diff options
author | Lutz Jänicke <jaenicke@openssl.org> | 2001-02-09 19:56:31 +0000 |
---|---|---|
committer | Lutz Jänicke <jaenicke@openssl.org> | 2001-02-09 19:56:31 +0000 |
commit | 836f996010d6a5f38d9a13279c37e84a42819966 (patch) | |
tree | e5188ce6a43977577a5efb7884da010b9805c993 /apps | |
parent | 1613c4d3bff02bd2715e0e8a61356e82f9c0e147 (diff) | |
download | openssl-836f996010d6a5f38d9a13279c37e84a42819966.tar.gz |
New Option SSL_OP_CIPHER_SERVER_PREFERENCE allows TLS/SSLv3 server to override
the clients choice; in SSLv2 the client uses the server's preferences.
Diffstat (limited to 'apps')
-rw-r--r-- | apps/s_client.c | 3 | ||||
-rw-r--r-- | apps/s_server.c | 3 |
2 files changed, 6 insertions, 0 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index 1a94cdec65..2e71b42890 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -151,6 +151,7 @@ static void sc_usage(void) BIO_printf(bio_err," -tls1 - just use TLSv1\n"); BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); + BIO_printf(bio_err," -serverpref - Use server's cipher preferences (only SSLv2)\n"); BIO_printf(bio_err," -cipher - preferred cipher to use, use the 'openssl ciphers'\n"); BIO_printf(bio_err," command to see what is available\n"); BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); @@ -311,6 +312,8 @@ int MAIN(int argc, char **argv) off|=SSL_OP_NO_SSLv3; else if (strcmp(*argv,"-no_ssl2") == 0) off|=SSL_OP_NO_SSLv2; + else if (strcmp(*argv,"-serverpref") == 0) + off|=SSL_OP_CIPHER_SERVER_PREFERENCE; else if (strcmp(*argv,"-cipher") == 0) { if (--argc < 1) goto bad; diff --git a/apps/s_server.c b/apps/s_server.c index 383e2304d7..1a9ce281c3 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -231,6 +231,7 @@ static void sv_usage(void) BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n"); BIO_printf(bio_err," -cipher arg - play with 'openssl ciphers' to see what goes here\n"); + BIO_printf(bio_err," -serverpref - Use server's cipher preferences\n"); BIO_printf(bio_err," -quiet - No server output\n"); BIO_printf(bio_err," -no_tmp_rsa - Do not generate a tmp RSA key\n"); BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); @@ -508,6 +509,8 @@ int MAIN(int argc, char *argv[]) if (--argc < 1) goto bad; CApath= *(++argv); } + else if (strcmp(*argv,"-serverpref") == 0) + { off|=SSL_OP_CIPHER_SERVER_PREFERENCE; } else if (strcmp(*argv,"-cipher") == 0) { if (--argc < 1) goto bad; |