Disallow multiple protocol flags to s_server and s_client

We shouldn't allow both "-tls1" and "-tls1_2", or "-tls1" and "-no_tls1_2". The only time multiple flags are allowed is where they are all "-no_<prot>". This fixes Github Issue #1268 Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Matt Caswell <matt@openssl.org> 2016-07-07 11:05:31 +0100
committer: Matt Caswell <matt@openssl.org> 2016-07-08 16:20:59 +0100
commit: 4bbd4ba66dec4ca35502b8fac0315b447fde4d7a (patch)
tree: a691cad44820d09910e0d93cb1ed78966189c16b /apps/apps.h
parent: 3503549ee8bd59d23d00b9dbbc2444e91fc44746 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/apps/apps.h b/apps/apps.h
index 319b02ef19..5faf440200 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -274,6 +274,10 @@ int has_stdin_waiting(void);
         case OPT_S_DHPARAM: \
         case OPT_S_DEBUGBROKE
 
+#define IS_NO_PROT_FLAG(o) \
+ (o == OPT_S_NOSSL3 || o == OPT_S_NOTLS1 || o == OPT_S_NOTLS1_1 \
+  || o == OPT_S_NOTLS1_2)
+
 /*
  * Option parsing.
  */
author	Matt Caswell <matt@openssl.org>	2016-07-07 11:05:31 +0100
committer	Matt Caswell <matt@openssl.org>	2016-07-08 16:20:59 +0100
commit	4bbd4ba66dec4ca35502b8fac0315b447fde4d7a (patch)
tree	a691cad44820d09910e0d93cb1ed78966189c16b /apps/apps.h
parent	3503549ee8bd59d23d00b9dbbc2444e91fc44746 (diff)