Commit 1fb6b0bf authored by FdaSilvaYY's avatar FdaSilvaYY Committed by Rich Salz
Browse files

Unify s_client/s_server srtp profiles option handling 



Add missing guards around STRP-related fields
Remove two unneeded global variables: my 2'cents to #4679
Merge definition and instantiation of srpsrvparm global.

Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
Reviewed-by: default avatarBen Kaduk <kaduk@mit.edu>
Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4908)
parent ab0a3914

apps/s_client.c

+3 −2
Original line number Diff line number Diff line
@@ -367,8 +367,6 @@ static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg) 


#endif



static char *srtp_profiles = NULL;



#ifndef OPENSSL_NO_NEXTPROTONEG

/* This the context that we pass to next_proto_cb */

typedef struct tlsextnextprotoctx_st {
@@ -657,8 +655,10 @@ const OPTIONS s_client_options[] = { 
    OPT_R_OPTIONS,

    {"sess_out", OPT_SESS_OUT, '>', "File to write SSL session to"},

    {"sess_in", OPT_SESS_IN, '<', "File to read SSL session from"},

#ifndef OPENSSL_NO_SRTP

    {"use_srtp", OPT_USE_SRTP, 's',

     "Offer SRTP key management with a colon-separated profile list"},

#endif

    {"keymatexport", OPT_KEYMATEXPORT, 's',

     "Export keying material using label"},

    {"keymatexportlen", OPT_KEYMATEXPORTLEN, 'p',
@@ -934,6 +934,7 @@ int s_client_main(int argc, char **argv) 
    int srp_lateuser = 0;

    SRP_ARG srp_arg = { NULL, NULL, 0, 0, 0, 1024 };

#endif

    char *srtp_profiles = NULL;

#ifndef OPENSSL_NO_CT

    char *ctlog_file = NULL;

    int ct_validation = 0;

apps/s_server.c

+2 −9
Original line number Diff line number Diff line
@@ -236,6 +236,7 @@ typedef struct srpsrvparm_st { 
    SRP_VBASE *vb;

    SRP_user_pwd *user;

} srpsrvparm;

static srpsrvparm srp_callback_parm;



/*

 * This callback pretends to require some asynchronous logic in order to
@@ -722,13 +723,6 @@ static int not_resumable_sess_cb(SSL *s, int is_forward_secure) 
    return is_forward_secure;

}



#ifndef OPENSSL_NO_SRP

static srpsrvparm srp_callback_parm;

#endif

#ifndef OPENSSL_NO_SRTP

static char *srtp_profiles = NULL;

#endif



typedef enum OPTION_choice {

    OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_ENGINE,

    OPT_4, OPT_6, OPT_ACCEPT, OPT_PORT, OPT_UNIX, OPT_UNLINK, OPT_NACCEPT,
@@ -1024,6 +1018,7 @@ int s_server_main(int argc, char *argv[]) 
    char *srpuserseed = NULL;

    char *srp_verifier_file = NULL;

#endif

    char *srtp_profiles = NULL;

    int min_version = 0, max_version = 0, prot_opt = 0, no_prot_opt = 0;

    int s_server_verify = SSL_VERIFY_NONE;

    int s_server_session_id_context = 1; /* anything will do */
@@ -1529,9 +1524,7 @@ int s_server_main(int argc, char *argv[]) 
            alpn_in = opt_arg();

            break;

        case OPT_SRTP_PROFILES:

#ifndef OPENSSL_NO_SRTP

            srtp_profiles = opt_arg();

#endif

            break;

        case OPT_KEYMATEXPORT:

            keymatexportlabel = opt_arg();

ssl/ssl_locl.h

+4 −0
Original line number Diff line number Diff line
@@ -1019,8 +1019,10 @@ struct ssl_ctx_st { 
    /* Shared DANE context */

    struct dane_ctx_st dane;



# ifndef OPENSSL_NO_SRTP

    /* SRTP profiles we are willing to do from RFC 5764 */

    STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;

# endif

    /*

     * Callback for disabling session caching and ticket support on a session

     * basis, depending on the chosen cipher.
@@ -1358,10 +1360,12 @@ struct ssl_st { 
    int scts_parsed;

# endif

    SSL_CTX *session_ctx;       /* initial ctx, used to store sessions */

# ifndef OPENSSL_NO_SRTP

    /* What we'll do */

    STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;

    /* What's been chosen */

    SRTP_PROTECTION_PROFILE *srtp_profile;

# endif

    /*-

     * 1 if we are renegotiating.

     * 2 if we are a server and are inside a handshake