summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorinoguchi <>2020-07-27 12:19:51 +0000
committerinoguchi <>2020-07-27 12:19:51 +0000
commitb35c8d607b9342a2a3f664a4c96d072776b31258 (patch)
treee6b9acab00abccf8d657389fe54f5b011335a161 /src
parent05b2b6584117245382187acaa206c3154782959e (diff)
downloadopenbsd-b35c8d607b9342a2a3f664a4c96d072776b31258.tar.gz
openbsd-b35c8d607b9342a2a3f664a4c96d072776b31258.tar.bz2
openbsd-b35c8d607b9342a2a3f664a4c96d072776b31258.zip
Remove 's_' prefix from member of s_server_config struct
Diffstat (limited to 'src')
-rw-r--r--src/usr.bin/openssl/s_server.c220
1 files changed, 110 insertions, 110 deletions
diff --git a/src/usr.bin/openssl/s_server.c b/src/usr.bin/openssl/s_server.c
index 07afc18869..115524921e 100644
--- a/src/usr.bin/openssl/s_server.c
+++ b/src/usr.bin/openssl/s_server.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s_server.c,v 1.39 2020/07/27 12:09:14 inoguchi Exp $ */ 1/* $OpenBSD: s_server.c,v 1.40 2020/07/27 12:19:51 inoguchi Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -233,34 +233,34 @@ static struct {
233#ifndef OPENSSL_NO_DTLS1 233#ifndef OPENSSL_NO_DTLS1
234 int cert_chain; 234 int cert_chain;
235#endif 235#endif
236 char *s_cert_file; 236 char *cert_file;
237 char *s_cert_file2; 237 char *cert_file2;
238 int s_cert_format; 238 int cert_format;
239 char *cipher; 239 char *cipher;
240 unsigned char *context; 240 unsigned char *context;
241 int s_crlf; 241 int crlf;
242 char *s_dcert_file; 242 char *dcert_file;
243 int s_dcert_format; 243 int dcert_format;
244 int s_debug; 244 int debug;
245 char *dhfile; 245 char *dhfile;
246 char *s_dkey_file; 246 char *dkey_file;
247 int s_dkey_format; 247 int dkey_format;
248 char *dpassarg; 248 char *dpassarg;
249 int enable_timeouts; 249 int enable_timeouts;
250 const char *errstr; 250 const char *errstr;
251 char *groups_in; 251 char *groups_in;
252 char *s_key_file; 252 char *key_file;
253 char *s_key_file2; 253 char *key_file2;
254 int s_key_format; 254 int key_format;
255 char *keymatexportlabel; 255 char *keymatexportlabel;
256 int keymatexportlen; 256 int keymatexportlen;
257 uint16_t max_version; 257 uint16_t max_version;
258 uint16_t min_version; 258 uint16_t min_version;
259 const SSL_METHOD *meth; 259 const SSL_METHOD *meth;
260 int s_msg; 260 int msg;
261 char *named_curve; 261 char *named_curve;
262 int s_nbio; 262 int nbio;
263 int s_nbio_test; 263 int nbio_test;
264 int no_cache; 264 int no_cache;
265 int nocert; 265 int nocert;
266 int no_dhe; 266 int no_dhe;
@@ -269,8 +269,8 @@ static struct {
269 int off; 269 int off;
270 char *passarg; 270 char *passarg;
271 short port; 271 short port;
272 int s_quiet; 272 int quiet;
273 int s_server_verify; 273 int server_verify;
274 char *session_id_prefix; 274 char *session_id_prefix;
275 long socket_mtu; 275 long socket_mtu;
276 int socket_type; 276 int socket_type;
@@ -280,8 +280,8 @@ static struct {
280 int state; 280 int state;
281 tlsextstatusctx tlscstatp; 281 tlsextstatusctx tlscstatp;
282 tlsextctx tlsextcbp; 282 tlsextctx tlsextcbp;
283 int s_tlsextdebug; 283 int tlsextdebug;
284 int s_tlsextstatus; 284 int tlsextstatus;
285 X509_VERIFY_PARAM *vpm; 285 X509_VERIFY_PARAM *vpm;
286 int www; 286 int www;
287} s_server_config; 287} s_server_config;
@@ -364,8 +364,8 @@ s_server_protocol_version_tls1_3(void)
364static int 364static int
365s_server_opt_nbio_test(void) 365s_server_opt_nbio_test(void)
366{ 366{
367 s_server_config.s_nbio = 1; 367 s_server_config.nbio = 1;
368 s_server_config.s_nbio_test = 1; 368 s_server_config.nbio_test = 1;
369 return (0); 369 return (0);
370} 370}
371 371
@@ -380,7 +380,7 @@ s_server_opt_port(char *arg)
380static int 380static int
381s_server_opt_status_timeout(char *arg) 381s_server_opt_status_timeout(char *arg)
382{ 382{
383 s_server_config.s_tlsextstatus = 1; 383 s_server_config.tlsextstatus = 1;
384 s_server_config.tlscstatp.timeout = strtonum(arg, 0, INT_MAX, 384 s_server_config.tlscstatp.timeout = strtonum(arg, 0, INT_MAX,
