Lines Matching +full:no +full:- +full:srtp
2 * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
73 static int accept_socket = -1;
109 * We define this but make it always be 0 in no-dtls builds to simplify the
137 * possible to use a single callback for all protocol versions - but it in psk_server_cb()
289 wbuf->alloced = 1024; in ebcdic_new()
290 wbuf->buff[0] = '\0'; in ebcdic_new()
341 if (inl > (num = wbuf->alloced)) { in ebcdic_write()
348 wbuf->alloced = num; in ebcdic_write()
349 wbuf->buff[0] = '\0'; in ebcdic_write()
354 ebcdic2ascii(wbuf->buff, in, inl); in ebcdic_write()
356 ret = BIO_write(next, wbuf->buff, inl); in ebcdic_write()
386 /* return(BIO_gets(bp->next_bio,buf,size));*/ in ebcdic_gets()
387 for (i = 0; i < size - 1; ++i) { in ebcdic_gets()
421 if (servername != NULL && p->biodebug != NULL) { in ssl_servername_cb()
425 BIO_printf(p->biodebug, "Hostname in TLS extension: \""); in ssl_servername_cb()
427 BIO_printf(p->biodebug, in ssl_servername_cb()
429 BIO_printf(p->biodebug, "\"\n"); in ssl_servername_cb()
432 if (p->servername == NULL) in ssl_servername_cb()
436 if (OPENSSL_strcasecmp(servername, p->servername)) in ssl_servername_cb()
437 return p->extension_error; in ssl_servername_cb()
439 BIO_printf(p->biodebug, "Switching server context.\n"); in ssl_servername_cb()
449 /* File to load OCSP Response from (or NULL if no file) */
458 static tlsextstatusctx tlscstatp = { -1 };
494 if (srctx->verbose) in get_ocsp_resp_from_responder()
498 if (srctx->host == NULL) { in get_ocsp_resp_from_responder()
500 "cert_status: no AIA and no default responder URL\n"); in get_ocsp_resp_from_responder()
503 host = srctx->host; in get_ocsp_resp_from_responder()
504 path = srctx->path; in get_ocsp_resp_from_responder()
505 port = srctx->port; in get_ocsp_resp_from_responder()
506 use_ssl = srctx->use_ssl; in get_ocsp_resp_from_responder()
508 proxy = srctx->proxy; in get_ocsp_resp_from_responder()
509 no_proxy = srctx->no_proxy; in get_ocsp_resp_from_responder()
538 if (!OCSP_REQUEST_add_ext(req, ext, -1)) in get_ocsp_resp_from_responder()
542 use_ssl, NULL /* headers */, srctx->timeout); in get_ocsp_resp_from_responder()
583 if (srctx->verbose) in cert_status_cb()
586 if (srctx->respin != NULL) { in cert_status_cb()
587 BIO *derbio = bio_open_default(srctx->respin, 'r', FORMAT_ASN1); in cert_status_cb()
609 if (srctx->verbose) { in cert_status_cb()
638 *data = next_proto->data; in next_proto_cb()
639 *len = next_proto->len; in next_proto_cb()
670 ((unsigned char **)out, outlen, alpn_ctx->data, alpn_ctx->len, in, in alpn_cb()
730 {"help", OPT_HELP, '-', "Display this summary"},
734 {"trace", OPT_TRACE, '-', "trace protocol messages"},
747 {"unlink", OPT_UNLINK, '-', "For -unix, unlink existing socket first"},
749 {"4", OPT_4, '-', "Use IPv4 only"},
750 {"6", OPT_6, '-', "Use IPv6 only"},
757 {"no-CAfile", OPT_NOCAFILE, '-',
759 {"no-CApath", OPT_NOCAPATH, '-',
761 {"no-CAstore", OPT_NOCASTORE, '-',
763 {"nocert", OPT_NOCERT, '-', "Don't use any certificates (Anon-DH)"},
772 "Server certificate file format (PEM/DER/P12); has no effect"},
775 {"build_chain", OPT_BUILD_CHAIN, '-', "Build server certificate chain"},
