Loading apps/ca.c +1 −0 Original line number Diff line number Diff line Loading @@ -1408,6 +1408,7 @@ bad: if (!NCONF_get_number(conf,section, ENV_DEFAULT_CRL_HOURS, &crlhours)) crlhours = 0; ERR_clear_error(); } if ((crldays == 0) && (crlhours == 0) && (crlsec == 0)) { Loading apps/dgst.c +2 −2 Original line number Diff line number Diff line Loading @@ -216,10 +216,10 @@ int MAIN(int argc, char **argv) out_bin = 1; else if (strcmp(*argv,"-d") == 0) debug=1; else if (strcmp(*argv,"-non-fips-allow") == 0) non_fips_allow=1; else if (!strcmp(*argv,"-fips-fingerprint")) hmac_key = "etaonrishdlcupfm"; else if (strcmp(*argv,"-non-fips-allow") == 0) non_fips_allow=1; else if (!strcmp(*argv,"-hmac")) { if (--argc < 1) Loading apps/dsaparam.c +8 −1 Original line number Diff line number Diff line Loading @@ -326,6 +326,7 @@ bad: goto end; } #endif ERR_print_errors(bio_err); BIO_printf(bio_err,"Error, DSA key generation failed\n"); goto end; } Loading Loading @@ -429,13 +430,19 @@ bad: assert(need_rand); if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end; if (!DSA_generate_key(dsakey)) goto end; if (!DSA_generate_key(dsakey)) { ERR_print_errors(bio_err); DSA_free(dsakey); goto end; } if (outformat == FORMAT_ASN1) i=i2d_DSAPrivateKey_bio(out,dsakey); else if (outformat == FORMAT_PEM) i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL,NULL); else { BIO_printf(bio_err,"bad output format specified for outfile\n"); DSA_free(dsakey); goto end; } DSA_free(dsakey); Loading apps/s_client.c +2 −2 Original line number Diff line number Diff line Loading @@ -357,7 +357,7 @@ static void sc_usage(void) BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); BIO_printf(bio_err," -status - request certificate status from server\n"); BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); # if !defined(OPENSSL_NO_NEXTPROTONEG) # ifndef OPENSSL_NO_NEXTPROTONEG BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); # endif #endif Loading Loading @@ -536,7 +536,7 @@ static int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, con ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len); return SSL_TLSEXT_ERR_OK; } # endif # endif /* ndef OPENSSL_NO_NEXTPROTONEG */ #endif enum Loading apps/s_server.c +10 −4 Original line number Diff line number Diff line Loading @@ -2433,6 +2433,7 @@ static int init_ssl_connection(SSL *con) BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf); str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len); if (next_proto_neg) Loading Loading @@ -2701,6 +2702,11 @@ static int www_body(char *hostname, int s, unsigned char *context) } BIO_puts(io,"\n"); BIO_printf(io, "Secure Renegotiation IS%s supported\n", SSL_get_secure_renegotiation_support(con) ? "" : " NOT"); /* The following is evil and should not really * be done */ BIO_printf(io,"Ciphers supported in s_server binary\n"); Loading Loading
apps/ca.c +1 −0 Original line number Diff line number Diff line Loading @@ -1408,6 +1408,7 @@ bad: if (!NCONF_get_number(conf,section, ENV_DEFAULT_CRL_HOURS, &crlhours)) crlhours = 0; ERR_clear_error(); } if ((crldays == 0) && (crlhours == 0) && (crlsec == 0)) { Loading
apps/dgst.c +2 −2 Original line number Diff line number Diff line Loading @@ -216,10 +216,10 @@ int MAIN(int argc, char **argv) out_bin = 1; else if (strcmp(*argv,"-d") == 0) debug=1; else if (strcmp(*argv,"-non-fips-allow") == 0) non_fips_allow=1; else if (!strcmp(*argv,"-fips-fingerprint")) hmac_key = "etaonrishdlcupfm"; else if (strcmp(*argv,"-non-fips-allow") == 0) non_fips_allow=1; else if (!strcmp(*argv,"-hmac")) { if (--argc < 1) Loading
apps/dsaparam.c +8 −1 Original line number Diff line number Diff line Loading @@ -326,6 +326,7 @@ bad: goto end; } #endif ERR_print_errors(bio_err); BIO_printf(bio_err,"Error, DSA key generation failed\n"); goto end; } Loading Loading @@ -429,13 +430,19 @@ bad: assert(need_rand); if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end; if (!DSA_generate_key(dsakey)) goto end; if (!DSA_generate_key(dsakey)) { ERR_print_errors(bio_err); DSA_free(dsakey); goto end; } if (outformat == FORMAT_ASN1) i=i2d_DSAPrivateKey_bio(out,dsakey); else if (outformat == FORMAT_PEM) i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL,NULL); else { BIO_printf(bio_err,"bad output format specified for outfile\n"); DSA_free(dsakey); goto end; } DSA_free(dsakey); Loading
apps/s_client.c +2 −2 Original line number Diff line number Diff line Loading @@ -357,7 +357,7 @@ static void sc_usage(void) BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); BIO_printf(bio_err," -status - request certificate status from server\n"); BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); # if !defined(OPENSSL_NO_NEXTPROTONEG) # ifndef OPENSSL_NO_NEXTPROTONEG BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); # endif #endif Loading Loading @@ -536,7 +536,7 @@ static int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, con ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len); return SSL_TLSEXT_ERR_OK; } # endif # endif /* ndef OPENSSL_NO_NEXTPROTONEG */ #endif enum Loading
apps/s_server.c +10 −4 Original line number Diff line number Diff line Loading @@ -2433,6 +2433,7 @@ static int init_ssl_connection(SSL *con) BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf); str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len); if (next_proto_neg) Loading Loading @@ -2701,6 +2702,11 @@ static int www_body(char *hostname, int s, unsigned char *context) } BIO_puts(io,"\n"); BIO_printf(io, "Secure Renegotiation IS%s supported\n", SSL_get_secure_renegotiation_support(con) ? "" : " NOT"); /* The following is evil and should not really * be done */ BIO_printf(io,"Ciphers supported in s_server binary\n"); Loading