385 &s_server_config.errstr); 385 &s_server_config.errstr);
386 if (s_server_config.errstr != NULL) { 386 if (s_server_config.errstr != NULL) {
@@ -394,7 +394,7 @@ s_server_opt_status_timeout(char *arg)
394static int 394static int
395s_server_opt_status_url(char *arg) 395s_server_opt_status_url(char *arg)
396{ 396{
397 s_server_config.s_tlsextstatus = 1; 397 s_server_config.tlsextstatus = 1;
398 if (!OCSP_parse_url(arg, &s_server_config.tlscstatp.host, 398 if (!OCSP_parse_url(arg, &s_server_config.tlscstatp.host,
399 &s_server_config.tlscstatp.port, &s_server_config.tlscstatp.path, 399 &s_server_config.tlscstatp.port, &s_server_config.tlscstatp.path,
400 &s_server_config.tlscstatp.use_ssl)) { 400 &s_server_config.tlscstatp.use_ssl)) {
@@ -407,7 +407,7 @@ s_server_opt_status_url(char *arg)
407static int 407static int
408s_server_opt_status_verbose(void) 408s_server_opt_status_verbose(void)
409{ 409{
410 s_server_config.s_tlsextstatus = 1; 410 s_server_config.tlsextstatus = 1;
411 s_server_config.tlscstatp.verbose = 1; 411 s_server_config.tlscstatp.verbose = 1;
412 return (0); 412 return (0);
413} 413}
@@ -415,7 +415,7 @@ s_server_opt_status_verbose(void)
415static int 415static int
416s_server_opt_verify(char *arg) 416s_server_opt_verify(char *arg)
417{ 417{
418 s_server_config.s_server_verify = SSL_VERIFY_PEER | 418 s_server_config.server_verify = SSL_VERIFY_PEER |
419 SSL_VERIFY_CLIENT_ONCE; 419 SSL_VERIFY_CLIENT_ONCE;
420 verify_depth = strtonum(arg, 0, INT_MAX, &s_server_config.errstr); 420 verify_depth = strtonum(arg, 0, INT_MAX, &s_server_config.errstr);
421 if (s_server_config.errstr != NULL) { 421 if (s_server_config.errstr != NULL) {
@@ -430,7 +430,7 @@ s_server_opt_verify(char *arg)
430static int 430static int
431s_server_opt_verify_fail(char *arg) 431s_server_opt_verify_fail(char *arg)
432{ 432{
433 s_server_config.s_server_verify = SSL_VERIFY_PEER | 433 s_server_config.server_verify = SSL_VERIFY_PEER |
434 SSL_VERIFY_FAIL_IF_NO_PEER_CERT | SSL_VERIFY_CLIENT_ONCE; 434 SSL_VERIFY_FAIL_IF_NO_PEER_CERT | SSL_VERIFY_CLIENT_ONCE;
435 verify_depth = strtonum(arg, 0, INT_MAX, &s_server_config.errstr); 435 verify_depth = strtonum(arg, 0, INT_MAX, &s_server_config.errstr);
436 if (s_server_config.errstr != NULL) { 436 if (s_server_config.errstr != NULL) {
@@ -504,7 +504,7 @@ static const struct option s_server_options[] = {
504 .desc = "Certificate file to use\n" 504 .desc = "Certificate file to use\n"
505 "(default is " TEST_CERT ")", 505 "(default is " TEST_CERT ")",
506 .type = OPTION_ARG, 506 .type = OPTION_ARG,
507 .opt.arg = &s_server_config.s_cert_file, 507 .opt.arg = &s_server_config.cert_file,
508 }, 508 },
509 { 509 {
510 .name = "cert2", 510 .name = "cert2",
@@ -512,14 +512,14 @@ static const struct option s_server_options[] = {
512 .desc = "Certificate file to use for servername\n" 512 .desc = "Certificate file to use for servername\n"
513 "(default is " TEST_CERT2 ")", 513 "(default is " TEST_CERT2 ")",
514 .type = OPTION_ARG, 514 .type = OPTION_ARG,
515 .opt.arg = &s_server_config.s_cert_file2, 515 .opt.arg = &s_server_config.cert_file2,
516 }, 516 },
517 { 517 {
518 .name = "certform", 518 .name = "certform",
519 .argname = "fmt", 519 .argname = "fmt",
520 .desc = "Certificate format (PEM or DER) PEM default", 520 .desc = "Certificate format (PEM or DER) PEM default",
521 .type = OPTION_ARG_FORMAT, 521 .type = OPTION_ARG_FORMAT,
522 .opt.value = &s_server_config.s_cert_format, 522 .opt.value = &s_server_config.cert_format,
523 }, 523 },
524#ifndef OPENSSL_NO_DTLS1 524#ifndef OPENSSL_NO_DTLS1
525 { 525 {
@@ -546,27 +546,27 @@ static const struct option s_server_options[] = {
546 .name = "crlf", 546 .name = "crlf",
547 .desc = "Convert LF from terminal into CRLF", 547 .desc = "Convert LF from terminal into CRLF",
548 .type = OPTION_FLAG, 548 .type = OPTION_FLAG,
549 .opt.flag = &s_server_config.s_crlf, 549 .opt.flag = &s_server_config.crlf,
550 }, 550 },
551 { 551 {
552 .name = "dcert", 552 .name = "dcert",