779 "Private key file to use; default is -cert file or else" TEST_CERT},
781 "-Private Key file to use for servername if not in -cert2"},
787 "Second server certificate file format (PEM/DER/P12); has no effect"},
799 {"servername_fatal", OPT_SERVERNAME_FATAL, '-',
801 {"nbio_test", OPT_NBIO_TEST, '-', "Test with the non-blocking test bio"},
802 {"crlf", OPT_CRLF, '-', "Convert LF from terminal into CRLF"},
803 {"quiet", OPT_QUIET, '-', "No server output"},
804 {"no_resume_ephemeral", OPT_NO_RESUME_EPHEMERAL, '-',
806 {"www", OPT_WWW, '-', "Respond to a 'GET /' with a status page"},
807 {"WWW", OPT_UPPER_WWW, '-', "Respond to a 'GET with the file ./path"},
808 {"ignore_unexpected_eof", OPT_IGNORE_UNEXPECTED_EOF, '-',
810 {"tlsextdebug", OPT_TLSEXTDEBUG, '-',
812 {"HTTP", OPT_HTTP, '-', "Like -WWW but ./path includes HTTP headers"},
821 {"crl_download", OPT_CRL_DOWNLOAD, '-',
835 {"no_cache", OPT_NO_CACHE, '-', "Disable session cache"},
836 {"ext_cache", OPT_EXT_CACHE, '-',
838 {"verify_return_error", OPT_VERIFY_RET_ERROR, '-',
840 {"verify_quiet", OPT_VERIFY_QUIET, '-',
841 "No verify output except verify errors"},
842 {"ign_eof", OPT_IGN_EOF, '-', "Ignore input EOF (default when -quiet)"},
843 {"no_ign_eof", OPT_NO_IGN_EOF, '-', "Do not ignore input EOF"},
847 {"status", OPT_STATUS, '-', "Request certificate status from server"},
848 {"status_verbose", OPT_STATUS_VERBOSE, '-',
864 {"security_debug", OPT_SECURITY_DEBUG, '-',
866 {"security_debug_verbose", OPT_SECURITY_DEBUG_VERBOSE, '-',
868 {"brief", OPT_BRIEF, '-',
870 {"rev", OPT_REV, '-',
872 {"debug", OPT_DEBUG, '-', "Print more output"},
873 {"msg", OPT_MSG, '-', "Show protocol messages"},
875 "File to send output of -msg or -trace, instead of stdout"},
876 {"state", OPT_STATE, '-', "Print the SSL states"},
877 {"async", OPT_ASYNC, '-', "Operate in asynchronous mode"},
884 {"nbio", OPT_NBIO, '-', "Use non-blocking IO"},
885 {"timeout", OPT_TIMEOUT, '-', "Enable timeouts"},
886 {"mtu", OPT_MTU, 'p', "Set link-layer MTU"},
911 {"early_data", OPT_EARLY_DATA, '-', "Attempt to read early data"},
914 {"anti_replay", OPT_ANTI_REPLAY, '-', "Switch on anti-replay protection (default)"},
915 {"no_anti_replay", OPT_NO_ANTI_REPLAY, '-', "Switch off anti-replay protection"},
916 …ver_binmode", OPT_HTTP_SERVER_BINMODE, '-', "opening files in binary mode when acting as http serv…
917 {"no_ca_names", OPT_NOCANAMES, '-',
919 {"stateless", OPT_STATELESS, '-', "Require TLSv1.3 cookies"},
921 {"ssl3", OPT_SSL3, '-', "Just talk SSLv3"},
924 {"tls1", OPT_TLS1, '-', "Just talk TLSv1"},
927 {"tls1_1", OPT_TLS1_1, '-', "Just talk TLSv1.1"},
930 {"tls1_2", OPT_TLS1_2, '-', "just talk TLSv1.2"},
933 {"tls1_3", OPT_TLS1_3, '-', "just talk TLSv1.3"},
936 {"dtls", OPT_DTLS, '-', "Use any DTLS version"},
937 {"listen", OPT_LISTEN, '-',
941 {"dtls1", OPT_DTLS1, '-', "Just talk DTLSv1"},
944 {"dtls1_2", OPT_DTLS1_2, '-', "Just talk DTLSv1.2"},
947 {"sctp", OPT_SCTP, '-', "Use SCTP"},
948 {"sctp_label_bug", OPT_SCTP_LABEL_BUG, '-', "Enable SCTP label length bug"},
952 "Offer SRTP key management with a colon-separated profile list"},
954 {"no_dhe", OPT_NO_DHE, '-', "Disable ephemeral DH"},
