Loading apps/apps.c +6 −0 Original line number Original line Diff line number Diff line Loading @@ -2726,6 +2726,9 @@ void jpake_client_auth(BIO *out, BIO *conn, const char *secret) BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n"); BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n"); if (psk_key) OPENSSL_free(psk_key); psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx)); psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx)); BIO_pop(bconn); BIO_pop(bconn); Loading Loading @@ -2755,6 +2758,9 @@ void jpake_server_auth(BIO *out, BIO *conn, const char *secret) BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n"); BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n"); if (psk_key) OPENSSL_free(psk_key); psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx)); psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx)); BIO_pop(bconn); BIO_pop(bconn); Loading apps/s_apps.h +1 −1 Original line number Original line Diff line number Diff line Loading @@ -195,5 +195,5 @@ int load_excert(SSL_EXCERT **pexc, BIO *err); int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx, int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx, int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr); int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr); int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx, int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx, STACK_OF(OPENSSL_STRING) *str, int no_ecdhe); STACK_OF(OPENSSL_STRING) *str, int no_ecdhe, int no_jpake); #endif #endif apps/s_cb.c +19 −1 Original line number Original line Diff line number Diff line Loading @@ -1545,7 +1545,7 @@ int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx, } } int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx, int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx, STACK_OF(OPENSSL_STRING) *str, int no_ecdhe) STACK_OF(OPENSSL_STRING) *str, int no_ecdhe, int no_jpake) { { int i; int i; SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); Loading @@ -1558,6 +1558,13 @@ int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx, */ */ if (!no_ecdhe && !strcmp(param, "-named_curve")) if (!no_ecdhe && !strcmp(param, "-named_curve")) no_ecdhe = 1; no_ecdhe = 1; #ifndef OPENSSL_NO_JPAKE if (!no_jpake && !strcmp(param, "-cipher")) { BIO_puts(err, "JPAKE sets cipher to PSK\n"); return 0; } #endif if (SSL_CONF_cmd(cctx, param, value) <= 0) if (SSL_CONF_cmd(cctx, param, value) <= 0) { { BIO_printf(err, "Error with command: \"%s %s\"\n", BIO_printf(err, "Error with command: \"%s %s\"\n", Loading @@ -1579,5 +1586,16 @@ int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx, return 0; return 0; } } } } #ifndef OPENSSL_NO_JPAKE if (!no_jpake) { if (SSL_CONF_cmd(cctx, "-cipher", "PSK") <= 0) { BIO_puts(err, "Error setting cipher to PSK\n"); ERR_print_errors(err); return 0; } } #endif return 1; return 1; } } apps/s_client.c +9 −8 Original line number Original line Diff line number Diff line Loading @@ -618,7 +618,10 @@ int MAIN(int argc, char **argv) int enable_timeouts = 0 ; int enable_timeouts = 0 ; long socket_mtu = 0; long socket_mtu = 0; #ifndef OPENSSL_NO_JPAKE #ifndef OPENSSL_NO_JPAKE char *jpake_secret = NULL; static char *jpake_secret = NULL; #define no_jpake !jpake_secret #else #define no_jpake 1 #endif #endif #ifndef OPENSSL_NO_SRP #ifndef OPENSSL_NO_SRP char * srppass = NULL; char * srppass = NULL; Loading Loading @@ -997,12 +1000,6 @@ bad: goto end; goto end; } } psk_identity = "JPAKE"; psk_identity = "JPAKE"; if (cipher) { BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); goto end; } cipher = "PSK"; } } #endif #endif Loading Loading @@ -1120,7 +1117,7 @@ bad: if (vpm) if (vpm) SSL_CTX_set1_param(ctx, vpm); SSL_CTX_set1_param(ctx, vpm); if (!args_ssl_call(ctx, bio_err, cctx, ssl_args, 1)) if (!args_ssl_call(ctx, bio_err, cctx, ssl_args, 1, no_jpake)) { { ERR_print_errors(bio_err); ERR_print_errors(bio_err); goto end; goto end; Loading Loading @@ -1932,6 +1929,10 @@ end: sk_OPENSSL_STRING_free(ssl_args); sk_OPENSSL_STRING_free(ssl_args); if (cctx) if (cctx) SSL_CONF_CTX_free(cctx); SSL_CONF_CTX_free(cctx); #ifndef OPENSSL_NO_JPAKE if (jpake_secret && psk_key) OPENSSL_free(psk_key); #endif