553 .argname = "file", 553 .argname = "file",
554 .desc = "Second certificate file to use (usually for DSA)", 554 .desc = "Second certificate file to use (usually for DSA)",
555 .type = OPTION_ARG, 555 .type = OPTION_ARG,
556 .opt.arg = &s_server_config.s_dcert_file, 556 .opt.arg = &s_server_config.dcert_file,
557 }, 557 },
558 { 558 {
559 .name = "dcertform", 559 .name = "dcertform",
560 .argname = "fmt", 560 .argname = "fmt",
561 .desc = "Second certificate format (PEM or DER) PEM default", 561 .desc = "Second certificate format (PEM or DER) PEM default",
562 .type = OPTION_ARG_FORMAT, 562 .type = OPTION_ARG_FORMAT,
563 .opt.value = &s_server_config.s_dcert_format, 563 .opt.value = &s_server_config.dcert_format,
564 }, 564 },
565 { 565 {
566 .name = "debug", 566 .name = "debug",
567 .desc = "Print more output", 567 .desc = "Print more output",
568 .type = OPTION_FLAG, 568 .type = OPTION_FLAG,
569 .opt.flag = &s_server_config.s_debug, 569 .opt.flag = &s_server_config.debug,
570 }, 570 },
571 { 571 {
572 .name = "dhparam", 572 .name = "dhparam",
@@ -580,14 +580,14 @@ static const struct option s_server_options[] = {
580 .argname = "file", 580 .argname = "file",
581 .desc = "Second private key file to use (usually for DSA)", 581 .desc = "Second private key file to use (usually for DSA)",
582 .type = OPTION_ARG, 582 .type = OPTION_ARG,
583 .opt.arg = &s_server_config.s_dkey_file, 583 .opt.arg = &s_server_config.dkey_file,
584 }, 584 },
585 { 585 {
586 .name = "dkeyform", 586 .name = "dkeyform",
587 .argname = "fmt", 587 .argname = "fmt",
588 .desc = "Second key format (PEM or DER) PEM default", 588 .desc = "Second key format (PEM or DER) PEM default",
589 .type = OPTION_ARG_FORMAT, 589 .type = OPTION_ARG_FORMAT,
590 .opt.value = &s_server_config.s_dkey_format, 590 .opt.value = &s_server_config.dkey_format,
591 }, 591 },
592 { 592 {
593 .name = "dpass", 593 .name = "dpass",
@@ -631,7 +631,7 @@ static const struct option s_server_options[] = {
631 .desc = "Private Key file to use, in cert file if\n" 631 .desc = "Private Key file to use, in cert file if\n"
632 "not specified (default is " TEST_CERT ")", 632 "not specified (default is " TEST_CERT ")",
633 .type = OPTION_ARG, 633 .type = OPTION_ARG,
634 .opt.arg = &s_server_config.s_key_file, 634 .opt.arg = &s_server_config.key_file,
635 }, 635 },
636 { 636 {
637 .name = "key2", 637 .name = "key2",
@@ -639,14 +639,14 @@ static const struct option s_server_options[] = {
639 .desc = "Private Key file to use for servername, in cert file if\n" 639 .desc = "Private Key file to use for servername, in cert file if\n"
640 "not specified (default is " TEST_CERT2 ")", 640 "not specified (default is " TEST_CERT2 ")",
641 .type = OPTION_ARG, 641 .type = OPTION_ARG,
642 .opt.arg = &s_server_config.s_key_file2, 642 .opt.arg = &s_server_config.key_file2,
643 }, 643 },
644 { 644 {
645 .name = "keyform", 645 .name = "keyform",
646 .argname = "fmt", 646 .argname = "fmt",
647 .desc = "Key format (PEM or DER) PEM default", 647 .desc = "Key format (PEM or DER) PEM default",
648 .type = OPTION_ARG_FORMAT, 648 .type = OPTION_ARG_FORMAT,
649 .opt.value = &s_server_config.s_key_format, 649 .opt.value = &s_server_config.key_format,
650 }, 650 },
651 { 651 {
652 .name = "keymatexport", 652 .name = "keymatexport",
@@ -670,7 +670,7 @@ static const struct option s_server_options[] = {
670 .name = "msg", 670 .name = "msg",
671 .desc = "Show protocol messages", 671 .desc = "Show protocol messages",
672 .type = OPTION_FLAG, 672 .type = OPTION_FLAG,
673 .opt.flag = &s_server_config.s_msg, 673 .opt.flag = &s_server_config.msg,
674 }, 674 },
675#ifndef OPENSSL_NO_DTLS1 675#ifndef OPENSSL_NO_DTLS1
676 { 676 {
@@ -691,7 +691,7 @@ static const struct option s_server_options[] = {
691 .name = "nbio", 691 .name = "nbio",
692 .desc = "Run with non-blocking I/O", 692 .desc = "Run with non-blocking I/O",
693 .type = OPTION_FLAG, 693 .type = OPTION_FLAG,
694 .opt.flag = &s_server_config.s_nbio, 694 .opt.flag = &s_server_config.nbio,
695 }, 695 },
