summaryrefslogtreecommitdiff
path: root/src/usr.bin/openssl/s_client.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/usr.bin/openssl/s_client.c')
-rw-r--r--src/usr.bin/openssl/s_client.c32
1 files changed, 30 insertions, 2 deletions
diff --git a/src/usr.bin/openssl/s_client.c b/src/usr.bin/openssl/s_client.c
index 94e24dacaa..4476852cdb 100644
--- a/src/usr.bin/openssl/s_client.c
+++ b/src/usr.bin/openssl/s_client.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s_client.c,v 1.9 2014/12/02 19:44:49 deraadt Exp $ */ 1/* $OpenBSD: s_client.c,v 1.10 2014/12/10 15:24:01 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -253,6 +253,7 @@ sc_usage(void)
253#ifndef OPENSSL_NO_NEXTPROTONEG 253#ifndef OPENSSL_NO_NEXTPROTONEG
254 BIO_printf(bio_err, " -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); 254 BIO_printf(bio_err, " -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n");
255#endif 255#endif
256 BIO_printf(bio_err, " -alpn arg - enable ALPN extension, considering named protocols supported (comma-separated list)\n");
256#ifndef OPENSSL_NO_SRTP 257#ifndef OPENSSL_NO_SRTP
257 BIO_printf(bio_err, " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); 258 BIO_printf(bio_err, " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
258#endif 259#endif
@@ -374,6 +375,7 @@ s_client_main(int argc, char **argv)
374#ifndef OPENSSL_NO_NEXTPROTONEG 375#ifndef OPENSSL_NO_NEXTPROTONEG
375 const char *next_proto_neg_in = NULL; 376 const char *next_proto_neg_in = NULL;
376#endif 377#endif
378 const char *alpn_in = NULL;
377 char *sess_in = NULL; 379 char *sess_in = NULL;
378 char *sess_out = NULL; 380 char *sess_out = NULL;
379 struct sockaddr peer; 381 struct sockaddr peer;
@@ -544,7 +546,11 @@ s_client_main(int argc, char **argv)
544 next_proto_neg_in = *(++argv); 546 next_proto_neg_in = *(++argv);
545 } 547 }
546#endif 548#endif
547 else if (strcmp(*argv, "-serverpref") == 0) 549 else if (strcmp(*argv, "-alpn") == 0) {
550 if (--argc < 1)
551 goto bad;
552 alpn_in = *(++argv);
553 } else if (strcmp(*argv, "-serverpref") == 0)
548 off |= SSL_OP_CIPHER_SERVER_PREFERENCE; 554 off |= SSL_OP_CIPHER_SERVER_PREFERENCE;
549 else if (strcmp(*argv, "-legacy_renegotiation") == 0) 555 else if (strcmp(*argv, "-legacy_renegotiation") == 0)
550 ; /* no-op */ 556 ; /* no-op */
@@ -736,6 +742,17 @@ bad:
736 if (next_proto.data) 742 if (next_proto.data)
737 SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto); 743 SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto);
738#endif 744#endif
745 if (alpn_in) {
746 unsigned short alpn_len;
747 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_in);
748
749 if (alpn == NULL) {
750 BIO_printf(bio_err, "Error parsing -alpn argument\n");
751 goto end;
752 }
753 SSL_CTX_set_alpn_protos(ctx, alpn, alpn_len);
754 free(alpn);
755 }
739 756
740 if (state) 757 if (state)
741 SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback); 758 SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
@@ -1423,6 +1440,17 @@ print_stuff(BIO * bio, SSL * s, int full)
1423 BIO_write(bio, "\n", 1); 1440 BIO_write(bio, "\n", 1);
1424 } 1441 }
1425#endif 1442#endif
1443 {
1444 const unsigned char *proto;
1445 unsigned int proto_len;
1446 SSL_get0_alpn_selected(s, &proto, &proto_len);
1447 if (proto_len > 0) {
1448 BIO_printf(bio, "ALPN protocol: ");
1449 BIO_write(bio, proto, proto_len);
1450 BIO_write(bio, "\n", 1);
1451 } else
1452 BIO_printf(bio, "No ALPN negotiated\n");
1453 }
1426 1454
1427#ifndef OPENSSL_NO_SRTP 1455#ifndef OPENSSL_NO_SRTP
1428 { 1456 {
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-22 19:59:19 +0000