Loading CHANGES +3 −0 Original line number Original line Diff line number Diff line Loading @@ -722,6 +722,9 @@ Changes between 0.9.8i and 0.9.8j [xx XXX xxxx] Changes between 0.9.8i and 0.9.8j [xx XXX xxxx] *) Add support for XMPP STARTTLS in s_client. [Philip Paeps <philip@freebsd.org>] *) Change the server-side SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior *) Change the server-side SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior to ensure that even with this option, only ciphersuites in the to ensure that even with this option, only ciphersuites in the server's preference list will be accepted. (Note that the option server's preference list will be accepted. (Note that the option Loading apps/s_client.c +28 −2 Original line number Original line Diff line number Diff line Loading @@ -325,7 +325,8 @@ static void sc_usage(void) BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n"); BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n"); BIO_printf(bio_err," for those protocols that support it, where\n"); BIO_printf(bio_err," for those protocols that support it, where\n"); BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", and \"ftp\" are supported.\n"); BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n"); BIO_printf(bio_err," are supported.\n"); #ifndef OPENSSL_NO_ENGINE #ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); #endif #endif Loading Loading @@ -368,7 +369,8 @@ enum PROTO_SMTP, PROTO_SMTP, PROTO_POP3, PROTO_POP3, PROTO_IMAP, PROTO_IMAP, PROTO_FTP PROTO_FTP, PROTO_XMPP, }; }; int MAIN(int, char **); int MAIN(int, char **); Loading Loading @@ -664,6 +666,8 @@ int MAIN(int argc, char **argv) starttls_proto = PROTO_IMAP; starttls_proto = PROTO_IMAP; else if (strcmp(*argv,"ftp") == 0) else if (strcmp(*argv,"ftp") == 0) starttls_proto = PROTO_FTP; starttls_proto = PROTO_FTP; else if (strcmp(*argv, "xmpp") == 0) starttls_proto = PROTO_XMPP; else else goto bad; goto bad; } } Loading Loading @@ -1118,6 +1122,28 @@ SSL_set_tlsext_status_ids(con, ids); BIO_printf(sbio,"AUTH TLS\r\n"); BIO_printf(sbio,"AUTH TLS\r\n"); BIO_read(sbio,sbuf,BUFSIZZ); BIO_read(sbio,sbuf,BUFSIZZ); } } if (starttls_proto == PROTO_XMPP) { int seen = 0; BIO_printf(sbio,"<stream:stream " "xmlns:stream='http://etherx.jabber.org/streams' " "xmlns='jabber:client' to='%s' version='1.0'>", host); seen = BIO_read(sbio,mbuf,BUFSIZZ); mbuf[seen] = 0; while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'")) { if (strstr(mbuf, "/stream:features>")) goto shut; seen = BIO_read(sbio,mbuf,BUFSIZZ); mbuf[seen] = 0; } BIO_printf(sbio, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>"); seen = BIO_read(sbio,sbuf,BUFSIZZ); sbuf[seen] = 0; if (!strstr(sbuf, "<proceed")) goto shut; mbuf[0] = 0; } for (;;) for (;;) { { Loading Loading
CHANGES +3 −0 Original line number Original line Diff line number Diff line Loading @@ -722,6 +722,9 @@ Changes between 0.9.8i and 0.9.8j [xx XXX xxxx] Changes between 0.9.8i and 0.9.8j [xx XXX xxxx] *) Add support for XMPP STARTTLS in s_client. [Philip Paeps <philip@freebsd.org>] *) Change the server-side SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior *) Change the server-side SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior to ensure that even with this option, only ciphersuites in the to ensure that even with this option, only ciphersuites in the server's preference list will be accepted. (Note that the option server's preference list will be accepted. (Note that the option Loading
apps/s_client.c +28 −2 Original line number Original line Diff line number Diff line Loading @@ -325,7 +325,8 @@ static void sc_usage(void) BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n"); BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n"); BIO_printf(bio_err," for those protocols that support it, where\n"); BIO_printf(bio_err," for those protocols that support it, where\n"); BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", and \"ftp\" are supported.\n"); BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n"); BIO_printf(bio_err," are supported.\n"); #ifndef OPENSSL_NO_ENGINE #ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); #endif #endif Loading Loading @@ -368,7 +369,8 @@ enum PROTO_SMTP, PROTO_SMTP, PROTO_POP3, PROTO_POP3, PROTO_IMAP, PROTO_IMAP, PROTO_FTP PROTO_FTP, PROTO_XMPP, }; }; int MAIN(int, char **); int MAIN(int, char **); Loading Loading @@ -664,6 +666,8 @@ int MAIN(int argc, char **argv) starttls_proto = PROTO_IMAP; starttls_proto = PROTO_IMAP; else if (strcmp(*argv,"ftp") == 0) else if (strcmp(*argv,"ftp") == 0) starttls_proto = PROTO_FTP; starttls_proto = PROTO_FTP; else if (strcmp(*argv, "xmpp") == 0) starttls_proto = PROTO_XMPP; else else goto bad; goto bad; } } Loading Loading @@ -1118,6 +1122,28 @@ SSL_set_tlsext_status_ids(con, ids); BIO_printf(sbio,"AUTH TLS\r\n"); BIO_printf(sbio,"AUTH TLS\r\n"); BIO_read(sbio,sbuf,BUFSIZZ); BIO_read(sbio,sbuf,BUFSIZZ); } } if (starttls_proto == PROTO_XMPP) { int seen = 0; BIO_printf(sbio,"<stream:stream " "xmlns:stream='http://etherx.jabber.org/streams' " "xmlns='jabber:client' to='%s' version='1.0'>", host); seen = BIO_read(sbio,mbuf,BUFSIZZ); mbuf[seen] = 0; while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'")) { if (strstr(mbuf, "/stream:features>")) goto shut; seen = BIO_read(sbio,mbuf,BUFSIZZ); mbuf[seen] = 0; } BIO_printf(sbio, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>"); seen = BIO_read(sbio,sbuf,BUFSIZZ); sbuf[seen] = 0; if (!strstr(sbuf, "<proceed")) goto shut; mbuf[0] = 0; } for (;;) for (;;) { { Loading