957 "Set the advertised protocols for the NPN extension (comma-separated list)"},
960 "Set the advertised protocols for the ALPN extension (comma-separated list)"},
962 {"sendfile", OPT_SENDFILE, '-', "Use sendfile to response file with -WWW"},
1006 int rev = 0, naccept = -1, sdebug = 0; in s_server_main()
1050 int max_early_data = -1, recv_max_early_data = -1; in s_server_main()
1091 "Cannot supply both a protocol flag and '-no_<prot>'\n"); in s_server_main()
1098 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); in s_server_main()
1140 "%s: -port argument malformed or ambiguous\n", in s_server_main()
1155 "%s: -accept argument malformed or ambiguous\n", in s_server_main()
1380 BIO_printf(bio_err, "Error parsing -status_url argument\n"); in s_server_main()
1629 if (max_early_data == -1) in s_server_main()
1649 /* No extra arguments. */ in s_server_main()
1659 BIO_printf(bio_err, "Cannot supply -nextprotoneg with TLSv1.3\n"); in s_server_main()
1665 BIO_printf(bio_err, "Can't use -HTTP, -www or -WWW with DTLS\n"); in s_server_main()
1670 BIO_printf(bio_err, "Can only use -listen with DTLS\n"); in s_server_main()
1675 BIO_printf(bio_err, "Can't use -rev with DTLS\n"); in s_server_main()
1681 BIO_printf(bio_err, "Can only use --stateless with TLS\n"); in s_server_main()
1694 "Can't use -early_data in combination with -www, -WWW, -HTTP, or -rev\n"); in s_server_main()
1701 BIO_printf(bio_err, "Can't use -sctp without DTLS\n"); in s_server_main()
1711 BIO_printf(bio_err, "Can't use -sendfile without -WWW or -HTTP\n"); in s_server_main()
1935 BIO_printf(bio_err, "Error setting SRTP profile\n"); in s_server_main()
2128 BIO_printf(bio_s_out, "PSK warning: there is NO identity hint in TLSv1.3\n"); in s_server_main()
2313 case BIO_CB_READ: /* No break here */ in count_reads_callback()
2362 ret = -1; in sv_body()
2375 ret = -1; in sv_body()
2381 ret = -1; in sv_body()
2412 ret = -1; in sv_body()
2419 ret = -1; in sv_body()
2448 ret = -1; in sv_body()
2490 /* Just keep trying - busy waiting */ in sv_body()
2509 BIO_printf(bio_s_out, "No early data received\n"); in sv_body()
2546 * Under DOS (non-djgpp) and Windows we can't select on stdin: in sv_body()
2587 for (j = i - 1; j >= 0; j--) { in sv_body()
2590 lf_num--; in sv_body()
2606 ret = -11; in sv_body()
2615 * close_accept_socket(); ret= -11; in sv_body()
2622 printf("SSL_do_handshake -> %d\n", i); in sv_body()
2632 printf("SSL_do_handshake -> %d\n", i); in sv_body()
2642 printf("SSL_do_handshake -> %d\n", i); in sv_body()
2654 printf("SSL_do_handshake -> %d\n", i); in sv_body()
2661 BIO_write(SSL_get_wbio(con), str, sizeof(str) -1); in sv_body()
2724 i -= k; in sv_body()
2754 ret = -1; in sv_body()
2856 BIO_printf(bio_err, "ERROR - memory\n"); in init_ssl_connection()
2865 int fd = -1; in init_ssl_connection()
2874 BIO_printf(bio_err, "ERROR - unable to connect\n"); in init_ssl_connection()
2998 BIO_printf(bio_s_out, "SRTP Extension negotiated, profile=%s\n", in print_connection_info()
2999 srtp_profile->name); in print_connection_info()
3003 BIO_printf(bio_s_out, "Reused session-id\n"); in print_connection_info()
3117 /* No need to free |con| after this. Done by BIO_free(ssl_bio) */ in www_body()