696 { 696 {
697 .name = "nbio_test", 697 .name = "nbio_test",
@@ -804,7 +804,7 @@ static const struct option s_server_options[] = {
804 .name = "quiet", 804 .name = "quiet",
805 .desc = "Inhibit printing of session and certificate information", 805 .desc = "Inhibit printing of session and certificate information",
806 .type = OPTION_FLAG, 806 .type = OPTION_FLAG,
807 .opt.flag = &s_server_config.s_quiet, 807 .opt.flag = &s_server_config.quiet,
808 }, 808 },
809 { 809 {
810 .name = "servername", 810 .name = "servername",
@@ -837,7 +837,7 @@ static const struct option s_server_options[] = {
837 .name = "status", 837 .name = "status",
838 .desc = "Respond to certificate status requests", 838 .desc = "Respond to certificate status requests",
839 .type = OPTION_FLAG, 839 .type = OPTION_FLAG,
840 .opt.flag = &s_server_config.s_tlsextstatus, 840 .opt.flag = &s_server_config.tlsextstatus,
841 }, 841 },
842 { 842 {
843 .name = "status_timeout", 843 .name = "status_timeout",
@@ -895,7 +895,7 @@ static const struct option s_server_options[] = {
895 .name = "tlsextdebug", 895 .name = "tlsextdebug",
896 .desc = "Hex dump of all TLS extensions received", 896 .desc = "Hex dump of all TLS extensions received",
897 .type = OPTION_FLAG, 897 .type = OPTION_FLAG,
898 .opt.flag = &s_server_config.s_tlsextdebug, 898 .opt.flag = &s_server_config.tlsextdebug,
899 }, 899 },
900#ifndef OPENSSL_NO_SRTP 900#ifndef OPENSSL_NO_SRTP
901 { 901 {
@@ -954,23 +954,23 @@ s_server_init(void)
954{ 954{
955 accept_socket = -1; 955 accept_socket = -1;
956 s_server_config.cipher = NULL; 956 s_server_config.cipher = NULL;
957 s_server_config.s_server_verify = SSL_VERIFY_NONE; 957 s_server_config.server_verify = SSL_VERIFY_NONE;
958 s_server_config.s_dcert_file = NULL; 958 s_server_config.dcert_file = NULL;
959 s_server_config.s_dkey_file = NULL; 959 s_server_config.dkey_file = NULL;
960 s_server_config.s_cert_file = TEST_CERT; 960 s_server_config.cert_file = TEST_CERT;
961 s_server_config.s_key_file = NULL; 961 s_server_config.key_file = NULL;
962 s_server_config.s_cert_file2 = TEST_CERT2; 962 s_server_config.cert_file2 = TEST_CERT2;
963 s_server_config.s_key_file2 = NULL; 963 s_server_config.key_file2 = NULL;
964 ctx2 = NULL; 964 ctx2 = NULL;
965 s_server_config.s_nbio = 0; 965 s_server_config.nbio = 0;
966 s_server_config.s_nbio_test = 0; 966 s_server_config.nbio_test = 0;
967 ctx = NULL; 967 ctx = NULL;
968 s_server_config.www = 0; 968 s_server_config.www = 0;
969 969
970 bio_s_out = NULL; 970 bio_s_out = NULL;
971 s_server_config.s_debug = 0; 971 s_server_config.debug = 0;
972 s_server_config.s_msg = 0; 972 s_server_config.msg = 0;
973 s_server_config.s_quiet = 0; 973 s_server_config.quiet = 0;
974} 974}
975 975
976static void 976static void
@@ -1159,7 +1159,7 @@ alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen,
1159{ 1159{
1160 tlsextalpnctx *alpn_ctx = arg; 1160 tlsextalpnctx *alpn_ctx = arg;
1161 1161
1162 if (!s_server_config.s_quiet) { 1162 if (!s_server_config.quiet) {
1163 /* We can assume that in is syntactically valid. */ 1163 /* We can assume that in is syntactically valid. */
1164 unsigned i; 1164 unsigned i;
1165 1165
@@ -1178,7 +1178,7 @@ alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen,
1178 alpn_ctx->len, in, inlen) != OPENSSL_NPN_NEGOTIATED) 1178 alpn_ctx->len, in, inlen) != OPENSSL_NPN_NEGOTIATED)
1179 return (SSL_TLSEXT_ERR_NOACK); 1179 return (SSL_TLSEXT_ERR_NOACK);
1180 1180
1181 if (!s_server_config.s_quiet) { 1181 if (!s_server_config.quiet) {
1182 BIO_printf(bio_s_out, "ALPN protocols selected: "); 1182 BIO_printf(bio_s_out, "ALPN protocols selected: ");
1183 BIO_write(bio_s_out, *out, *outlen); 1183 BIO_write(bio_s_out, *out, *outlen);
1184 BIO_write(bio_s_out, "\n", 1); 1184 BIO_write(bio_s_out, "\n", 1);
@@ -1211,13 +1211,13 @@ s_server_main(int argc, char *argv[])
1211 s_server_config.keymatexportlen = 20; 1211 s_server_config.keymatexportlen = 20;
1212 s_server_config.meth = TLS_server_method(); 1212 s_server_config.meth = TLS_server_method();
