diff options
Diffstat (limited to 'crypto/openssl/apps/s_client.c')
| -rw-r--r-- | crypto/openssl/apps/s_client.c | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/crypto/openssl/apps/s_client.c b/crypto/openssl/apps/s_client.c index 0b06b6c0b632b..19545e24bd0f1 100644 --- a/crypto/openssl/apps/s_client.c +++ b/crypto/openssl/apps/s_client.c @@ -290,6 +290,7 @@ static void sc_usage(void) BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); + BIO_printf(bio_err," -verify_return_error - return verification errors\n"); BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n"); BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n"); BIO_printf(bio_err," -key arg - Private key file to use, in cert file if\n"); @@ -300,6 +301,7 @@ static void sc_usage(void) BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); BIO_printf(bio_err," -reconnect - Drop and re-make the connection with the same Session-ID\n"); BIO_printf(bio_err," -pause - sleep(1) after each read(2) and write(2) system call\n"); + BIO_printf(bio_err," -prexit - print session information even on connection failure\n"); BIO_printf(bio_err," -showcerts - show all certificates in the chain\n"); BIO_printf(bio_err," -debug - extra output\n"); #ifdef WATT32 @@ -327,10 +329,12 @@ static void sc_usage(void) BIO_printf(bio_err," -srppass arg - password for 'user'\n"); BIO_printf(bio_err," -srp_lateuser - SRP username into second ClientHello message\n"); BIO_printf(bio_err," -srp_moregroups - Tolerate other than the known g N values.\n"); - BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N); + BIO_printf(bio_err," -srp_strength int - minimal length in bits for N (default %d).\n",SRP_MINIMAL_N); #endif BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); +#ifndef OPENSSL_NO_SSL3_METHOD BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); +#endif BIO_printf(bio_err," -tls1_2 - just use TLSv1.2\n"); BIO_printf(bio_err," -tls1_1 - just use TLSv1.1\n"); BIO_printf(bio_err," -tls1 - just use TLSv1\n"); @@ -805,7 +809,7 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-ssl2") == 0) meth=SSLv2_client_method(); #endif -#ifndef OPENSSL_NO_SSL3 +#ifndef OPENSSL_NO_SSL3_METHOD else if (strcmp(*argv,"-ssl3") == 0) meth=SSLv3_client_method(); #endif @@ -1317,10 +1321,22 @@ re_start: BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); } - if (socket_mtu > 28) + if (socket_mtu) { + if(socket_mtu < DTLS_get_link_min_mtu(con)) + { + BIO_printf(bio_err,"MTU too small. Must be at least %ld\n", + DTLS_get_link_min_mtu(con)); + BIO_free(sbio); + goto shut; + } SSL_set_options(con, SSL_OP_NO_QUERY_MTU); - SSL_set_mtu(con, socket_mtu - 28); + if(!DTLS_set_link_mtu(con, socket_mtu)) + { + BIO_printf(bio_err, "Failed to set MTU\n"); + BIO_free(sbio); + goto shut; + } } else /* want to do MTU discovery */ |