diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-08-29 13:18:34 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-08-29 13:18:34 +0000 |
commit | ed83ba53212f81e590b3cf9adb49c04069430659 (patch) | |
tree | 31ef13fef0077e84c5752ec1c8a47aedb25ede3f /apps/s_client.c | |
parent | 81f57e5a69c7ecd3e259992c937e5e76446f3f63 (diff) | |
download | openssl-ed83ba53212f81e590b3cf9adb49c04069430659.tar.gz |
Add compilation flag to disable certain protocol checks and allow use of
some invalid operations for testing purposes. Currently this can be used
to sign using digests the peer doesn't support, EC curves the peer
doesn't support and use certificates which don't match the type associated
with a ciphersuite.
Diffstat (limited to 'apps/s_client.c')
-rw-r--r-- | apps/s_client.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index 783a49e083..0591adde24 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1007,6 +1007,10 @@ int MAIN(int argc, char **argv) } else if (strcmp(*argv, "-cert_strict") == 0) cert_flags |= SSL_CERT_FLAG_TLS_STRICT; +#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL + else if (strcmp(*argv, "-debug_broken_protocol") == 0) + cert_flags |= SSL_CERT_FLAG_BROKEN_PROTCOL; +#endif else { BIO_printf(bio_err,"unknown option %s\n",*argv); |