diff options
author | Ben Laurie <ben@openssl.org> | 2012-05-30 10:10:58 +0000 |
---|---|---|
committer | Ben Laurie <ben@openssl.org> | 2012-05-30 10:10:58 +0000 |
commit | a9e1c50bb09a110d4774e6710f9322344684fa2d (patch) | |
tree | e030d9ea1f33d1c7d310e8ceba621e77e59b988b /apps/s_client.c | |
parent | 03c1d9f99d95e19d4940aae8587808924cab486a (diff) |
RFC 5878 support.
Diffstat (limited to 'apps/s_client.c')
-rw-r--r-- | apps/s_client.c | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index 16f1ac37db..8cbb46e540 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -202,6 +202,7 @@ static int c_debug=0; #ifndef OPENSSL_NO_TLSEXT static int c_tlsextdebug=0; static int c_status_req=0; +static int c_proof_debug=0; #endif static int c_msg=0; static int c_showcerts=0; @@ -213,6 +214,7 @@ static void sc_usage(void); static void print_stuff(BIO *berr,SSL *con,int full); #ifndef OPENSSL_NO_TLSEXT static int ocsp_resp_cb(SSL *s, void *arg); +static int audit_proof_cb(SSL *s, void *arg); #endif static BIO *bio_c_out=NULL; static int c_quiet=0; @@ -357,6 +359,7 @@ static void sc_usage(void) BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); BIO_printf(bio_err," -status - request certificate status from server\n"); BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); + BIO_printf(bio_err," -proof_debug - request an audit proof and print its hex dump\n"); # ifndef OPENSSL_NO_NEXTPROTONEG BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); # endif @@ -731,6 +734,8 @@ int MAIN(int argc, char **argv) c_tlsextdebug=1; else if (strcmp(*argv,"-status") == 0) c_status_req=1; + else if (strcmp(*argv,"-proof_debug") == 0) + c_proof_debug=1; #endif #ifdef WATT32 else if (strcmp(*argv,"-wdebug") == 0) @@ -1212,6 +1217,9 @@ bad: } #endif + if (c_proof_debug) + SSL_CTX_set_tlsext_authz_server_audit_proof_cb(ctx, + audit_proof_cb); #endif con=SSL_new(ctx); @@ -2147,4 +2155,26 @@ static int ocsp_resp_cb(SSL *s, void *arg) return 1; } +static int audit_proof_cb(SSL *s, void *arg) + { + const unsigned char *proof; + size_t proof_len; + size_t i; + SSL_SESSION *sess = SSL_get_session(s); + + proof = SSL_SESSION_get_tlsext_authz_server_audit_proof(sess, + &proof_len); + if (proof != NULL) + { + BIO_printf(bio_c_out, "Audit proof: "); + for (i = 0; i < proof_len; ++i) + BIO_printf(bio_c_out, "%02X", proof[i]); + BIO_printf(bio_c_out, "\n"); + } + else + { + BIO_printf(bio_c_out, "No audit proof found.\n"); + } + return 1; + } #endif |