if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); } if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); } if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); } if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); } if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); } if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); } Loading apps/s_server.c +9 −9 Original line number Original line Diff line number Diff line Loading @@ -930,6 +930,9 @@ int MAIN(int, char **); #ifndef OPENSSL_NO_JPAKE #ifndef OPENSSL_NO_JPAKE static char *jpake_secret = NULL; static char *jpake_secret = NULL; #define no_jpake !jpake_secret #else #define no_jpake 1 #endif #endif #ifndef OPENSSL_NO_SRP #ifndef OPENSSL_NO_SRP static srpsrvparm srp_callback_parm; static srpsrvparm srp_callback_parm; Loading Loading @@ -1417,14 +1420,7 @@ bad: goto end; goto end; } } psk_identity = "JPAKE"; psk_identity = "JPAKE"; if (cipher) { BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); goto end; } cipher = "PSK"; } } #endif #endif SSL_load_error_strings(); SSL_load_error_strings(); Loading Loading @@ -1648,7 +1644,7 @@ bad: if (vpm) if (vpm) SSL_CTX_set1_param(ctx, vpm); SSL_CTX_set1_param(ctx, vpm); if (!args_ssl_call(ctx, bio_err, cctx, ssl_args, no_ecdhe)) if (!args_ssl_call(ctx, bio_err, cctx, ssl_args, no_ecdhe, no_jpake)) goto end; goto end; if (!ssl_load_stores(ctx, vfyCApath, vfyCAfile, chCApath, chCAfile)) if (!ssl_load_stores(ctx, vfyCApath, vfyCAfile, chCApath, chCAfile)) Loading Loading @@ -1712,7 +1708,7 @@ bad: if (vpm) if (vpm) SSL_CTX_set1_param(ctx2, vpm); SSL_CTX_set1_param(ctx2, vpm); if (!args_ssl_call(ctx2, bio_err, cctx, ssl_args, no_ecdhe)) if (!args_ssl_call(ctx2, bio_err, cctx, ssl_args, no_ecdhe, no_jpake)) goto end; goto end; } } Loading Loading @@ -2011,6 +2007,10 @@ end: sk_OPENSSL_STRING_free(ssl_args); sk_OPENSSL_STRING_free(ssl_args); if (cctx) if (cctx) SSL_CONF_CTX_free(cctx); SSL_CONF_CTX_free(cctx); #ifndef OPENSSL_NO_JPAKE if (jpake_secret && psk_key) OPENSSL_free(psk_key); #endif if (bio_s_out != NULL) if (bio_s_out != NULL) { { BIO_free(bio_s_out); BIO_free(bio_s_out); Loading Loading
apps/apps.c +6 −0 Original line number Original line Diff line number Diff line Loading @@ -2726,6 +2726,9 @@ void jpake_client_auth(BIO *out, BIO *conn, const char *secret) BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n"); BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n"); if (psk_key) OPENSSL_free(psk_key); psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx)); psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx)); BIO_pop(bconn); BIO_pop(bconn); Loading Loading @@ -2755,6 +2758,9 @@ void jpake_server_auth(BIO *out, BIO *conn, const char *secret) BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n"); BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n"); if (psk_key) OPENSSL_free(psk_key); psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx)); psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx)); BIO_pop(bconn); BIO_pop(bconn); Loading
apps/s_apps.h +1 −1 Original line number Original line Diff line number Diff line Loading @@ -195,5 +195,5 @@ int load_excert(SSL_EXCERT **pexc, BIO *err); int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx, int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx, int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr); int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr); int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx, int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx, STACK_OF(OPENSSL_STRING) *str, int no_ecdhe); STACK_OF(OPENSSL_STRING) *str, int no_ecdhe, int no_jpake); #endif #endif