1213 s_server_config.port = PORT; 1213 s_server_config.port = PORT;
1214 s_server_config.s_cert_file = TEST_CERT; 1214 s_server_config.cert_file = TEST_CERT;
1215 s_server_config.s_cert_file2 = TEST_CERT2; 1215 s_server_config.cert_file2 = TEST_CERT2;
1216 s_server_config.s_cert_format = FORMAT_PEM; 1216 s_server_config.cert_format = FORMAT_PEM;
1217 s_server_config.s_dcert_format = FORMAT_PEM; 1217 s_server_config.dcert_format = FORMAT_PEM;
1218 s_server_config.s_dkey_format = FORMAT_PEM; 1218 s_server_config.dkey_format = FORMAT_PEM;
1219 s_server_config.s_key_format = FORMAT_PEM; 1219 s_server_config.key_format = FORMAT_PEM;
1220 s_server_config.s_server_verify = SSL_VERIFY_NONE; 1220 s_server_config.server_verify = SSL_VERIFY_NONE;
1221 s_server_config.socket_type = SOCK_STREAM; 1221 s_server_config.socket_type = SOCK_STREAM;
1222 s_server_config.tlscstatp.timeout = -1; 1222 s_server_config.tlscstatp.timeout = -1;
1223 s_server_config.tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_WARNING; 1223 s_server_config.tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_WARNING;
@@ -1244,19 +1244,19 @@ s_server_main(int argc, char *argv[])
1244 BIO_printf(bio_err, "Error getting password\n"); 1244 BIO_printf(bio_err, "Error getting password\n");
1245 goto end; 1245 goto end;
1246 } 1246 }
1247 if (s_server_config.s_key_file == NULL) 1247 if (s_server_config.key_file == NULL)
1248 s_server_config.s_key_file = s_server_config.s_cert_file; 1248 s_server_config.key_file = s_server_config.cert_file;
1249 if (s_server_config.s_key_file2 == NULL) 1249 if (s_server_config.key_file2 == NULL)
1250 s_server_config.s_key_file2 = s_server_config.s_cert_file2; 1250 s_server_config.key_file2 = s_server_config.cert_file2;
1251 1251
1252 if (s_server_config.nocert == 0) { 1252 if (s_server_config.nocert == 0) {
1253 s_key = load_key(bio_err, s_server_config.s_key_file, s_server_config.s_key_format, 0, pass, 1253 s_key = load_key(bio_err, s_server_config.key_file, s_server_config.key_format, 0, pass,
1254 "server certificate private key file"); 1254 "server certificate private key file");
1255 if (!s_key) { 1255 if (!s_key) {
1256 ERR_print_errors(bio_err); 1256 ERR_print_errors(bio_err);
1257 goto end; 1257 goto end;
1258 } 1258 }
1259 s_cert = load_cert(bio_err, s_server_config.s_cert_file, s_server_config.s_cert_format, 1259 s_cert = load_cert(bio_err, s_server_config.cert_file, s_server_config.cert_format,
1260 NULL, "server certificate file"); 1260 NULL, "server certificate file");
1261 1261
1262 if (!s_cert) { 1262 if (!s_cert) {
@@ -1264,13 +1264,13 @@ s_server_main(int argc, char *argv[])
1264 goto end; 1264 goto end;
1265 } 1265 }
1266 if (s_server_config.tlsextcbp.servername) { 1266 if (s_server_config.tlsextcbp.servername) {
1267 s_key2 = load_key(bio_err, s_server_config.s_key_file2, s_server_config.s_key_format, 0, pass, 1267 s_key2 = load_key(bio_err, s_server_config.key_file2, s_server_config.key_format, 0, pass,
1268 "second server certificate private key file"); 1268 "second server certificate private key file");
1269 if (!s_key2) { 1269 if (!s_key2) {
1270 ERR_print_errors(bio_err); 1270 ERR_print_errors(bio_err);
1271 goto end; 1271 goto end;
1272 } 1272 }
1273 s_cert2 = load_cert(bio_err, s_server_config.s_cert_file2, s_server_config.s_cert_format, 1273 s_cert2 = load_cert(bio_err, s_server_config.cert_file2, s_server_config.cert_format,
1274 NULL, "second server certificate file"); 1274 NULL, "second server certificate file");
1275 1275
1276 if (!s_cert2) { 1276 if (!s_cert2) {
@@ -1288,18 +1288,18 @@ s_server_main(int argc, char *argv[])
1288 alpn_ctx.len = len; 1288 alpn_ctx.len = len;
1289 } 1289 }
1290 1290
1291 if (s_server_config.s_dcert_file) { 1291 if (s_server_config.dcert_file) {
1292 1292
1293 if (s_server_config.s_dkey_file == NULL) 1293 if (s_server_config.dkey_file == NULL)
1294 s_server_config.s_dkey_file = s_server_config.s_dcert_file; 1294 s_server_config.dkey_file = s_server_config.dcert_file;
