generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

New option to enable/disable connection to unpatched servers

Browse Source
This commit is contained in:
Dr. Stephen Henson
2009-12-16 20:25:59 +00:00
parent c27c9cb4f7
commit ef51b4b9b4
6 changed files with 24 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
apps/s_client.c
View File

@@ -383,7 +383,7 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
int off=0;
unsigned int off=0, clr=0;
SSL *con=NULL;
int s,k,width,state=0;
char *cbuf=NULL,*sbuf=NULL,*mbuf=NULL;
@@ -666,6 +666,10 @@ int MAIN(int argc, char **argv)
off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
else if (strcmp(*argv,"-legacy_renegotiation") == 0)
off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
else if (strcmp(*argv,"-legacy_server_connect") == 0)
{ off|=SSL_OP_LEGACY_SERVER_CONNECT; }
else if (strcmp(*argv,"-no_legacy_server_connect") == 0)
{ clr|=SSL_OP_LEGACY_SERVER_CONNECT; }
else if (strcmp(*argv,"-cipher") == 0)
{
if (--argc < 1) goto bad;
@@ -876,6 +880,9 @@ bad:
SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
else
SSL_CTX_set_options(ctx,off);
if (clr)
SSL_CTX_clear_options(ctx, clr);
/* DTLS: partial reads end up discarding unread UDP bytes :-(
* Setting read ahead solves this problem.
*/