Add support for client cert engine setting in s_client app.
Add appropriate #ifdefs round client cert functions in headers.
This commit is contained in:
		| @@ -404,7 +404,8 @@ int MAIN(int argc, char **argv) | ||||
| 	int mbuf_len=0; | ||||
| #ifndef OPENSSL_NO_ENGINE | ||||
| 	char *engine_id=NULL; | ||||
| 	ENGINE *e=NULL; | ||||
| 	char *ssl_client_engine_id=NULL; | ||||
| 	ENGINE *e=NULL, *ssl_client_engine=NULL; | ||||
| #endif | ||||
| #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) | ||||
| 	struct timeval tv; | ||||
| @@ -670,6 +671,11 @@ int MAIN(int argc, char **argv) | ||||
| 			if (--argc < 1) goto bad; | ||||
| 			engine_id = *(++argv); | ||||
| 			} | ||||
| 		else if	(strcmp(*argv,"-ssl_client_engine") == 0) | ||||
| 			{ | ||||
| 			if (--argc < 1) goto bad; | ||||
| 			ssl_client_engine_id = *(++argv); | ||||
| 			} | ||||
| #endif | ||||
| 		else if (strcmp(*argv,"-rand") == 0) | ||||
| 			{ | ||||
| @@ -705,6 +711,17 @@ bad: | ||||
|  | ||||
| #ifndef OPENSSL_NO_ENGINE | ||||
|         e = setup_engine(bio_err, engine_id, 1); | ||||
| 	if (ssl_client_engine_id) | ||||
| 		{ | ||||
| 		ssl_client_engine = ENGINE_by_id(ssl_client_engine_id); | ||||
| 		if (!ssl_client_engine) | ||||
| 			{ | ||||
| 			BIO_printf(bio_err, | ||||
| 					"Error getting client auth engine\n"); | ||||
| 			goto end; | ||||
| 			} | ||||
| 		} | ||||
|  | ||||
| #endif | ||||
| 	if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) | ||||
| 		{ | ||||
| @@ -772,6 +789,20 @@ bad: | ||||
| 		goto end; | ||||
| 		} | ||||
|  | ||||
| #ifndef OPENSSL_NO_ENGINE | ||||
| 	if (ssl_client_engine) | ||||
| 		{ | ||||
| 		if (!SSL_CTX_set_client_cert_engine(ctx, ssl_client_engine)) | ||||
| 			{ | ||||
| 			BIO_puts(bio_err, "Error setting client auth engine\n"); | ||||
| 			ERR_print_errors(bio_err); | ||||
| 			ENGINE_free(ssl_client_engine); | ||||
| 			goto end; | ||||
| 			} | ||||
| 		ENGINE_free(ssl_client_engine); | ||||
| 		} | ||||
| #endif | ||||
|  | ||||
| #ifndef OPENSSL_NO_PSK | ||||
| 	if (psk_key != NULL) | ||||
| 		{ | ||||
|   | ||||
| @@ -334,6 +334,9 @@ void ENGINE_load_nuron(void); | ||||
| void ENGINE_load_sureware(void); | ||||
| void ENGINE_load_ubsec(void); | ||||
| void ENGINE_load_padlock(void); | ||||
| #ifndef OPENSSL_NO_CAPIENG | ||||
| void ENGINE_load_capi(void); | ||||
| #endif | ||||
| #ifndef OPENSSL_NO_GMP | ||||
| void ENGINE_load_gmp(void); | ||||
| #endif | ||||
| @@ -343,9 +346,6 @@ void ENGINE_load_gost(void); | ||||
| #endif | ||||
| void ENGINE_load_cryptodev(void); | ||||
| void ENGINE_load_builtin_engines(void); | ||||
| #ifndef OPENSSL_NO_CAPIENG | ||||
| void ENGINE_load_capi(void); | ||||
| #endif | ||||
|  | ||||
| /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation | ||||
|  * "registry" handling. */ | ||||
|   | ||||
| @@ -895,7 +895,9 @@ void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(const SSL *ssl,int type, | ||||
| void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,int type,int val); | ||||
| void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)); | ||||
| int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey); | ||||
| #ifndef OPENSSL_NO_ENGINE | ||||
| int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e); | ||||
| #endif | ||||
| void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)); | ||||
| void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len)); | ||||
|  | ||||
|   | ||||
		Reference in New Issue
	
	Block a user
	 Dr. Stephen Henson
					Dr. Stephen Henson