1295 1295
1296 s_dkey = load_key(bio_err, s_server_config.s_dkey_file, s_server_config.s_dkey_format, 1296 s_dkey = load_key(bio_err, s_server_config.dkey_file, s_server_config.dkey_format,
1297 0, dpass, "second certificate private key file"); 1297 0, dpass, "second certificate private key file");
1298 if (!s_dkey) { 1298 if (!s_dkey) {
1299 ERR_print_errors(bio_err); 1299 ERR_print_errors(bio_err);
1300 goto end; 1300 goto end;
1301 } 1301 }
1302 s_dcert = load_cert(bio_err, s_server_config.s_dcert_file, s_server_config.s_dcert_format, 1302 s_dcert = load_cert(bio_err, s_server_config.dcert_file, s_server_config.dcert_format,
1303 NULL, "second server certificate file"); 1303 NULL, "second server certificate file");
1304 1304
1305 if (!s_dcert) { 1305 if (!s_dcert) {
@@ -1308,7 +1308,7 @@ s_server_main(int argc, char *argv[])
1308 } 1308 }
1309 } 1309 }
1310 if (bio_s_out == NULL) { 1310 if (bio_s_out == NULL) {
1311 if (s_server_config.s_quiet && !s_server_config.s_debug && !s_server_config.s_msg) { 1311 if (s_server_config.quiet && !s_server_config.debug && !s_server_config.msg) {
1312 bio_s_out = BIO_new(BIO_s_null()); 1312 bio_s_out = BIO_new(BIO_s_null());
1313 } else { 1313 } else {
1314 if (bio_s_out == NULL) 1314 if (bio_s_out == NULL)
@@ -1316,12 +1316,12 @@ s_server_main(int argc, char *argv[])
1316 } 1316 }
1317 } 1317 }
1318 if (s_server_config.nocert) { 1318 if (s_server_config.nocert) {
1319 s_server_config.s_cert_file = NULL; 1319 s_server_config.cert_file = NULL;
1320 s_server_config.s_key_file = NULL; 1320 s_server_config.key_file = NULL;
1321 s_server_config.s_dcert_file = NULL; 1321 s_server_config.dcert_file = NULL;
1322 s_server_config.s_dkey_file = NULL; 1322 s_server_config.dkey_file = NULL;
1323 s_server_config.s_cert_file2 = NULL; 1323 s_server_config.cert_file2 = NULL;
1324 s_server_config.s_key_file2 = NULL; 1324 s_server_config.key_file2 = NULL;
1325 } 1325 }
1326 ctx = SSL_CTX_new(s_server_config.meth); 1326 ctx = SSL_CTX_new(s_server_config.meth);
1327 if (ctx == NULL) { 1327 if (ctx == NULL) {
@@ -1456,8 +1456,8 @@ s_server_main(int argc, char *argv[])
1456 1456
1457 if (s_server_config.dhfile) 1457 if (s_server_config.dhfile)
1458 dh = load_dh_param(s_server_config.dhfile); 1458 dh = load_dh_param(s_server_config.dhfile);
1459 else if (s_server_config.s_cert_file) 1459 else if (s_server_config.cert_file)
1460 dh = load_dh_param(s_server_config.s_cert_file); 1460 dh = load_dh_param(s_server_config.cert_file);
1461 1461
1462 if (dh != NULL) 1462 if (dh != NULL)
1463 BIO_printf(bio_s_out, "Setting temp DH parameters\n"); 1463 BIO_printf(bio_s_out, "Setting temp DH parameters\n");
@@ -1479,8 +1479,8 @@ s_server_main(int argc, char *argv[])
1479 if (!s_server_config.dhfile) { 1479 if (!s_server_config.dhfile) {
1480 DH *dh2 = NULL; 1480 DH *dh2 = NULL;
1481 1481
1482 if (s_server_config.s_cert_file2 != NULL) 1482 if (s_server_config.cert_file2 != NULL)
1483 dh2 = load_dh_param(s_server_config.s_cert_file2); 1483 dh2 = load_dh_param(s_server_config.cert_file2);
1484 if (dh2 != NULL) { 1484 if (dh2 != NULL) {
1485 BIO_printf(bio_s_out, "Setting temp DH parameters\n"); 1485 BIO_printf(bio_s_out, "Setting temp DH parameters\n");
1486 (void) BIO_flush(bio_s_out); 1486 (void) BIO_flush(bio_s_out);
@@ -1547,7 +1547,7 @@ s_server_main(int argc, char *argv[])
1547 goto end; 1547 goto end;
1548 } 1548 }
1549 } 1549 }
1550 SSL_CTX_set_verify(ctx, s_server_config.s_server_verify, verify_callback); 1550 SSL_CTX_set_verify(ctx, s_server_config.server_verify, verify_callback);
1551 SSL_CTX_set_session_id_context(ctx, (void *) &s_server_session_id_context, 1551 SSL_CTX_set_session_id_context(ctx, (void *) &s_server_session_id_context,
1552 sizeof s_server_session_id_context); 1552 sizeof s_server_session_id_context);
1553 1553
@@ -1556,7 +1556,7 @@ s_server_main(int argc, char *argv[])
1556 SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback); 1556 SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback);
