Add DTLS support to ssltest

Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit 98b8cdd32277cea829c31034a53f2487f750615d) Conflicts: ssl/ssltest.c
author: David Woodhouse <dwmw2@infradead.org> 2015-03-03 15:47:08 +0000
committer: Matt Caswell <matt@openssl.org> 2015-03-20 12:09:22 +0000
commit: ece8574ae6d2b3a06bd13e6142ab9f3c555c890f (patch)
tree: a272d1894ba19bd2ab8b53f2c154a827e89d8d60 /ssl/ssltest.c
parent: 3edf1b98e0b713f1655341572e2ac878a2e553f6 (diff)
1 files changed, 26 insertions, 5 deletions
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index 9f5d586247..8a6f00f42e 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -716,6 +716,10 @@ static void sv_usage(void)
 #ifndef OPENSSL_NO_TLS1
     fprintf(stderr, " -tls1         - use TLSv1\n");
 #endif
+#ifndef OPENSSL_NO_DTLS
+    fprintf(stderr, " -dtls1        - use DTLSv1\n");
+    fprintf(stderr, " -dtls12       - use DTLSv1.2\n");
+#endif
     fprintf(stderr, " -CApath arg   - PEM format directory of CA's\n");
     fprintf(stderr, " -CAfile arg   - PEM format file of CA's\n");
     fprintf(stderr, " -cert arg     - Server certificate file\n");
@@ -877,7 +881,7 @@ int main(int argc, char *argv[])
     int badop = 0;
     int bio_pair = 0;
     int force = 0;
-    int tls1 = 0, ssl2 = 0, ssl3 = 0, ret = 1;
+    int dtls1 = 0, dtls12 = 0, tls1 = 0, ssl2 = 0, ssl3 = 0, ret = 1;
     int client_auth = 0;
     int server_auth = 0, i;
     struct app_verify_arg app_verify_arg =
@@ -1037,6 +1041,16 @@ int main(int argc, char *argv[])
             no_protocol = 1;
 #endif
             ssl3 = 1;
+        } else if (strcmp(*argv, "-dtls1") == 0) {
+#ifdef OPENSSL_NO_DTLS
+            no_protocol = 1;
+#endif
+            dtls1 = 1;
+        } else if (strcmp(*argv, "-dtls12") == 0) {
+#ifdef OPENSSL_NO_DTLS
+            no_protocol = 1;
+#endif
+            dtls12 = 1;
         } else if (strncmp(*argv, "-num", 4) == 0) {
             if (--argc < 1)
                 goto bad;
@@ -1172,8 +1186,8 @@ int main(int argc, char *argv[])
         goto end;
     }
 
-    if (ssl2 + ssl3 + tls1 > 1) {
-        fprintf(stderr, "At most one of -ssl2, -ssl3, or -tls1 should "
+    if (ssl2 + ssl3 + tls1 + dtls1 + dtls12 > 1) {
+        fprintf(stderr, "At most one of -ssl2, -ssl3, -tls1, -dtls1 or -dtls12 should "
                 "be requested.\n");
         EXIT(1);
     }
@@ -1190,10 +1204,10 @@ int main(int argc, char *argv[])
         goto end;
     }
 
-    if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force) {
+    if (!ssl2 && !ssl3 && !tls1 && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
         fprintf(stderr, "This case cannot work.  Use -f to perform "
                 "the test anyway (and\n-d to see what happens), "
-                "or add one of -ssl2, -ssl3, -tls1, -reuse\n"
+                "or add one of ssl2, -ssl3, -tls1, -dtls1, -dtls12, -reuse\n"
                 "to avoid protocol mismatch.\n");
         EXIT(1);
     }
@@ -1271,6 +1285,13 @@ int main(int argc, char *argv[])
         meth = SSLv3_method();
     else
 #endif
+#ifndef OPENSSL_NO_DTLS
+    if (dtls1)
+        meth = DTLSv1_method();
+    else if (dtls12)
+        meth = DTLSv1_2_method();
+    else
+#endif
 #ifndef OPENSSL_NO_TLS1
     if (tls1)
         meth = TLSv1_method();
author	David Woodhouse <dwmw2@infradead.org>	2015-03-03 15:47:08 +0000
committer	Matt Caswell <matt@openssl.org>	2015-03-20 12:09:22 +0000
commit	ece8574ae6d2b3a06bd13e6142ab9f3c555c890f (patch)
tree	a272d1894ba19bd2ab8b53f2c154a827e89d8d60 /ssl/ssltest.c
parent	3edf1b98e0b713f1655341572e2ac878a2e553f6 (diff)