diff options
Diffstat (limited to '')
| -rw-r--r-- | src/usr.bin/openssl/s_server.c | 40 |
1 files changed, 9 insertions, 31 deletions
diff --git a/src/usr.bin/openssl/s_server.c b/src/usr.bin/openssl/s_server.c index 0272abe43b..5989e0db90 100644 --- a/src/usr.bin/openssl/s_server.c +++ b/src/usr.bin/openssl/s_server.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s_server.c,v 1.16 2015/09/10 16:01:06 jsing Exp $ */ | 1 | /* $OpenBSD: s_server.c,v 1.17 2015/09/11 14:30:23 bcook Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -226,9 +226,6 @@ static int s_quiet = 0; | |||
| 226 | static char *keymatexportlabel = NULL; | 226 | static char *keymatexportlabel = NULL; |
| 227 | static int keymatexportlen = 20; | 227 | static int keymatexportlen = 20; |
| 228 | 228 | ||
| 229 | #ifndef OPENSSL_NO_ENGINE | ||
| 230 | static char *engine_id = NULL; | ||
| 231 | #endif | ||
| 232 | static const char *session_id_prefix = NULL; | 229 | static const char *session_id_prefix = NULL; |
| 233 | 230 | ||
| 234 | static int enable_timeouts = 0; | 231 | static int enable_timeouts = 0; |
| @@ -262,9 +259,6 @@ s_server_init(void) | |||
| 262 | s_debug = 0; | 259 | s_debug = 0; |
| 263 | s_msg = 0; | 260 | s_msg = 0; |
| 264 | s_quiet = 0; | 261 | s_quiet = 0; |
| 265 | #ifndef OPENSSL_NO_ENGINE | ||
| 266 | engine_id = NULL; | ||
| 267 | #endif | ||
| 268 | } | 262 | } |
| 269 | 263 | ||
| 270 | static void | 264 | static void |
| @@ -286,12 +280,12 @@ sv_usage(void) | |||
| 286 | BIO_printf(bio_err, " -certform arg - certificate format (PEM or DER) PEM default\n"); | 280 | BIO_printf(bio_err, " -certform arg - certificate format (PEM or DER) PEM default\n"); |
| 287 | BIO_printf(bio_err, " -key arg - Private Key file to use, in cert file if\n"); | 281 | BIO_printf(bio_err, " -key arg - Private Key file to use, in cert file if\n"); |
| 288 | BIO_printf(bio_err, " not specified (default is %s)\n", TEST_CERT); | 282 | BIO_printf(bio_err, " not specified (default is %s)\n", TEST_CERT); |
| 289 | BIO_printf(bio_err, " -keyform arg - key format (PEM, DER or ENGINE) PEM default\n"); | 283 | BIO_printf(bio_err, " -keyform arg - key format (PEM or DER) PEM default\n"); |
| 290 | BIO_printf(bio_err, " -pass arg - private key file pass phrase source\n"); | 284 | BIO_printf(bio_err, " -pass arg - private key file pass phrase source\n"); |
| 291 | BIO_printf(bio_err, " -dcert arg - second certificate file to use (usually for DSA)\n"); | 285 | BIO_printf(bio_err, " -dcert arg - second certificate file to use (usually for DSA)\n"); |
| 292 | BIO_printf(bio_err, " -dcertform x - second certificate format (PEM or DER) PEM default\n"); | 286 | BIO_printf(bio_err, " -dcertform x - second certificate format (PEM or DER) PEM default\n"); |
| 293 | BIO_printf(bio_err, " -dkey arg - second private key file to use (usually for DSA)\n"); | 287 | BIO_printf(bio_err, " -dkey arg - second private key file to use (usually for DSA)\n"); |
| 294 | BIO_printf(bio_err, " -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n"); | 288 | BIO_printf(bio_err, " -dkeyform arg - second key format (PEM or DER) PEM default\n"); |
| 295 | BIO_printf(bio_err, " -dpass arg - second private key file pass phrase source\n"); | 289 | BIO_printf(bio_err, " -dpass arg - second private key file pass phrase source\n"); |
| 296 | BIO_printf(bio_err, " -dhparam arg - DH parameter file to use, in cert file if not specified\n"); | 290 | BIO_printf(bio_err, " -dhparam arg - DH parameter file to use, in cert file if not specified\n"); |
| 297 | BIO_printf(bio_err, " or a default set of parameters is used\n"); | 291 | BIO_printf(bio_err, " or a default set of parameters is used\n"); |
| @@ -331,9 +325,6 @@ sv_usage(void) | |||
| 331 | BIO_printf(bio_err, " -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); | 325 | BIO_printf(bio_err, " -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); |
| 332 | BIO_printf(bio_err, " -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); | 326 | BIO_printf(bio_err, " -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); |
| 333 | BIO_printf(bio_err, " with the assumption it contains a complete HTTP response.\n"); | 327 | BIO_printf(bio_err, " with the assumption it contains a complete HTTP response.\n"); |
| 334 | #ifndef OPENSSL_NO_ENGINE | ||
| 335 | BIO_printf(bio_err, " -engine id - Initialise and use the specified engine\n"); | ||
| 336 | #endif | ||
| 337 | BIO_printf(bio_err, " -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n"); | 328 | BIO_printf(bio_err, " -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n"); |
| 338 | BIO_printf(bio_err, " -servername host - servername for HostName TLS extension\n"); | 329 | BIO_printf(bio_err, " -servername host - servername for HostName TLS extension\n"); |
