diff options
| author | Ben Laurie <ben@openssl.org> | 2009-11-08 14:51:54 +0000 |
|---|---|---|
| committer | Ben Laurie <ben@openssl.org> | 2009-11-08 14:51:54 +0000 |
| commit | c2b78c31d631f45cd43c2d04c5ae490b8e9f21ab (patch) | |
| tree | 1afd09479b364bf9787bc4c55f065360092b97b0 /apps | |
| parent | a1dc0336dd482d0ce0e81d7847365de399899d5f (diff) | |
First cut of renegotiation extension.
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/s_cb.c | 3 | ||||
| -rw-r--r-- | apps/s_client.c | 3 | ||||
| -rw-r--r-- | apps/s_server.c | 3 |
3 files changed, 9 insertions, 0 deletions
diff --git a/apps/s_cb.c b/apps/s_cb.c index 8c388afd3f..97caffc401 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -638,6 +638,9 @@ void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type, extname = "server ticket"; break; + case TLSEXT_TYPE_renegotiate: + extname = "renegotiate"; + break; default: extname = "unknown"; diff --git a/apps/s_client.c b/apps/s_client.c index f6717f1a71..c9c654c3c8 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -249,6 +249,7 @@ static void sc_usage(void) BIO_printf(bio_err," -status - request certificate status from server\n"); BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); #endif + BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); } #ifndef OPENSSL_NO_TLSEXT @@ -536,6 +537,8 @@ int MAIN(int argc, char **argv) #endif else if (strcmp(*argv,"-serverpref") == 0) off|=SSL_OP_CIPHER_SERVER_PREFERENCE; + else if (strcmp(*argv,"-legacy_renegotiation") == 0) + off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; else if (strcmp(*argv,"-cipher") == 0) { if (--argc < 1) goto bad; diff --git a/apps/s_server.c b/apps/s_server.c index cb1ebcae38..77bb6e8e91 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -404,6 +404,7 @@ static void sv_usage(void) BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2); BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); + BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); #endif } @@ -923,6 +924,8 @@ int MAIN(int argc, char *argv[]) } else if (strcmp(*argv,"-serverpref") == 0) { off|=SSL_OP_CIPHER_SERVER_PREFERENCE; } + else if (strcmp(*argv,"-legacy_renegotiation") == 0) + off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; else if (strcmp(*argv,"-cipher") == 0) { if (--argc < 1) goto bad; |