diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2015-07-08 23:09:52 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2015-12-22 15:14:14 +0000 |
| commit | 287d0b948d184dbba782de15a9895189c5e34854 (patch) | |
| tree | 741f0a1ef9a07d0fc7aa7feb2b101c68e05a532a /apps/s_client.c | |
| parent | f33bad332182f401d0f8d68808df4ff4858e98df (diff) | |
Add ssl configuration support to s_server and s_client
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'apps/s_client.c')
| -rw-r--r-- | apps/s_client.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index dbeb770f59..2f989660cd 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -466,7 +466,7 @@ typedef enum OPTION_choice { OPT_MSG, OPT_MSGFILE, OPT_ENGINE, OPT_TRACE, OPT_SECURITY_DEBUG, OPT_SECURITY_DEBUG_VERBOSE, OPT_SHOWCERTS, OPT_NBIO_TEST, OPT_STATE, OPT_PSK_IDENTITY, OPT_PSK, OPT_SRPUSER, OPT_SRPPASS, OPT_SRP_STRENGTH, - OPT_SRP_LATEUSER, OPT_SRP_MOREGROUPS, OPT_SSL3, + OPT_SRP_LATEUSER, OPT_SRP_MOREGROUPS, OPT_SSL3, OPT_SSL_CONFIG, OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1, OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_KEYFORM, OPT_PASS, OPT_CERT_CHAIN, OPT_CAPATH, OPT_NOCAPATH, OPT_CHAINCAPATH, OPT_VERIFYCAPATH, @@ -561,6 +561,7 @@ OPTIONS s_client_options[] = { {"alpn", OPT_ALPN, 's', "Enable ALPN extension, considering named protocols supported (comma-separated list)"}, {"async", OPT_ASYNC, '-', "Support asynchronous operation"}, + {"ssl_config", OPT_SSL_CONFIG, 's'}, OPT_S_OPTIONS, OPT_V_OPTIONS, OPT_X_OPTIONS, @@ -686,6 +687,7 @@ int s_client_main(int argc, char **argv) char *servername = NULL; const char *alpn_in = NULL; tlsextctx tlsextcbp = { NULL, 0 }; + const char *ssl_config = NULL; #define MAX_SI_TYPES 100 unsigned short serverinfo_types[MAX_SI_TYPES]; int serverinfo_count = 0, start = 0, len; @@ -940,6 +942,9 @@ int s_client_main(int argc, char **argv) case OPT_SRP_MOREGROUPS: break; #endif + case OPT_SSL_CONFIG: + ssl_config = opt_arg(); + break; case OPT_SSL3: #ifndef OPENSSL_NO_SSL3 meth = SSLv3_client_method(); @@ -1200,6 +1205,15 @@ int s_client_main(int argc, char **argv) if (sdebug) ssl_ctx_security_debug(ctx, sdebug); + if (ssl_config) { + if (SSL_CTX_config(ctx, ssl_config) == 0) { + BIO_printf(bio_err, "Error using configuration \"%s\"\n", + ssl_config); + ERR_print_errors(bio_err); + goto end; + } + } + if (vpmtouched && !SSL_CTX_set1_param(ctx, vpm)) { BIO_printf(bio_err, "Error setting verify params\n"); ERR_print_errors(bio_err); |