3184 BIO_printf(bio_s_out, "SSL_renegotiate -> %d\n", i); in www_body()
3213 "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); in www_body()
3252 BIO_printf(io, "%-11s:%-25s ", in www_body()
3261 "---\nCiphers common between both SSL end points:\n"); in www_body()
3265 BIO_write(io, space, 26 - j); in www_body()
3283 ? "---\nReused, " : "---\nNew, ")); in www_body()
3288 BIO_printf(io, "---\n"); in www_body()
3290 BIO_printf(io, "---\n"); in www_body()
3298 BIO_puts(io, "no client certificate available\n"); in www_body()
3307 "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"; in www_body()
3319 dot = -1; in www_body()
3331 dot = (e[0] == '/' || e[0] == '\\') ? -1 : 0; in www_body()
3337 dot = (dot == 3) || (dot == -1); /* filename contains ".." in www_body()
3379 if (((i > 5) && (strcmp(&(p[i - 5]), ".html") == 0)) || in www_body()
3380 ((i > 4) && (strcmp(&(p[i - 4]), ".php") == 0)) || in www_body()
3381 ((i > 4) && (strcmp(&(p[i - 4]), ".htm") == 0))) in www_body()
3383 "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); in www_body()
3386 "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"); in www_body()
3421 filesize -= i; in www_body()
3455 k = BIO_write(io, &(buf[j]), i - j); in www_body()
3484 /* make sure we re-use sessions */ in www_body()
3542 /* No need to free |con| after this. Done by BIO_free(ssl_bio) */ in rev_body()
3618 char *p = buf + i - 1; in rev_body()
3620 p--; in rev_body()
3621 i--; in rev_body()
3641 /* make sure we re-use sessions */ in rev_body()
3664 * is too long, clip it - but there will be worse effects anyway, eg. in generate_session_id()
3681 * By default s_server uses an in-memory cache which caches SSL_SESSION
3702 SSL_SESSION_get_id(session, &sess->idlen); in add_session()
3703 sess->derlen = i2d_SSL_SESSION(session, NULL); in add_session()
3704 if (sess->derlen < 0) { in add_session()
3710 sess->id = OPENSSL_memdup(SSL_SESSION_get_id(session, NULL), sess->idlen); in add_session()
3711 sess->der = app_malloc(sess->derlen, "get session buffer"); in add_session()
3712 if (!sess->id) { in add_session()
3714 OPENSSL_free(sess->id); in add_session()
3715 OPENSSL_free(sess->der); in add_session()
3719 p = sess->der; in add_session()
3722 if (i2d_SSL_SESSION(session, &p) != sess->derlen) { in add_session()
3724 OPENSSL_free(sess->id); in add_session()
3725 OPENSSL_free(sess->der); in add_session()
3730 sess->next = first; in add_session()
3741 for (sess = first; sess; sess = sess->next) { in get_session()
3742 if (idlen == (int)sess->idlen && !memcmp(sess->id, id, idlen)) { in get_session()
3743 const unsigned char *p = sess->der; in get_session()
3745 return d2i_SSL_SESSION(NULL, &p, sess->derlen); in get_session()
3758 for (sess = first; sess; sess = sess->next) { in del_session()
3759 if (idlen == sess->idlen && !memcmp(sess->id, id, idlen)) { in del_session()
3761 prev->next = sess->next; in del_session()
3763 first = sess->next; in del_session()
3764 OPENSSL_free(sess->id); in del_session()
3765 OPENSSL_free(sess->der); in del_session()
3787 OPENSSL_free(sess->id); in free_sessions()
3788 OPENSSL_free(sess->der); in free_sessions()
3790 sess = sess->next; in free_sessions()