diff options
author | Jeremy Harris <jgh146exb@wizmail.org> | 2017-11-07 16:09:28 +0000 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2017-11-07 16:09:28 +0000 |
commit | ba86e143c7aeb0d70ea4c9d73a617a98f06f6baa (patch) | |
tree | 13d8b028088d6aec1b1436dcf3ad48addaf516fd /test/src/client.c | |
parent | ea792dac9f89e1a0b396e6c8982ff04afafe91be (diff) |
TLS: support multiple certificate files in server. Bug 2092
Diffstat (limited to 'test/src/client.c')
-rw-r--r-- | test/src/client.c | 37 |
1 files changed, 31 insertions, 6 deletions
diff --git a/test/src/client.c b/test/src/client.c index 4ac130df2..be8b1cc0d 100644 --- a/test/src/client.c +++ b/test/src/client.c @@ -103,7 +103,7 @@ static int ssl_session_timeout = 200; /* Priorities for TLS algorithms to use. */ -#if GNUTLS_VERSION_NUMBER < 0x030400 +# if GNUTLS_VERSION_NUMBER < 0x030400 static const int protocol_priority[16] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; static const int kx_priority[16] = { @@ -125,7 +125,7 @@ static const int mac_priority[16] = { 0 }; static const int comp_priority[16] = { GNUTLS_COMP_NULL, 0 }; -#endif +# endif #endif /*HAVE_GNUTLS*/ @@ -133,6 +133,7 @@ static const int comp_priority[16] = { GNUTLS_COMP_NULL, 0 }; #ifdef HAVE_TLS char * ocsp_stapling = NULL; +char * pri_string = NULL; #endif @@ -454,7 +455,7 @@ gnutls_session_t session; gnutls_init(&session, GNUTLS_CLIENT | GNUTLS_NO_EXTENSIONS); -#if GNUTLS_VERSION_NUMBER < 0x030400 +# if GNUTLS_VERSION_NUMBER < 0x030400 gnutls_cipher_set_priority(session, default_cipher_priority); gnutls_compression_set_priority(session, comp_priority); gnutls_kx_set_priority(session, kx_priority); @@ -462,10 +463,19 @@ gnutls_protocol_set_priority(session, protocol_priority); gnutls_mac_set_priority(session, mac_priority); gnutls_cred_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); -#else -gnutls_set_default_priority(session); +# else +if (pri_string) + { + gnutls_priority_t priority_cache; + const char * errpos; + + gnutls_priority_init(&priority_cache, pri_string, &errpos); + gnutls_priority_set(session, priority_cache); + } +else + gnutls_set_default_priority(session); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); -#endif +# endif gnutls_dh_set_prime_bits(session, DH_BITS); gnutls_db_set_cache_expiration(session, ssl_session_timeout); @@ -836,6 +846,10 @@ Usage: client\n" "\ [-tls-on-connect]\n\ [-ocsp]\n" +# ifdef HAVE_GNUTLS +"\ + [-p priority-string]\n" +# endif #endif "\ [-tn] n seconds timeout\n\ @@ -901,6 +915,17 @@ while (argc >= argi + 1 && argv[argi][0] == '-') } ocsp_stapling = argv[argi++]; } +# ifdef HAVE_GNUTLS + else if (strcmp(argv[argi], "-p") == 0) + { + if (argc < ++argi + 1) + { + fprintf(stderr, "Missing priority string\n"); + exit(96); + } + pri_string = argv[argi++]; + } +#endif #endif else if (argv[argi][1] == 't' && isdigit(argv[argi][2])) |