diff options
author | Bodo Möller <bodo@openssl.org> | 2006-01-11 06:10:40 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2006-01-11 06:10:40 +0000 |
commit | 241520e66d3ece1054beae93ff96978d0299cae4 (patch) | |
tree | 11e6149f50fb9e45aaba9635a138c93059c1c988 /apps/s_server.c | |
parent | a13c20f60353d3cd3fdd4f23563819eeb4234528 (diff) | |
download | openssl-241520e66d3ece1054beae93ff96978d0299cae4.tar.gz |
More TLS extension related changes.
Submitted by: Peter Sylvester
Diffstat (limited to 'apps/s_server.c')
-rw-r--r-- | apps/s_server.c | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/apps/s_server.c b/apps/s_server.c index e07f3dd20e..583bfccd5c 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -367,7 +367,7 @@ static void sv_usage(void) BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); #ifndef OPENSSL_NO_TLSEXT BIO_printf(bio_err," -servername host - servername for HostName TLS extension\n"); - BIO_printf(bio_err," -servername_warn - on mismatch send warning (default fatal alert)\n"); + BIO_printf(bio_err," -servername_fatal - on mismatch send fatal alert (default warning alert)\n"); BIO_printf(bio_err," -cert2 arg - certificate file to use for servername\n"); BIO_printf(bio_err," (default is %s)\n",TEST_CERT2); BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n"); @@ -534,7 +534,7 @@ static int ebcdic_puts(BIO *bp, const char *str) typedef struct tlsextctx_st { char * servername; BIO * biodebug; - int servername_warn; + int extension_error; } tlsextctx; @@ -546,18 +546,19 @@ static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) BIO_printf(p->biodebug,"Hostname in TLS extension: \"%s\"\n",servername); if (!p->servername) - return 1; + return SSL_TLSEXT_ERR_NOACK; if (servername) { if (strcmp(servername,p->servername)) - return p->servername_warn; - if (ctx2) { + return p->extension_error; + if (ctx2) + { BIO_printf(p->biodebug,"Swiching server context.\n"); SSL_set_SSL_CTX(s,ctx2); } } - return 1; + return SSL_TLSEXT_ERR_OK; } #endif @@ -597,7 +598,7 @@ int MAIN(int argc, char *argv[]) #endif #ifndef OPENSSL_NO_TLSEXT - tlsextctx tlsextcbp = {NULL, NULL, -1}; + tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING}; #endif #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) meth=SSLv23_server_method(); @@ -846,8 +847,8 @@ int MAIN(int argc, char *argv[]) if (--argc < 1) goto bad; tlsextcbp.servername= *(++argv); } - else if (strcmp(*argv,"-servername_warn") == 0) - { tlsextcbp.servername_warn = 0; } + else if (strcmp(*argv,"-servername_fatal") == 0) + { tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL; } else if (strcmp(*argv,"-cert2") == 0) { if (--argc < 1) goto bad; |