| 339 | BIO_printf(bio_err, " -servername_fatal - on mismatch send fatal alert (default warning alert)\n"); | 330 | BIO_printf(bio_err, " -servername_fatal - on mismatch send fatal alert (default warning alert)\n"); |
| @@ -598,7 +589,6 @@ s_server_main(int argc, char *argv[]) | |||
| 598 | int state = 0; | 589 | int state = 0; |
| 599 | const SSL_METHOD *meth = NULL; | 590 | const SSL_METHOD *meth = NULL; |
| 600 | int socket_type = SOCK_STREAM; | 591 | int socket_type = SOCK_STREAM; |
| 601 | ENGINE *e = NULL; | ||
| 602 | int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; | 592 | int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; |
| 603 | char *passarg = NULL, *pass = NULL; | 593 | char *passarg = NULL, *pass = NULL; |
| 604 | char *dpassarg = NULL, *dpass = NULL; | 594 | char *dpassarg = NULL, *dpass = NULL; |
| @@ -832,13 +822,6 @@ s_server_main(int argc, char *argv[]) | |||
| 832 | goto bad; | 822 | goto bad; |
| 833 | session_id_prefix = *(++argv); | 823 | session_id_prefix = *(++argv); |
| 834 | } | 824 | } |
| 835 | #ifndef OPENSSL_NO_ENGINE | ||
| 836 | else if (strcmp(*argv, "-engine") == 0) { | ||
| 837 | if (--argc < 1) | ||
| 838 | goto bad; | ||
| 839 | engine_id = *(++argv); | ||
| 840 | } | ||
| 841 | #endif | ||
| 842 | else if (strcmp(*argv, "-servername") == 0) { | 825 | else if (strcmp(*argv, "-servername") == 0) { |
| 843 | if (--argc < 1) | 826 | if (--argc < 1) |
| 844 | goto bad; | 827 | goto bad; |
| @@ -899,10 +882,6 @@ bad: | |||
| 899 | goto end; | 882 | goto end; |
| 900 | } | 883 | } |
| 901 | 884 | ||
| 902 | #ifndef OPENSSL_NO_ENGINE | ||
| 903 | e = setup_engine(bio_err, engine_id, 1); | ||
| 904 | #endif | ||
| 905 | |||
| 906 | if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) { | 885 | if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) { |
| 907 | BIO_printf(bio_err, "Error getting password\n"); | 886 | BIO_printf(bio_err, "Error getting password\n"); |
| 908 | goto end; | 887 | goto end; |
| @@ -913,28 +892,28 @@ bad: | |||
| 913 | s_key_file2 = s_cert_file2; | 892 | s_key_file2 = s_cert_file2; |
| 914 | 893 | ||
| 915 | if (nocert == 0) { | 894 | if (nocert == 0) { |
| 916 | s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e, | 895 | s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, |
| 917 | "server certificate private key file"); | 896 | "server certificate private key file"); |
| 918 | if (!s_key) { | 897 | if (!s_key) { |
| 919 | ERR_print_errors(bio_err); | 898 | ERR_print_errors(bio_err); |
| 920 | goto end; | 899 | goto end; |
| 921 | } | 900 | } |
| 922 | s_cert = load_cert(bio_err, s_cert_file, s_cert_format, | 901 | s_cert = load_cert(bio_err, s_cert_file, s_cert_format, |
| 923 | NULL, e, "server certificate file"); | 902 | NULL, "server certificate file"); |
| 924 | 903 | ||
| 925 | if (!s_cert) { | 904 | if (!s_cert) { |
| 926 | ERR_print_errors(bio_err); | 905 | ERR_print_errors(bio_err); |
| 927 | goto end; | 906 | goto end; |
| 928 | } | 907 | } |
| 929 | if (tlsextcbp.servername) { | 908 | if (tlsextcbp.servername) { |
| 930 | s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e, | 909 | s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, |
| 931 | "second server certificate private key file"); | 910 | "second server certificate private key file"); |
| 932 | if (!s_key2) { | 911 | if (!s_key2) { |
| 933 | ERR_print_errors(bio_err); | 912 | ERR_print_errors(bio_err); |
| 934 | goto end; | 913 | goto end; |
| 935 | } | 914 | } |
| 936 | s_cert2 = load_cert(bio_err, s_cert_file2, s_cert_format, | 915 | s_cert2 = load_cert(bio_err, s_cert_file2, s_cert_format, |
| 937 | NULL, e, "second server certificate file"); | 916 | NULL, "second server certificate file"); |
| 938 | 917 | ||
| 939 | if (!s_cert2) { | 918 | if (!s_cert2) { |
| 940 | ERR_print_errors(bio_err); | 919 | ERR_print_errors(bio_err); |
| @@ -966,14 +945,13 @@ bad: | |||
| 966 | s_dkey_file = s_dcert_file; | 945 | s_dkey_file = s_dcert_file; |
| 967 | 946 | ||
| 968 | s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format, | 947 | s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format, |
| 969 | 0, dpass, e, | 948 | 0, dpass, "second certificate private key file"); |
| 970 | "second certificate private key file"); | ||
| 971 | if (!s_dkey) { | 949 | if (!s_dkey) { |
| 972 | ERR_print_errors(bio_err); | 950 | ERR_print_errors(bio_err); |
| 973 | goto end; | 951 | goto end; |
| 974 | } | 952 | } |
| 975 | s_dcert = load_cert(bio_err, s_dcert_file, s_dcert_format, | 953 | s_dcert = load_cert(bio_err, s_dcert_file, s_dcert_format, |
| 976 | NULL, e, "second server certificate file"); | 954 | NULL, "second server certificate file"); |
| 977 | 955 | ||
| 978 | if (!s_dcert) { | 956 | if (!s_dcert) { |
| 979 | ERR_print_errors(bio_err); | 957 | ERR_print_errors(bio_err); |