summaryrefslogtreecommitdiff
path: root/src/lib/libssl/src/apps/s_server.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/src/apps/s_server.c')
-rw-r--r--src/lib/libssl/src/apps/s_server.c30
1 files changed, 22 insertions, 8 deletions
diff --git a/src/lib/libssl/src/apps/s_server.c b/src/lib/libssl/src/apps/s_server.c
index e73b249ca3..61eb667c38 100644
--- a/src/lib/libssl/src/apps/s_server.c
+++ b/src/lib/libssl/src/apps/s_server.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s_server.c,v 1.53 2014/06/13 04:29:13 miod Exp $ */ 1/* $OpenBSD: s_server.c,v 1.54 2014/06/28 04:39:41 deraadt Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -154,6 +154,7 @@
154#include <ctype.h> 154#include <ctype.h>
155#include <stdio.h> 155#include <stdio.h>
156#include <stdlib.h> 156#include <stdlib.h>
157#include <limits.h>
157#include <string.h> 158#include <string.h>
158#include <unistd.h> 159#include <unistd.h>
159 160
@@ -702,6 +703,7 @@ s_server_main(int argc, char *argv[])
702 X509 *s_cert = NULL, *s_dcert = NULL; 703 X509 *s_cert = NULL, *s_dcert = NULL;
703 EVP_PKEY *s_key = NULL, *s_dkey = NULL; 704 EVP_PKEY *s_key = NULL, *s_dkey = NULL;
704 int no_cache = 0; 705 int no_cache = 0;
706 const char *errstr = NULL;
705#ifndef OPENSSL_NO_TLSEXT 707#ifndef OPENSSL_NO_TLSEXT
706 EVP_PKEY *s_key2 = NULL; 708 EVP_PKEY *s_key2 = NULL;
707 X509 *s_cert2 = NULL; 709 X509 *s_cert2 = NULL;
@@ -743,14 +745,18 @@ s_server_main(int argc, char *argv[])
743 s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE; 745 s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
744 if (--argc < 1) 746 if (--argc < 1)
745 goto bad; 747 goto bad;
746 verify_depth = atoi(*(++argv)); 748 verify_depth = strtonum(*(++argv), 0, INT_MAX, &errstr);
749 if (errstr)
750 goto bad;
747 BIO_printf(bio_err, "verify depth is %d\n", verify_depth); 751 BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
748 } else if (strcmp(*argv, "-Verify") == 0) { 752 } else if (strcmp(*argv, "-Verify") == 0) {
749 s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT | 753 s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT |
750 SSL_VERIFY_CLIENT_ONCE; 754 SSL_VERIFY_CLIENT_ONCE;
751 if (--argc < 1) 755 if (--argc < 1)
752 goto bad; 756 goto bad;
753 verify_depth = atoi(*(++argv)); 757 verify_depth = strtonum(*(++argv), 0, INT_MAX, &errstr);
758 if (errstr)
759 goto bad;
754 BIO_printf(bio_err, "verify depth is %d, must return a certificate\n", verify_depth); 760 BIO_printf(bio_err, "verify depth is %d, must return a certificate\n", verify_depth);
755 } else if (strcmp(*argv, "-context") == 0) { 761 } else if (strcmp(*argv, "-context") == 0) {
756 if (--argc < 1) 762 if (--argc < 1)
@@ -856,7 +862,9 @@ s_server_main(int argc, char *argv[])
856 s_tlsextstatus = 1; 862 s_tlsextstatus = 1;
857 if (--argc < 1) 863 if (--argc < 1)
858 goto bad; 864 goto bad;
859 tlscstatp.timeout = atoi(*(++argv)); 865 tlscstatp.timeout = strtonum(*(++argv), 0, INT_MAX, &errstr);
866 if (errstr)
867 goto bad;
860 } else if (!strcmp(*argv, "-status_url")) { 868 } else if (!strcmp(*argv, "-status_url")) {
861 s_tlsextstatus = 1; 869 s_tlsextstatus = 1;
862 if (--argc < 1) 870 if (--argc < 1)
@@ -951,7 +959,9 @@ s_server_main(int argc, char *argv[])
951 else if (strcmp(*argv, "-mtu") == 0) { 959 else if (strcmp(*argv, "-mtu") == 0) {
952 if (--argc < 1) 960 if (--argc < 1)
953 goto bad; 961 goto bad;
954 socket_mtu = atol(*(++argv)); 962 socket_mtu = strtonum(*(++argv), 0, LONG_MAX, &errstr);
963 if (errstr)
964 goto bad;
955 } else if (strcmp(*argv, "-chain") == 0) 965 } else if (strcmp(*argv, "-chain") == 0)
956 cert_chain = 1; 966 cert_chain = 1;
957#endif 967#endif
@@ -1005,8 +1015,8 @@ s_server_main(int argc, char *argv[])
1005 } else if (strcmp(*argv, "-keymatexportlen") == 0) { 1015 } else if (strcmp(*argv, "-keymatexportlen") == 0) {
1006 if (--argc < 1) 1016 if (--argc < 1)
1007 goto bad; 1017 goto bad;
1008 keymatexportlen = atoi(*(++argv)); 1018 keymatexportlen = strtonum(*(++argv), 1, INT_MAX, &errstr);
1009 if (keymatexportlen == 0) 1019 if (errstr)
1010 goto bad; 1020 goto bad;
1011 } else { 1021 } else {
1012 BIO_printf(bio_err, "unknown option %s\n", *argv); 1022 BIO_printf(bio_err, "unknown option %s\n", *argv);
@@ -1018,7 +1028,11 @@ s_server_main(int argc, char *argv[])
1018 } 1028 }
1019 if (badop) { 1029 if (badop) {
1020bad: 1030bad:
1021 sv_usage(); 1031 if (errstr)
1032 BIO_printf(bio_err, "invalid argument %s: %s\n",
1033 *argv, errstr);
1034 else
1035 sv_usage();
1022 goto end; 1036 goto end;
1023 } 1037 }
1024 1038
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-16 00:02:59 +0000