1557 1557
1558 if (ctx2) { 1558 if (ctx2) {
1559 SSL_CTX_set_verify(ctx2, s_server_config.s_server_verify, verify_callback); 1559 SSL_CTX_set_verify(ctx2, s_server_config.server_verify, verify_callback);
1560 SSL_CTX_set_session_id_context(ctx2, (void *) &s_server_session_id_context, 1560 SSL_CTX_set_session_id_context(ctx2, (void *) &s_server_session_id_context,
1561 sizeof s_server_session_id_context); 1561 sizeof s_server_session_id_context);
1562 1562
@@ -1645,8 +1645,8 @@ sv_body(char *hostname, int s, unsigned char *context)
1645 BIO_printf(bio_err, "out of memory\n"); 1645 BIO_printf(bio_err, "out of memory\n");
1646 goto err; 1646 goto err;
1647 } 1647 }
1648 if (s_server_config.s_nbio) { 1648 if (s_server_config.nbio) {
1649 if (!s_server_config.s_quiet) 1649 if (!s_server_config.quiet)
1650 BIO_printf(bio_err, "turning on non blocking io\n"); 1650 BIO_printf(bio_err, "turning on non blocking io\n");
1651 if (!BIO_socket_nbio(s, 1)) 1651 if (!BIO_socket_nbio(s, 1))
1652 ERR_print_errors(bio_err); 1652 ERR_print_errors(bio_err);
@@ -1654,11 +1654,11 @@ sv_body(char *hostname, int s, unsigned char *context)
1654 1654
1655 if (con == NULL) { 1655 if (con == NULL) {
1656 con = SSL_new(ctx); 1656 con = SSL_new(ctx);
1657 if (s_server_config.s_tlsextdebug) { 1657 if (s_server_config.tlsextdebug) {
1658 SSL_set_tlsext_debug_callback(con, tlsext_cb); 1658 SSL_set_tlsext_debug_callback(con, tlsext_cb);
1659 SSL_set_tlsext_debug_arg(con, bio_s_out); 1659 SSL_set_tlsext_debug_arg(con, bio_s_out);
1660 } 1660 }
1661 if (s_server_config.s_tlsextstatus) { 1661 if (s_server_config.tlsextstatus) {
1662 SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb); 1662 SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
1663 s_server_config.tlscstatp.err = bio_err; 1663 s_server_config.tlscstatp.err = bio_err;
1664 SSL_CTX_set_tlsext_status_arg(ctx, &s_server_config.tlscstatp); 1664 SSL_CTX_set_tlsext_status_arg(ctx, &s_server_config.tlscstatp);
@@ -1694,7 +1694,7 @@ sv_body(char *hostname, int s, unsigned char *context)
1694 } else 1694 } else
1695 sbio = BIO_new_socket(s, BIO_NOCLOSE); 1695 sbio = BIO_new_socket(s, BIO_NOCLOSE);
1696 1696
1697 if (s_server_config.s_nbio_test) { 1697 if (s_server_config.nbio_test) {
1698 BIO *test; 1698 BIO *test;
1699 1699
1700 test = BIO_new(BIO_f_nbio_test()); 1700 test = BIO_new(BIO_f_nbio_test());
@@ -1705,16 +1705,16 @@ sv_body(char *hostname, int s, unsigned char *context)
1705 SSL_set_accept_state(con); 1705 SSL_set_accept_state(con);
1706 /* SSL_set_fd(con,s); */ 1706 /* SSL_set_fd(con,s); */
1707 1707
1708 if (s_server_config.s_debug) { 1708 if (s_server_config.debug) {
1709 SSL_set_debug(con, 1); 1709 SSL_set_debug(con, 1);
1710 BIO_set_callback(SSL_get_rbio(con), bio_dump_callback); 1710 BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
1711 BIO_set_callback_arg(SSL_get_rbio(con), (char *) bio_s_out); 1711 BIO_set_callback_arg(SSL_get_rbio(con), (char *) bio_s_out);
1712 } 1712 }
1713 if (s_server_config.s_msg) { 1713 if (s_server_config.msg) {
1714 SSL_set_msg_callback(con, msg_cb); 1714 SSL_set_msg_callback(con, msg_cb);
1715 SSL_set_msg_callback_arg(con, bio_s_out); 1715 SSL_set_msg_callback_arg(con, bio_s_out);
1716 } 1716 }
1717 if (s_server_config.s_tlsextdebug) { 1717 if (s_server_config.tlsextdebug) {
1718 SSL_set_tlsext_debug_callback(con, tlsext_cb); 1718 SSL_set_tlsext_debug_callback(con, tlsext_cb);
1719 SSL_set_tlsext_debug_arg(con, bio_s_out); 1719 SSL_set_tlsext_debug_arg(con, bio_s_out);
1720 } 1720 }
@@ -1760,7 +1760,7 @@ sv_body(char *hostname, int s, unsigned char *context)
1760 } 1760 }
1761 } 1761 }
1762 if (read_from_terminal) { 1762 if (read_from_terminal) {
1763 if (s_server_config.s_crlf) { 1763 if (s_server_config.crlf) {
1764 int j, lf_num; 1764 int j, lf_num;
1765 1765
1766 i = read(fileno(stdin), buf, bufsize / 2); 1766 i = read(fileno(stdin), buf, bufsize / 2);
@@ -1780,7 +1780,7 @@ sv_body(char *hostname, int s, unsigned char *context)
