summaryrefslogtreecommitdiffstats
path: root/apps
diff options
context:
space:
mode:
Diffstat (limited to 'apps')
-rw-r--r--apps/ciphers.c11
-rw-r--r--apps/include/s_apps.h1
-rw-r--r--apps/lib/tlssrp_depr.c12
3 files changed, 15 insertions, 9 deletions
diff --git a/apps/ciphers.c b/apps/ciphers.c
index 3afbbe5002..03ffad3b3b 100644
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -14,6 +14,7 @@
#include "progs.h"
#include <openssl/err.h>
#include <openssl/ssl.h>
+#include "s_apps.h"
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -63,7 +64,7 @@ const OPTIONS ciphers_options[] = {
{"psk", OPT_PSK, '-', "Include ciphersuites requiring PSK"},
#endif
#ifndef OPENSSL_NO_SRP
- {"srp", OPT_SRP, '-', "Include ciphersuites requiring SRP"},
+ {"srp", OPT_SRP, '-', "(deprecated) Include ciphersuites requiring SRP"},
#endif
{"ciphersuites", OPT_CIPHERSUITES, 's',
"Configure the TLSv1.3 ciphersuites to use"},
@@ -83,12 +84,6 @@ static unsigned int dummy_psk(SSL *ssl, const char *hint, char *identity,
return 0;
}
#endif
-#ifndef OPENSSL_NO_SRP
-static char *dummy_srp(SSL *ssl, void *arg)
-{
- return "";
-}
-#endif
int ciphers_main(int argc, char **argv)
{
@@ -205,7 +200,7 @@ int ciphers_main(int argc, char **argv)
#endif
#ifndef OPENSSL_NO_SRP
if (srp)
- SSL_CTX_set_srp_client_pwd_callback(ctx, dummy_srp);
+ set_up_dummy_srp(ctx);
#endif
if (ciphersuites != NULL && !SSL_CTX_set_ciphersuites(ctx, ciphersuites)) {
diff --git a/apps/include/s_apps.h b/apps/include/s_apps.h
index 5931c221c4..8ddf7d51e1 100644
--- a/apps/include/s_apps.h
+++ b/apps/include/s_apps.h
@@ -92,6 +92,7 @@ typedef struct srp_arg_st {
int set_up_srp_arg(SSL_CTX *ctx, SRP_ARG *srp_arg, int srp_lateuser, int c_msg,
int c_debug);
+void set_up_dummy_srp(SSL_CTX *ctx);
/* The server side SRP context that we pass to all SRP related callbacks */
typedef struct srpsrvparm_st {
diff --git a/apps/lib/tlssrp_depr.c b/apps/lib/tlssrp_depr.c
index 7b93e34647..91c19b096e 100644
--- a/apps/lib/tlssrp_depr.c
+++ b/apps/lib/tlssrp_depr.c
@@ -10,7 +10,7 @@
/*
* This file is to enable backwards compatibility for the SRP features of
- * s_client and s_server. All of those features are deprecated and will
+ * s_client, s_server and ciphers. All of those features are deprecated and will
* eventually disappear. In the meantime, to continue to support them, we
* need to access deprecated SRP APIs.
*/
@@ -137,6 +137,16 @@ int set_up_srp_arg(SSL_CTX *ctx, SRP_ARG *srp_arg, int srp_lateuser, int c_msg,
return 1;
}
+static char *dummy_srp(SSL *ssl, void *arg)
+{
+ return "";
+}
+
+void set_up_dummy_srp(SSL_CTX *ctx)
+{
+ SSL_CTX_set_srp_client_pwd_callback(ctx, dummy_srp);
+}
+
/*
* This callback pretends to require some asynchronous logic in order to
* obtain a verifier. When the callback is called for a new connection we