_config.keymatexportlabel, 1833 cfg.keymatexportlabel,
1834 strlen(s_client_config.keymatexportlabel), 1834 strlen(cfg.keymatexportlabel),
1835 NULL, 0, 0)) { 1835 NULL, 0, 0)) {
1836 BIO_printf(bio, " Error\n"); 1836 BIO_printf(bio, " Error\n");
1837 } else { 1837 } else {
1838 BIO_printf(bio, " Keying material: "); 1838 BIO_printf(bio, " Keying material: ");
1839 for (i = 0; i < s_client_config.keymatexportlen; i++) 1839 for (i = 0; i < cfg.keymatexportlen; i++)
1840 BIO_printf(bio, "%02X", 1840 BIO_printf(bio, "%02X",
1841 exportedkeymat[i]); 1841 exportedkeymat[i]);
1842 BIO_printf(bio, "\n"); 1842 BIO_printf(bio, "\n");
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 00:21:33 +0000