1780 assert(lf_num == 0); 1780 assert(lf_num == 0);
1781 } else 1781 } else
1782 i = read(fileno(stdin), buf, bufsize); 1782 i = read(fileno(stdin), buf, bufsize);
1783 if (!s_server_config.s_quiet) { 1783 if (!s_server_config.quiet) {
1784 if ((i <= 0) || (buf[0] == 'Q')) { 1784 if ((i <= 0) || (buf[0] == 'Q')) {
1785 BIO_printf(bio_s_out, "DONE\n"); 1785 BIO_printf(bio_s_out, "DONE\n");
1786 shutdown(s, SHUT_RD); 1786 shutdown(s, SHUT_RD);
@@ -2063,8 +2063,8 @@ www_body(char *hostname, int s, unsigned char *context)
2063 if ((io == NULL) || (ssl_bio == NULL)) 2063 if ((io == NULL) || (ssl_bio == NULL))
2064 goto err; 2064 goto err;
2065 2065
2066 if (s_server_config.s_nbio) { 2066 if (s_server_config.nbio) {
2067 if (!s_server_config.s_quiet) 2067 if (!s_server_config.quiet)
2068 BIO_printf(bio_err, "turning on non blocking io\n"); 2068 BIO_printf(bio_err, "turning on non blocking io\n");
2069 if (!BIO_socket_nbio(s, 1)) 2069 if (!BIO_socket_nbio(s, 1))
2070 ERR_print_errors(bio_err); 2070 ERR_print_errors(bio_err);
@@ -2076,7 +2076,7 @@ www_body(char *hostname, int s, unsigned char *context)
2076 2076
2077 if ((con = SSL_new(ctx)) == NULL) 2077 if ((con = SSL_new(ctx)) == NULL)
2078 goto err; 2078 goto err;
2079 if (s_server_config.s_tlsextdebug) { 2079 if (s_server_config.tlsextdebug) {
2080 SSL_set_tlsext_debug_callback(con, tlsext_cb); 2080 SSL_set_tlsext_debug_callback(con, tlsext_cb);
2081 SSL_set_tlsext_debug_arg(con, bio_s_out); 2081 SSL_set_tlsext_debug_arg(con, bio_s_out);
2082 } 2082 }
@@ -2085,7 +2085,7 @@ www_body(char *hostname, int s, unsigned char *context)
2085 strlen((char *) context)); 2085 strlen((char *) context));
2086 2086
2087 sbio = BIO_new_socket(s, BIO_NOCLOSE); 2087 sbio = BIO_new_socket(s, BIO_NOCLOSE);
2088 if (s_server_config.s_nbio_test) { 2088 if (s_server_config.nbio_test) {
2089 BIO *test; 2089 BIO *test;
2090 2090
2091 test = BIO_new(BIO_f_nbio_test()); 2091 test = BIO_new(BIO_f_nbio_test());
@@ -2098,12 +2098,12 @@ www_body(char *hostname, int s, unsigned char *context)
2098 BIO_set_ssl(ssl_bio, con, BIO_CLOSE); 2098 BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
2099 BIO_push(io, ssl_bio); 2099 BIO_push(io, ssl_bio);
2100 2100
2101 if (s_server_config.s_debug) { 2101 if (s_server_config.debug) {
2102 SSL_set_debug(con, 1); 2102 SSL_set_debug(con, 1);
2103 BIO_set_callback(SSL_get_rbio(con), bio_dump_callback); 2103 BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
2104 BIO_set_callback_arg(SSL_get_rbio(con), (char *) bio_s_out); 2104 BIO_set_callback_arg(SSL_get_rbio(con), (char *) bio_s_out);
2105 } 2105 }
2106 if (s_server_config.s_msg) { 2106 if (s_server_config.msg) {
2107 SSL_set_msg_callback(con, msg_cb); 2107 SSL_set_msg_callback(con, msg_cb);
2108 SSL_set_msg_callback_arg(con, bio_s_out); 2108 SSL_set_msg_callback_arg(con, bio_s_out);
2109 } 2109 }
@@ -2111,11 +2111,11 @@ www_body(char *hostname, int s, unsigned char *context)
2111 i = BIO_gets(io, buf, bufsize - 1); 2111 i = BIO_gets(io, buf, bufsize - 1);
2112 if (i < 0) { /* error */ 2112 if (i < 0) { /* error */
2113 if (!BIO_should_retry(io)) { 2113 if (!BIO_should_retry(io)) {
2114 if (!s_server_config.s_quiet) 2114 if (!s_server_config.quiet)
2115 ERR_print_errors(bio_err); 2115 ERR_print_errors(bio_err);
2116 goto err; 2116 goto err;
2117 } else { 2117 } else {
2118 if (s_server_config.s_debug) { 2118 if (s_server_config.debug) {
2119 BIO_printf(bio_s_out, "read R BLOCK\n"); 2119 BIO_printf(bio_s_out, "read R BLOCK\n");
2120 sleep(1); 2120 sleep(1);
2121 } 2121 }
@@ -2263,7 +2263,7 @@ www_body(char *hostname, int s, unsigned char *context)
2263 ERR_print_errors(io); 2263 ERR_print_errors(io);
2264 break; 2264 break;
2265 } 2265 }
2266 if (!s_server_config.s_quiet) 2266 if (!s_server_config.quiet)
2267 BIO_printf(bio_err, "FILE:%s\n", p); 2267 BIO_printf(bio_err, "FILE:%s\n", p);
2268 2268
2269 if (s_server_config.www == 2) { 2269 if (s_server_config.www == 2) {
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 17:58:18 +0000