apps/s_cb.c +19 −1 Original line number Original line Diff line number Diff line Loading @@ -1545,7 +1545,7 @@ int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx, } } int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx, int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx, STACK_OF(OPENSSL_STRING) *str, int no_ecdhe) STACK_OF(OPENSSL_STRING) *str, int no_ecdhe, int no_jpake) { { int i; int i; SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); Loading @@ -1558,6 +1558,13 @@ int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx, */ */ if (!no_ecdhe && !strcmp(param, "-named_curve")) if (!no_ecdhe && !strcmp(param, "-named_curve")) no_ecdhe = 1; no_ecdhe = 1; #ifndef OPENSSL_NO_JPAKE if (!no_jpake && !strcmp(param, "-cipher")) { BIO_puts(err, "JPAKE sets cipher to PSK\n"); return 0; } #endif if (SSL_CONF_cmd(cctx, param, value) <= 0) if (SSL_CONF_cmd(cctx, param, value) <= 0) { { BIO_printf(err, "Error with command: \"%s %s\"\n", BIO_printf(err, "Error with command: \"%s %s\"\n", Loading @@ -1579,5 +1586,16 @@ int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx, return 0; return 0; } } } } #ifndef OPENSSL_NO_JPAKE if (!no_jpake) { if (SSL_CONF_cmd(cctx, "-cipher", "PSK") <= 0) { BIO_puts(err, "Error setting cipher to PSK\n"); ERR_print_errors(err); return 0; } } #endif return 1; return 1; } }
apps/s_client.c +9 −8 Original line number Original line Diff line number Diff line Loading @@ -618,7 +618,10 @@ int MAIN(int argc, char **argv) int enable_timeouts = 0 ; int enable_timeouts = 0 ; long socket_mtu = 0; long socket_mtu = 0; #ifndef OPENSSL_NO_JPAKE #ifndef OPENSSL_NO_JPAKE char *jpake_secret = NULL; static char *jpake_secret = NULL; #define no_jpake !jpake_secret #else #define no_jpake 1 #endif #endif #ifndef OPENSSL_NO_SRP #ifndef OPENSSL_NO_SRP char * srppass = NULL; char * srppass = NULL; Loading Loading @@ -997,12 +1000,6 @@ bad: goto end; goto end; } } psk_identity = "JPAKE"; psk_identity = "JPAKE"; if (cipher) { BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); goto end; } cipher = "PSK"; } } #endif #endif Loading Loading @@ -1120,7 +1117,7 @@ bad: if (vpm) if (vpm) SSL_CTX_set1_param(ctx, vpm); SSL_CTX_set1_param(ctx, vpm); if (!args_ssl_call(ctx, bio_err, cctx, ssl_args, 1)) if (!args_ssl_call(ctx, bio_err, cctx, ssl_args, 1, no_jpake)) { { ERR_print_errors(bio_err); ERR_print_errors(bio_err); goto end; goto end; Loading Loading @@ -1932,6 +1929,10 @@ end: sk_OPENSSL_STRING_free(ssl_args); sk_OPENSSL_STRING_free(ssl_args); if (cctx) if (cctx) SSL_CONF_CTX_free(cctx); SSL_CONF_CTX_free(cctx); #ifndef OPENSSL_NO_JPAKE if (jpake_secret && psk_key) OPENSSL_free(psk_key); #endif if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); } if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); } if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); } if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); } if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); } if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); } Loading
apps/s_server.c +9 −9 Original line number Original line Diff line number Diff line Loading @@ -930,6 +930,9 @@ int MAIN(int, char **); #ifndef OPENSSL_NO_JPAKE #ifndef OPENSSL_NO_JPAKE static char *jpake_secret = NULL; static char *jpake_secret = NULL; #define no_jpake !jpake_secret #else #define no_jpake 1 #endif #endif #ifndef OPENSSL_NO_SRP #ifndef OPENSSL_NO_SRP static srpsrvparm srp_callback_parm; static srpsrvparm srp_callback_parm; Loading Loading @@ -1417,14 +1420,7 @@ bad: goto end; goto end; } } psk_identity = "JPAKE"; psk_identity = "JPAKE"; if (cipher) { BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); goto end; } cipher = "PSK"; } } #endif #endif SSL_load_error_strings(); SSL_load_error_strings(); Loading Loading @@ -1648,7 +1644,7 @@ bad: if (vpm) if (vpm) SSL_CTX_set1_param(ctx, vpm); SSL_CTX_set1_param(ctx, vpm); if (!args_ssl_call(ctx, bio_err, cctx, ssl_args, no_ecdhe)) if (!args_ssl_call(ctx, bio_err, cctx, ssl_args, no_ecdhe, no_jpake)) goto end; goto end; if (!ssl_load_stores(ctx, vfyCApath, vfyCAfile, chCApath, chCAfile)) if (!ssl_load_stores(ctx, vfyCApath, vfyCAfile, chCApath, chCAfile)) Loading Loading @@ -1712,7 +1708,7 @@ bad: if (vpm) if (vpm) SSL_CTX_set1_param(ctx2, vpm); SSL_CTX_set1_param(ctx2, vpm); if (!args_ssl_call(ctx2, bio_err, cctx, ssl_args, no_ecdhe)) if (!args_ssl_call(ctx2, bio_err, cctx, ssl_args, no_ecdhe, no_jpake)) goto end; goto end; } } Loading Loading @@ -2011,6 +2007,10 @@ end: sk_OPENSSL_STRING_free(ssl_args); sk_OPENSSL_STRING_free(ssl_args); if (cctx) if (cctx) SSL_CONF_CTX_free(cctx); SSL_CONF_CTX_free(cctx); #ifndef OPENSSL_NO_JPAKE if (jpake_secret && psk_key) OPENSSL_free(psk_key); #endif if (bio_s_out != NULL) if (bio_s_out != NULL) { { BIO_free(bio_s_out); BIO_free(bio_s_out); Loading
